{"id": "ORACLELINUX_ELSA-2014-0475.NASL", "bulletinFamily": "scanner", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2014-05-09T00:00:00", "modified": "2018-07-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "reporter": "Tenable", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "type": "nessus", "lastseen": "2019-02-21T01:21:09", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.", "edition": 6, "enchantments": {"dependencies": {"modified": "2019-01-16T20:18:22", "references": [{"idList": ["RHSA-2014:0476", "RHSA-2014:0629", "RHSA-2014:0634", "RHSA-2014:0593", "RHSA-2014:0475"], "type": "redhat"}, {"idList": ["OPENVAS:1361412562310871165", "OPENVAS:1361412562310841783", "OPENVAS:1361412562310120205", "OPENVAS:1361412562310123413", "OPENVAS:1361412562310123416", "OPENVAS:881932", "OPENVAS:1361412562310123414", "OPENVAS:1361412562310881932", "OPENVAS:1361412562310123415", "OPENVAS:871165"], "type": "openvas"}, {"idList": ["SECURITYVULNS:DOC:30757", "SECURITYVULNS:DOC:30535"], "type": "securityvulns"}, {"idList": ["USN-2225-1", "USN-2226-1", "USN-2228-1", "USN-2173-1", "USN-2174-1", "USN-2221-1", "USN-2108-1", "USN-2223-1", "USN-2224-1", "USN-2107-1"], "type": "ubuntu"}, {"idList": ["ELSA-2014-3016", "ELSA-2014-3023", "ELSA-2014-3034", "ELSA-2014-3021", "ELSA-2014-3015", "ELSA-2014-3014", "ELSA-2014-0475", "ELSA-2014-3022"], "type": "oraclelinux"}, {"idList": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "type": "cve"}, {"idList": ["CESA-2014:0285", "CESA-2014:0475"], "type": "centos"}, {"idList": ["ALAS-2014-328"], "type": "amazon"}, {"idList": ["ORACLELINUX_ELSA-2014-3023.NASL", "REDHAT-RHSA-2014-0634.NASL", "CENTOS_RHSA-2014-0475.NASL", "REDHAT-RHSA-2014-0475.NASL", "ALA_ALAS-2014-328.NASL", "SL_20140507_KERNEL_ON_SL6_X.NASL", "REDHAT-RHSA-2014-0476.NASL", "ORACLELINUX_ELSA-2014-3021.NASL", "REDHAT-RHSA-2014-0593.NASL", "ORACLELINUX_ELSA-2014-3022.NASL"], "type": "nessus"}, {"idList": ["SSV:62091", "SSV:61843"], "type": "seebug"}]}, "score": {"value": 7.2, "vector": "NONE"}}, "hash": "6d14a301fa45a7628e940c402269278133b45c3663ebc2d5af92892097a65b00", "hashmap": [{"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "35d7d8d7f02f683cc4a314396a72d4ec", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "2e3c438f66403fd816adabf5a1b82b29", "key": "modified"}, {"hash": "1364128531cd25441fabfa2a3aa246b9", "key": "description"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2019-01-16T20:18:22", "modified": "2018-07-18T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 6, "lastseen": "2019-01-16T20:18:22"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 5, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "379c1e8d911b927a29e8e1f9365e3f060049ce86aff284e371e6e6d8a8d1629b", "hashmap": [{"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "35d7d8d7f02f683cc4a314396a72d4ec", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "2e3c438f66403fd816adabf5a1b82b29", "key": "modified"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2018-09-02T00:04:05", "modified": "2018-07-18T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["description"], "edition": 5, "lastseen": "2018-09-02T00:04:05"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 4, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "e94e070d0ad4a47dfb49e0d6d5d9333df8c12b36177d94833384f6abc31b8c3a", "hashmap": [{"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "35d7d8d7f02f683cc4a314396a72d4ec", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "2e3c438f66403fd816adabf5a1b82b29", "key": "modified"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2018-08-30T19:54:00", "modified": "2018-07-18T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-30T19:54:00"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "379c1e8d911b927a29e8e1f9365e3f060049ce86aff284e371e6e6d8a8d1629b", "hashmap": [{"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "35d7d8d7f02f683cc4a314396a72d4ec", "key": "sourceData"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "2e3c438f66403fd816adabf5a1b82b29", "key": "modified"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2018-07-21T08:28:57", "modified": "2018-07-18T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-07-21T08:28:57"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 2, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}}, "hash": "1e5edf5d83e104b78eff566dbdb34ce265648134808f0ccdbf1d5f7df0c502e0", "hashmap": [{"hash": "7682593865fe3c4bfddc41a9be4d6e7d", "key": "modified"}, {"hash": "cd0d1badcd4640189cb6e6c8f485a193", "key": "cpe"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "e751d34790f748a9f7c21ecbbf12d5a7", "key": "sourceData"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2017-10-29T13:43:41", "modified": "2016-04-28T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.3", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/04/28 19:01:50 $\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_osvdb_id(99324);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 1}, "differentElements": ["modified", "sourceData"], "edition": 2, "lastseen": "2017-10-29T13:43:41"}, {"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2013-6383", "CVE-2014-0077", "CVE-2014-2523"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "edition": 1, "enchantments": {}, "hash": "3581af1bd9aa079c17444d260d5f5d136c7e90fe2f17bd0fc0732b6bc9588bc1", "hashmap": [{"hash": "7682593865fe3c4bfddc41a9be4d6e7d", "key": "modified"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "4ff832ec2a49c4b49f130b2c0694d10b", "key": "title"}, {"hash": "d41b0395d0888bb9dd5fbd2b8f1a402d", "key": "cvelist"}, {"hash": "bada1467fd8a94b0a36d09ec60e935bc", "key": "pluginID"}, {"hash": "95f0d0ae70dcd0f0128672fc2b3db69b", "key": "href"}, {"hash": "0fc042d9dc33aa8d068f5e386d2f1a2c", "key": "description"}, {"hash": "e31ed89ab0cbb68ce2c40f17ec1e5483", "key": "naslFamily"}, {"hash": "e751d34790f748a9f7c21ecbbf12d5a7", "key": "sourceData"}, {"hash": "7ea8316fbaf9e8df2d54cca1786807fc", "key": "published"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "6e6c9fb8a4a77bba78fc4ca5150a412d", "key": "references"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=73936", "id": "ORACLELINUX_ELSA-2014-0475.NASL", "lastseen": "2016-09-26T17:26:08", "modified": "2016-04-28T00:00:00", "naslFamily": "Oracle Linux Local Security Checks", "objectVersion": "1.2", "pluginID": "73936", "published": "2014-05-09T00:00:00", "references": ["https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html"], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/04/28 19:01:50 $\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_osvdb_id(99324);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "title": "Oracle Linux 6 : kernel (ELSA-2014-0475)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 1, "lastseen": "2016-09-26T17:26:08"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "cd0d1badcd4640189cb6e6c8f485a193"}, {"key": "cvelist", "hash": "d41b0395d0888bb9dd5fbd2b8f1a402d"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "0fc042d9dc33aa8d068f5e386d2f1a2c"}, {"key": "href", "hash": "95f0d0ae70dcd0f0128672fc2b3db69b"}, {"key": "modified", "hash": "2e3c438f66403fd816adabf5a1b82b29"}, {"key": "naslFamily", "hash": "e31ed89ab0cbb68ce2c40f17ec1e5483"}, {"key": "pluginID", "hash": "bada1467fd8a94b0a36d09ec60e935bc"}, {"key": "published", "hash": "7ea8316fbaf9e8df2d54cca1786807fc"}, {"key": "references", "hash": "6e6c9fb8a4a77bba78fc4ca5150a412d"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "35d7d8d7f02f683cc4a314396a72d4ec"}, {"key": "title", "hash": "4ff832ec2a49c4b49f130b2c0694d10b"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "379c1e8d911b927a29e8e1f9365e3f060049ce86aff284e371e6e6d8a8d1629b", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-6383", "CVE-2014-2523", "CVE-2014-0077"]}, {"type": "redhat", "idList": ["RHSA-2014:0475", "RHSA-2014:0634", "RHSA-2014:0593", "RHSA-2014:0629", "RHSA-2014:0476"]}, {"type": "nessus", "idList": ["SL_20140507_KERNEL_ON_SL6_X.NASL", "CENTOS_RHSA-2014-0475.NASL", "REDHAT-RHSA-2014-0475.NASL", "REDHAT-RHSA-2014-0634.NASL", "ORACLELINUX_ELSA-2014-3021.NASL", "ORACLELINUX_ELSA-2014-3022.NASL", "REDHAT-RHSA-2014-0593.NASL", "ALA_ALAS-2014-328.NASL", "ORACLELINUX_ELSA-2014-3023.NASL", "REDHAT-RHSA-2014-0476.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:881932", "OPENVAS:1361412562310871165", "OPENVAS:1361412562310881932", "OPENVAS:1361412562310123416", "OPENVAS:871165", "OPENVAS:1361412562310123414", "OPENVAS:1361412562310123413", "OPENVAS:1361412562310120205", "OPENVAS:1361412562310123415", "OPENVAS:1361412562310841787"]}, {"type": "centos", "idList": ["CESA-2014:0475"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0475", "ELSA-2014-3021", "ELSA-2014-3022", "ELSA-2014-3023", "ELSA-2014-3016", "ELSA-2014-3015", "ELSA-2014-3034", "ELSA-2014-3014"]}, {"type": "amazon", "idList": ["ALAS-2014-328"]}, {"type": "seebug", "idList": ["SSV:61843", "SSV:62091"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30535", "SECURITYVULNS:DOC:30757"]}, {"type": "ubuntu", "idList": ["USN-2173-1", "USN-2174-1", "USN-2224-1", "USN-2228-1", "USN-2223-1", "USN-2221-1", "USN-2108-1", "USN-2107-1", "USN-2226-1", "USN-2225-1"]}], "modified": "2019-02-21T01:21:09"}, "score": {"value": 7.2, "vector": "NONE"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# Oracle Linux Security Advisory ELSA-2014-0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73936);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/07/18 17:43:57\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 65943, 66279, 66441, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0475 :\n\nUpdated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004104.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "pluginID": "73936", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "scheme": null}

{"cve": [{"lastseen": "2016-09-03T19:10:30", "bulletinFamily": "NVD", "description": "The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which allows local users to bypass intended access restrictions via a crafted ioctl call.", "modified": "2014-03-26T00:54:17", "published": "2013-11-26T23:43:33", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6383", "id": "CVE-2013-6383", "type": "cve", "title": "CVE-2013-6383", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-04-18T15:54:21", "bulletinFamily": "NVD", "description": "drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.", "modified": "2017-01-06T21:59:15", "published": "2014-04-14T19:55:07", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0077", "id": "CVE-2014-0077", "title": "CVE-2014-0077", "type": "cve", "cvss": {"score": 5.5, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}}, {"lastseen": "2017-12-16T11:24:42", "bulletinFamily": "NVD", "description": "net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.", "modified": "2017-12-15T21:29:06", "published": "2014-03-24T12:40:48", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2523", "id": "CVE-2014-2523", "title": "CVE-2014-2523", "type": "cve", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-28T18:24:07", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-0475", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123416", "title": "Oracle Linux Local Check: ELSA-2014-0475", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0475.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123416\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:30 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0475\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0475 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0475\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0475.html\");\n script_cve_id(\"CVE-2014-0077\", \"CVE-2013-6383\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:48:58", "bulletinFamily": "scanner", "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2014-05-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=881932", "id": "OPENVAS:881932", "title": "CentOS Update for kernel CESA-2014:0475 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0475 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(881932);\n script_version(\"$Revision: 6656 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:49:38 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 09:11:49 +0530 (Mon, 12 May 2014)\");\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0475 centos6 \");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any\nLinux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:0475\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-May/020285.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:55:28", "bulletinFamily": "scanner", "description": "Check for the Version of kernel", "modified": "2018-04-06T00:00:00", "published": "2014-05-12T00:00:00", "id": "OPENVAS:1361412562310881932", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881932", "title": "CentOS Update for kernel CESA-2014:0475 centos6 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0475 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881932\");\n script_version(\"$Revision: 9373 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:57:18 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 09:11:49 +0530 (Mon, 12 May 2014)\");\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0475 centos6 \");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any\nLinux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on CentOS 6\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"CESA\", value: \"2014:0475\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2014-May/020285.html\");\n script_tag(name:\"summary\", value:\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-23T15:13:55", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2014-05-12T00:00:00", "id": "OPENVAS:1361412562310871165", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871165", "title": "RedHat Update for kernel RHSA-2014:0475-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0475-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871165\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 09:14:06 +0530 (Mon, 12 May 2014)\");\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0475-01\");\n\n\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n * A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n * A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0475-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-May/msg00006.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:48:45", "bulletinFamily": "scanner", "description": "Check for the Version of kernel", "modified": "2017-07-12T00:00:00", "published": "2014-05-12T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=871165", "id": "OPENVAS:871165", "title": "RedHat Update for kernel RHSA-2014:0475-01", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0475-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(871165);\n script_version(\"$Revision: 6688 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:49:31 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-12 09:14:06 +0530 (Mon, 12 May 2014)\");\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0475-01\");\n\n tag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\";\n\n tag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"RHSA\", value: \"2014:0475-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2014-May/msg00006.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~431.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:24:47", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3021", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123413", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123413", "title": "Oracle Linux Local Check: ELSA-2014-3021", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3021.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123413\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:28 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3021\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3021 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3021\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3021.html\");\n script_cve_id(\"CVE-2014-0077\", \"CVE-2013-6383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"dtrace-modules\", rpm:\"dtrace-modules~3.8.13~26.2.4.el6uek~0.4.2~3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~3.8.13~26.2.4.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:25:14", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3022", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123414", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123414", "title": "Oracle Linux Local Check: ELSA-2014-3022", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3022.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123414\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:29 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3022\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3022 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3022\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3022.html\");\n script_cve_id(\"CVE-2014-0077\", \"CVE-2013-6383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.214.6.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~400.214.6.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-02T14:33:09", "bulletinFamily": "scanner", "description": "Amazon Linux Local Security Checks", "modified": "2018-10-01T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120205", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120205", "title": "Amazon Linux Local Check: ALAS-2014-328", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2014-328.nasl 6663 2017-07-11 09:58:05Z teissa$\n#\n# Amazon Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://ping-viini.org\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120205\");\n script_version(\"$Revision: 11711 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:20:06 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 14:30:57 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: ALAS-2014-328\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the Linux kernel. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2014-328.html\");\n script_cve_id(\"CVE-2014-2309\", \"CVE-2014-0077\", \"CVE-2014-2523\", \"CVE-2014-0055\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\nif ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.37~47.135.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n}\nif (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-28T18:24:18", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2014-3023", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123415", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123415", "title": "Oracle Linux Local Check: ELSA-2014-3023", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-3023.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123415\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:03:30 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-3023\");\n script_tag(name:\"insight\", value:\"ELSA-2014-3023 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-3023\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-3023.html\");\n script_cve_id(\"CVE-2013-6383\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.34.5.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.34.5.el5uek~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.34.5.el5uekdebug~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.34.5.el5uek~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.34.5.el5uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~400.34.5.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.34.5.el6uek~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~400.34.5.el6uekdebug~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.34.5.el6uek~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~400.34.5.el6uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:03:38", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2018-11-16T00:00:00", "published": "2014-05-02T00:00:00", "id": "OPENVAS:1361412562310841787", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841787", "title": "Ubuntu Update for linux USN-2173-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2173_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# Ubuntu Update for linux USN-2173-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841787\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-05-02 10:10:51 +0530 (Fri, 02 May 2014)\");\n script_cve_id(\"CVE-2014-0101\", \"CVE-2014-2523\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2173-1\");\n\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"A flaw was discovered in the Linux kernel's handling of SCTP\nhandshake. A remote attacker could exploit this flaw to cause a denial of\nservice (system crash). (CVE-2014-0101)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2173-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2173-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-386\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-generic\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-generic-pae\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-ia64\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-lpia\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-powerpc\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-powerpc-smp\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-powerpc64-smp\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-preempt\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-server\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-sparc64\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-sparc64-smp\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-versatile\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-58-virtual\", ver:\"2.6.32-58.120\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T19:43:11", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:22", "published": "2014-05-07T04:00:00", "id": "RHSA-2014:0475", "href": "https://access.redhat.com/errata/RHSA-2014:0475", "type": "redhat", "title": "(RHSA-2014:0475) Important: kernel security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:44:01", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2015-04-24T14:18:31", "published": "2014-06-04T04:00:00", "id": "RHSA-2014:0634", "href": "https://access.redhat.com/errata/RHSA-2014:0634", "type": "redhat", "title": "(RHSA-2014:0634) Important: kernel security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:40:50", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes the following bug:\n\n* Prior to this update, a guest-provided value was used as the head length\nof the socket buffer allocated on the host. If the host was under heavy\nmemory load and the guest-provided value was too large, the allocation\ncould have failed, resulting in stalls and packet drops in the guest's Tx\npath. With this update, the guest-provided value has been limited to a\nreasonable size so that socket buffer allocations on the host succeed\nregardless of the memory load on the host, and guests can send packets\nwithout experiencing packet drops or stalls. (BZ#1092350)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2015-04-24T14:20:45", "published": "2014-06-03T04:00:00", "id": "RHSA-2014:0593", "href": "https://access.redhat.com/errata/RHSA-2014:0593", "type": "redhat", "title": "(RHSA-2014:0593) Important: kernel security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:42:11", "bulletinFamily": "unix", "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: a subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3)\nand Transport Layer Security (TLS v1) protocols, as well as a\nfull-strength, general purpose cryptography library.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nIt was found that OpenSSL clients and servers could be forced, via a\nspecially crafted handshake packet, to use weak keying material for\ncommunication. A man-in-the-middle attacker could use this flaw to decrypt\nand modify traffic between a client and a server. (CVE-2014-0224)\n\nNote: In order to exploit this flaw, both the server and the client must be\nusing a vulnerable version of OpenSSL; the server must be using OpenSSL\nversion 1.0.1 and above, and the client must be using any version of\nOpenSSL. For more information about this flaw, refer to:\nhttps://access.redhat.com/site/articles/904433\n\nA flaw was found in the way the handle_rx() function handled large network\npackets when mergeable buffers were disabled. A privileged guest user could\nuse this flaw to crash the host or corrupt QEMU process memory on the host,\nwhich could potentially result in arbitrary code execution on the host with\nthe privileges of the QEMU process. (CVE-2014-0077)\n\nRed Hat would like to thank the OpenSSL project for reporting\nCVE-2014-0224. Upstream acknowledges KIKUCHI Masashi of Lepidum as the\noriginal reporter of CVE-2014-0224. The CVE-2014-0077 issue was discovered\nby Michael S. Tsirkin of Red Hat.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2014-0015 and CVE-2014-0138 (curl issues)\n\nCVE-2014-2523 and CVE-2013-6383 (kernel issues)\n\nCVE-2014-0179 (libvirt issue)\n\nCVE-2010-5298, CVE-2014-0198, CVE-2014-0221, CVE-2014-0195, and\nCVE-2014-3470 (openssl issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which corrects these issues.\n", "modified": "2018-06-07T08:59:39", "published": "2014-06-05T04:00:00", "id": "RHSA-2014:0629", "href": "https://access.redhat.com/errata/RHSA-2014:0629", "type": "redhat", "title": "(RHSA-2014:0629) Important: rhev-hypervisor6 security update", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:40:54", "bulletinFamily": "unix", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver implementation\nhandled SNMP IOCTL requests with an out-of-bounds length. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2013-6381, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\nThis update also fixes the following bug:\n\n* Running a process in the background on a GFS2 file system could sometimes\ntrigger a glock recursion error that resulted in a kernel panic. This\nhappened when a readpage operation attempted to take a glock that had\nalready been held by another function. To prevent this error, GFS2 now\nverifies whether the glock is already held when performing the readpage\noperation. (BZ#1077789)\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n", "modified": "2017-09-08T11:57:33", "published": "2014-05-07T04:00:00", "id": "RHSA-2014:0476", "href": "https://access.redhat.com/errata/RHSA-2014:0476", "type": "redhat", "title": "(RHSA-2014:0476) Important: kernel security and bug fix update", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe system must be rebooted for this update to take effect.", "modified": "2018-12-28T00:00:00", "id": "SL_20140507_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73938", "published": "2014-05-09T00:00:00", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73938);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/12/28 10:10:35\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1405&L=scientific-linux-errata&T=0&P=310\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e942d87f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"i386\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2014-0475.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73923", "published": "2014-05-09T00:00:00", "title": "CentOS 6 : kernel (CESA-2014:0475)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0475 and \n# CentOS Errata and Security Advisory 2014:0475 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73923);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:31\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 66279, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2014:0475)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-May/020285.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c41d87f0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2014-0475.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73937", "published": "2014-05-09T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0475)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0475. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73937);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 66279, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0475\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0475)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b506c4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0475\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0077\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0475\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-abi-whitelists-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-431.17.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:45", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix three security issues and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2014-0634.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79028", "published": "2014-11-08T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0634)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0634. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79028);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\", \"CVE-2014-2523\");\n script_bugtraq_id(63888, 66279, 66678);\n script_xref(name:\"RHSA\", value:\"2014:0634\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0634)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix three security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.4 Extended\nUpdate Support.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6b506c4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0077\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0634\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-358.44.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Description of changes:\n\nkernel-uek [3.8.13-26.2.4.el6uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721961] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721976] {CVE-2014-0077}", "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2014-3021.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73959", "published": "2014-05-12T00:00:00", "title": "Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3021)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3021.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73959);\n script_version(\"$Revision: 1.5 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:35:11 $\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\");\n script_bugtraq_id(63888, 66678);\n\n script_name(english:\"Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2014-3021)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\nkernel-uek\n[3.8.13-26.2.4.el6uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) \n[Orabug: 18721961] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. \nTsirkin) [Orabug: 18721976] {CVE-2014-0077}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004113.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-3.8.13-26.2.4.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"dtrace-modules-3.8.13-26.2.4.el6uek-0.4.2-3.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-debug-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-debug-devel-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-devel-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-doc-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-firmware-3.8.13-26.2.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-3.8.13\") && rpm_check(release:\"EL6\", cpu:\"x86_64\", reference:\"kernel-uek-headers-3.8.13-26.2.4.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Description of changes:\n\n[2.6.39-400.214.6.el5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721962] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721977] {CVE-2014-0077}", "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2014-3022.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73960", "published": "2014-05-12T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3022)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3022.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73960);\n script_version(\"$Revision: 1.4 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:35:11 $\");\n\n script_cve_id(\"CVE-2013-6383\", \"CVE-2014-0077\");\n script_bugtraq_id(63888, 66678);\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3022)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[2.6.39-400.214.6.el5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) \n[Orabug: 18721962] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. \nTsirkin) [Orabug: 18721977] {CVE-2014-0077}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004105.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004108.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.39-400.214.6.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.39-400.214.6.el5uek\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.39-400.214.6.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.39-400.214.6.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:45", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6.3 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection tracking implementation for Datagram Congestion Control Protocol (DCCP) packets used the skb_header_pointer() function. A remote attacker could use this flaw to send a specially crafted DCCP packet to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the handle_rx() function handled large network packets when mergeable buffers were disabled. A privileged guest user could use this flaw to crash the host or corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes the following bug :\n\n* Prior to this update, a guest-provided value was used as the head length of the socket buffer allocated on the host. If the host was under heavy memory load and the guest-provided value was too large, the allocation could have failed, resulting in stalls and packet drops in the guest's Tx path. With this update, the guest-provided value has been limited to a reasonable size so that socket buffer allocations on the host succeed regardless of the memory load on the host, and guests can send packets without experiencing packet drops or stalls.\n(BZ#1092350)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2014-0593.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79024", "published": "2014-11-08T00:00:00", "title": "RHEL 6 : kernel (RHSA-2014:0593)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0593. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79024);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2014-0077\", \"CVE-2014-2523\");\n script_xref(name:\"RHSA\", value:\"2014:0593\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0593)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and one bug are\nnow available for Red Hat Enterprise Linux 6.3 Extended Update\nSupport.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol\n(DCCP) packets used the skb_header_pointer() function. A remote\nattacker could use this flaw to send a specially crafted DCCP packet\nto crash the system or, potentially, escalate their privileges on the\nsystem. (CVE-2014-2523, Important)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged\nguest user could use this flaw to crash the host or corrupt QEMU\nprocess memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red\nHat.\n\nThis update also fixes the following bug :\n\n* Prior to this update, a guest-provided value was used as the head\nlength of the socket buffer allocated on the host. If the host was\nunder heavy memory load and the guest-provided value was too large,\nthe allocation could have failed, resulting in stalls and packet drops\nin the guest's Tx path. With this update, the guest-provided value has\nbeen limited to a reasonable size so that socket buffer allocations on\nthe host succeed regardless of the memory load on the host, and guests\ncan send packets without experiencing packet drops or stalls.\n(BZ#1092350)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0593\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0077\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6\\.3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.3\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0593\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", reference:\"kernel-doc-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", reference:\"kernel-firmware-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"python-perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"python-perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"3\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-279.46.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:31", "bulletinFamily": "scanner", "description": "The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.\n\nnet/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.\n\nThe get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors.", "modified": "2018-04-18T00:00:00", "id": "ALA_ALAS-2014-328.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=78271", "published": "2014-10-12T00:00:00", "title": "Amazon Linux AMI : kernel (ALAS-2014-328)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2014-328.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78271);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-2309\", \"CVE-2014-2523\");\n script_xref(name:\"ALAS\", value:\"2014-328\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2014-328)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The ip6_route_add function in net/ipv6/route.c in the Linux kernel\nthrough 3.13.6 does not properly count the addition of routes, which\nallows remote attackers to cause a denial of service (memory\nconsumption) via a flood of ICMPv6 Router Advertisement packets.\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable\nbuffers are disabled, does not properly validate packet lengths, which\nallows guest OS users to cause a denial of service (memory corruption\nand host OS crash) or possibly gain privileges on the host OS via\ncrafted packets, related to the handle_rx and get_rx_bufs functions.\n\nnet/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through\n3.13.6 uses a DCCP header pointer incorrectly, which allows remote\nattackers to cause a denial of service (system crash) or possibly\nexecute arbitrary code via a DCCP packet that triggers a call to the\n(1) dccp_new, (2) dccp_packet, or (3) dccp_error function.\n\nThe get_rx_bufs function in drivers/vhost/net.c in the vhost-net\nsubsystem in the Linux kernel package before 2.6.32-431.11.2 on Red\nHat Enterprise Linux (RHEL) 6 does not properly handle\nvhost_get_vq_desc errors, which allows guest OS users to cause a\ndenial of service (host OS crash) via unspecified vectors.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2014-328.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-3.10.37-47.135.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-3.10.37-47.135.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:21:09", "bulletinFamily": "scanner", "description": "Description of changes:\n\nkernel-uek [2.6.32-400.34.5.el5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18723276] {CVE-2013-6383}", "modified": "2015-12-01T00:00:00", "id": "ORACLELINUX_ELSA-2014-3023.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=73961", "published": "2014-05-12T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3023)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-3023.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(73961);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2015/12/01 17:35:11 $\");\n\n script_cve_id(\"CVE-2013-6383\");\n script_bugtraq_id(63888);\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2014-3023)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\nkernel-uek\n[2.6.32-400.34.5.el5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) \n[Orabug: 18723276] {CVE-2013-6383}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004106.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-May/004107.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.34.5.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.34.5.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.34.5.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-400.34.5.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.34.5.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.34.5.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.34.5.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-400.34.5.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-headers-2.6.32-400.34.5.el5uek\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-400.34.5.el5uek-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-400.34.5.el5uekdebug-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-400.34.5.el5uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-400.34.5.el5uekdebug-1.5.1-4.0.58\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-headers-2.6.32-400.34.5.el6uek\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-400.34.5.el6uek-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-400.34.5.el6uekdebug-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-400.34.5.el6uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-400.34.5.el6uekdebug-1.5.1-4.0.58\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-21T01:22:45", "bulletinFamily": "scanner", "description": "Updated kernel packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 5.9 Extended Update Support.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command() function in the Linux kernel's QETH network device driver implementation handled SNMP IOCTL requests with an out-of-bounds length. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller (aacraid) checked permissions of compat IOCTLs. A local attacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\nThis update also fixes the following bug :\n\n* Running a process in the background on a GFS2 file system could sometimes trigger a glock recursion error that resulted in a kernel panic. This happened when a readpage operation attempted to take a glock that had already been held by another function. To prevent this error, GFS2 now verifies whether the glock is already held when performing the readpage operation. (BZ#1077789)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2014-0476.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=79017", "published": "2014-11-08T00:00:00", "title": "RHEL 5 : kernel (RHSA-2014:0476)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0476. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(79017);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:53\");\n\n script_cve_id(\"CVE-2013-6381\", \"CVE-2013-6383\");\n script_bugtraq_id(63888, 63890);\n script_xref(name:\"RHSA\", value:\"2014:0476\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2014:0476)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and one bug are\nnow available for Red Hat Enterprise Linux 5.9 Extended Update\nSupport.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A buffer overflow flaw was found in the way the qeth_snmp_command()\nfunction in the Linux kernel's QETH network device driver\nimplementation handled SNMP IOCTL requests with an out-of-bounds\nlength. A local, unprivileged user could use this flaw to crash the\nsystem or, potentially, escalate their privileges on the system.\n(CVE-2013-6381, Important)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID\ncontroller (aacraid) checked permissions of compat IOCTLs. A local\nattacker could use this flaw to bypass intended security restrictions.\n(CVE-2013-6383, Moderate)\n\nThis update also fixes the following bug :\n\n* Running a process in the background on a GFS2 file system could\nsometimes trigger a glock recursion error that resulted in a kernel\npanic. This happened when a readpage operation attempted to take a\nglock that had already been held by another function. To prevent this\nerror, GFS2 now verifies whether the glock is already held when\nperforming the readpage operation. (BZ#1077789)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0476\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6383\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-6381\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5\\.9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.9\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0476\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", reference:\"kernel-doc-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-348.25.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-348.25.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:26:47", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2014:0475\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A flaw was found in the way the Linux kernel's netfilter connection\ntracking implementation for Datagram Congestion Control Protocol (DCCP)\npackets used the skb_header_pointer() function. A remote attacker could use\nthis flaw to send a specially crafted DCCP packet to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2523,\nImportant)\n\n* A flaw was found in the way the Linux kernel's Adaptec RAID controller\n(aacraid) checked permissions of compat IOCTLs. A local attacker could use\nthis flaw to bypass intended security restrictions. (CVE-2013-6383,\nModerate)\n\n* A flaw was found in the way the handle_rx() function handled large\nnetwork packets when mergeable buffers were disabled. A privileged guest\nuser could use this flaw to crash the host or corrupt QEMU process memory\non the host, which could potentially result in arbitrary code execution on\nthe host with the privileges of the QEMU process. (CVE-2014-0077, Moderate)\n\nThe CVE-2014-0077 issue was discovered by Michael S. Tsirkin of Red Hat.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. The system must be\nrebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2014-May/020285.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2014-0475.html", "modified": "2014-05-08T17:53:25", "published": "2014-05-08T17:53:25", "href": "http://lists.centos.org/pipermail/centos-announce/2014-May/020285.html", "id": "CESA-2014:0475", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:43:51", "bulletinFamily": "unix", "description": "[2.6.32-431.17.1]\n- [scsi] qla2xxx: Fixup looking for a space in the outstanding_cmds array in qla2x00_alloc_iocbs() (Chad Dupuis) [1085660 1070856]\n- [scsi] isci: fix reset timeout handling (David Milburn) [1080600 1040393]\n- [scsi] isci: correct erroneous for_each_isci_host macro (David Milburn) [1074855 1059325]\n- [kernel] sched: Fix small race where child->se.parent, cfs_rq might point to invalid ones (Naoya Horiguchi) [1081907 1032350]\n- [kernel] sched: suppress RCU lockdep splat in task_fork_fair (Naoya Horiguchi) [1081907 1032350]\n- [kernel] sched: add local variable to store task_group() to avoid kernel stall (Naoya Horiguchi) [1081908 1043733]\n- [fs] cifs: mask off top byte in get_rfc1002_length() (Sachin Prabhu) [1085358 1069737]\n- [kernel] Prevent deadlock when post_schedule_rt() results in calling wakeup_kswapd() on multiple CPUs (Larry Woodman) [1086095 1009626]\n- [scsi] AACRAID Driver compat IOCTL missing capability check (Jacob Tanenbaum) [1033533 1033534] {CVE-2013-6383}\n- [md] dm-thin: fix rcu_read_lock being held in code that can sleep (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: irqsave must always be used with the pool->lock spinlock (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: sort the per thin deferred bios using an rb_tree (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: use per thin device deferred bio lists (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: simplify pool_is_congested (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix dangling bio in process_deferred_bios error path (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: take care to copy the space map root before locking the superblock (Mike Snitzer) [1086007 1060381]\n- [md] dm-transaction-manager: fix corruption due to non-atomic transaction commit (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: fix refcount decrement below 0 which caused corruption (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix Documentation for held metadata root feature (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix noflush suspend IO queueing (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix deadlock in __requeue_bio_list (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix out of data space handling (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: ensure user takes action to validate data and metadata consistency (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: synchronize the pool mode during suspend (Mike Snitzer) [1086007 1060381]\n- [md] fix Kconfig indentation (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: allow metadata space larger than supported to go unused (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix the error path for the thin device constructor (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: avoid metadata commit if a pool's thin devices haven't changed (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: fix bug in resizing of thin metadata (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix pool feature parsing (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: fix extending the space map (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-common: make sure new space is used during extend (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix set_pool_mode exposed pool operation races (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: eliminate the no_free_space flag (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: add error_if_no_space feature (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: requeue bios to DM core if no_free_space and in read-only mode (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: cleanup and improve no space handling (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: log info when growing the data or metadata device (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: handle metadata failures more consistently (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: factor out check_low_water_mark and use bools (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: add mappings to end of prepared_* lists (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: return error from alloc_data_block if pool is not in write mode (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: use bool rather than unsigned for flags in structures (Mike Snitzer) [1086007 1060381]\n- [md] dm-persistent-data: cleanup dm-thin specific references in text (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: limit errors in sm_metadata_new_block (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix discard support to a previously shared block (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: initialize dm_thin_new_mapping returned by get_next_mapping (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map: disallow decrementing a reference count below zero (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: allow pool in read-only mode to transition to read-write mode (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: re-establish read-only state when switching to fail mode (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: always fallback the pool mode if commit fails (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: switch to read-only mode if metadata space is exhausted (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: switch to read only mode if a mapping insert fails (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-metadata: return on failure in sm_metadata_new_block (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map-disk: optimise sm_disk_dec_block (Mike Snitzer) [1086007 1060381]\n- [md] dm-table: print error on preresume failure (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: do not expose non-zero discard limits if discards disabled (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: always return -ENOSPC if no_free_space is set (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: set pool read-only if breaking_sharing fails block allocation (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: prefix pool error messages with pool device name (Mike Snitzer) [1086007 1060381]\n- [md] dm-space-map: optimise sm_ll_dec and sm_ll_inc (Mike Snitzer) [1086007 1060381]\n- [md] dm-btree: prefetch child nodes when walking tree for a dm_btree_del (Mike Snitzer) [1086007 1060381]\n- [md] dm-btree: use pop_frame in dm_btree_del to cleanup code (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix stacking of geometry limits (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: add data block size limits to Documentation (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: fix metadata dev resize detection (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: generate event when metadata threshold passed (Mike Snitzer) [1086007 1060381]\n- [md] dm-persistent-metadata: add space map threshold callback (Mike Snitzer) [1086007 1060381]\n- [md] dm-persistent-data: add threshold callback to space map (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: detect metadata device resizing (Mike Snitzer) [1086007 1060381]\n- [md] dm-persistent-data: support space map resizing (Mike Snitzer) [1086007 1060381]\n- [md] dm-thin: refactor data dev resize (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: initialize read-only module parameters (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: submit writes outside lock (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: add recursive IO request BUG_ON (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: prefetch (Mike Snitzer) [1086007 1060381]\n- [md] dm-bufio: fix slow IO latency issue specific to RHEL6 (Mike Snitzer) [1086490 1058528]\n- [netdrv] mlx4_en: Fixed crash when port type is changed (Amir Vadai) [1085658 1059586]\n- [netdrv] vmxnet3: fix netpoll race condition (Neil Horman) [1083175 1073218]\n- [net] netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Jiri Pirko) [1077345 1077346] {CVE-2014-2523}\n- [scsi] megaraid_sas: fix a small problem when reading state value from hw (Tomas Henzl) [1078641 1065187]\n- [fs] gfs2: Increase the max number of ACLs (Robert S Peterson) [1078874 1075713]\n- [net] filter: let bpf_tell_extensions return SKF_AD_MAX (Daniel Borkmann) [1079872 960275]\n- [net] introduce SO_BPF_EXTENSIONS (Daniel Borkmann) [1079872 960275]\n- [scsi] scsi_dh: cosmetic change to sizeof() (Ewan Milne) [1075554 1062494]\n- [acpi] thermal: Check for thermal zone requirement (Nigel Croxon) [1075651 1021044]\n- [acpi] thermal: Don't invalidate thermal zone if critical trip point is bad (Nigel Croxon) [1075651 1021044]\n- [mm] flush pages from pagevec of offlined CPU (Naoya Horiguchi) [1078007 1037467]\n- [fs] xfs: deprecate nodelaylog option (Eric Sandeen) [1076056 1055644]\n- [fs] Fix mountpoint reference leakage in linkat (Jeff Layton) [1069848 1059943]\n- [net] sock: Fix release_cb kABI brekage (Thomas Graf) [1066535 1039723]\n- [vhost] fix total length when packets are too short (Michael S. Tsirkin) [1064442 1064444] {CVE-2014-0077}\n- [net] sctp: fix sctp_sf_do_5_1D_ce to verify if peer is AUTH capable (Daniel Borkmann) [1070715 1067451] {CVE-2014-0101}\n- [vhost] validate vhost_get_vq_desc return value (Michael S. Tsirkin) [1062579 1058677] {CVE-2014-0055}\n[2.6.32-431.16.1]\n- [scsi] vmw_pvscsi: Fix pvscsi_abort() function (Ewan Milne) [1077874 1002727]\n[2.6.32-431.15.1]\n- [kernel] sched: Avoid throttle_cfs_rq() racing with period_timer stopping (Seth Jennings) [1083350 844450]\n[2.6.32-431.14.1]\n- [net] ip_tunnel: (revert old)/fix ecn decapsulation behaviour (Jiri Pirko) [1078011 1059402]\n- [net] ipv6: del unreachable route when an addr is deleted on lo (Vivek Dasgupta) [1078798 1028372]\n- [net] ipv6: add ip6_route_lookup (Vivek Dasgupta) [1078798 1028372]\n- [net] packet: improve socket create/bind latency in some cases (Daniel Borkmann) [1079870 1045150]\n[2.6.32-431.13.1]\n- [fs] dcache: fix cleanup on warning in d_splice_alias (J. Bruce Fields) [1063201 1042731]\n- [net] sctp: fix sctp_connectx abi for ia32 emulation/compat mode (Daniel Borkmann) [1076242 1053547]\n[2.6.32-431.12.1]\n- [mm] vmscan: re-introduce the ZONE_RECLAIM_NOSCAN bailout for zone_reclaim() (Rafael Aquini) [1073562 1039534]\n- [mm] vmscan: compaction works against zones, not lruvecs (Johannes Weiner) [1073564 982770]", "modified": "2014-05-07T00:00:00", "published": "2014-05-07T00:00:00", "id": "ELSA-2014-0475", "href": "http://linux.oracle.com/errata/ELSA-2014-0475.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:44", "bulletinFamily": "unix", "description": "[3.8.13-26.2.4.el6uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721961] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721976] {CVE-2014-0077}", "modified": "2014-05-09T00:00:00", "published": "2014-05-09T00:00:00", "id": "ELSA-2014-3021", "href": "http://linux.oracle.com/errata/ELSA-2014-3021.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:38:13", "bulletinFamily": "unix", "description": "[2.6.39-400.214.6]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721962] {CVE-2013-6383}\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721977] {CVE-2014-0077}", "modified": "2014-05-08T00:00:00", "published": "2014-05-08T00:00:00", "id": "ELSA-2014-3022", "href": "http://linux.oracle.com/errata/ELSA-2014-3022.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:45:02", "bulletinFamily": "unix", "description": "kernel-uek\n[2.6.32-400.34.5uek]\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18723276] {CVE-2013-6383}", "modified": "2014-05-08T00:00:00", "published": "2014-05-08T00:00:00", "id": "ELSA-2014-3023", "href": "http://linux.oracle.com/errata/ELSA-2014-3023.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:45:18", "bulletinFamily": "unix", "description": "kernel-uek\n[2.6.32-400.34.4uek]\n- netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462076] {CVE-2014-2523}\n- net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461091] {CVE-2014-0101}", "modified": "2014-03-27T00:00:00", "published": "2014-03-27T00:00:00", "id": "ELSA-2014-3016", "href": "http://linux.oracle.com/errata/ELSA-2014-3016.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:50", "bulletinFamily": "unix", "description": "[2.6.39-400.214.4]\n- netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18462070] {CVE-2014-2523}\n- net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461090] {CVE-2014-0101}\n- vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461089] {CVE-2014-0055}", "modified": "2014-03-26T00:00:00", "published": "2014-03-26T00:00:00", "id": "ELSA-2014-3015", "href": "http://linux.oracle.com/errata/ELSA-2014-3015.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:34", "bulletinFamily": "unix", "description": "kernel-uek \r\n[3.8.13-35.el6uek] \r\n- n_tty: Fix n_tty_write crash when echoing in raw mode (Peter Hurley) [Orabug: 18754908] {CVE-2014-0196} {CVE-2014-0196} \r\n \n[3.8.13-34.el6uek] \r\n- aacraid: missing capable() check in compat ioctl (Dan Carpenter) [Orabug: 18721960] {CVE-2013-6383} \r\n- vhost: fix total length when packets are too short (Michael S. Tsirkin) [Orabug: 18721975] {CVE-2014-0077} \r\n \n[3.8.13-33.el6uek] \r\n- dtrace: ensure one can try to get user pages without locking or faulting (Kris Van Hees) [Orabug: 18653173] \r\n- ipv6: don't set DST_NOCOUNT for remotely added routes (Sabrina Dubroca) [Orabug: 18681501] {CVE-2014-2309} \r\n- kvm: x86: fix emulator buffer overflow (CVE-2014-0049) (Andrew Honig) [Orabug: 18681519] {CVE-2014-0049} \r\n- ib_core: fmr pool hard lock up when cache enabled (Shamir Rabinovitch) [Orabug: 18408531] \r\n- bnx2x: disable PTP clock support (Jerry Snitselaar) [Orabug: 18605376] \r\n- x86, mm: Revert back good_end setting for 64bit (Brian Maly) [Orabug: 17648536] \r\n- IB/sdp: disable APM by default (Shamir Rabinovitch) [Orabug: 18443201] \r\n- vxlan: kernel panic when bringing up vxlan (Venkat Venkatsubra) [Orabug: 18295741] \r\n- ocfs2: call ocfs2_update_inode_fsync_trans when updating any inode (Darrick J. Wong) [Orabug: 18257094] \r\n- ocfs2: improve fsync efficiency and fix deadlock between aio_write and sync_file (Darrick J. Wong) [Orabug: 18257094] \r\n- Revert \"ocfs2: fix i_mutex deadlock between aio_write and sync_file\" (Jerry Snitselaar) [Orabug: 18257094] \r\n- config: align with rhck (Jerry Snitselaar) [Orabug: 18685975] \r\n- config: disable atmel drivers for ol7 (Jerry Snitselaar) [Orabug: 18665656] \r\n- config: enable support for squashfs features (Jerry Snitselaar) [Orabug: 18655723] \r\n- qla4xxx: Update driver verion to v5.04.00.05.06.02-uek3 (Tej Parkash) [Orabug: 18552248] \r\n- net: ipv4: current group_info should be put after using. (Wang, Xiaoming) [Orabug: 18603519] {CVE-2014-2851} \r\n \n[3.8.13-32.el6uek] \r\n- mm / dtrace: Allow DTrace to entirely disable page faults. (Nick Alcock) [Orabug: 18412802] \r\n- mm: allow __get_user_pages() callers to avoid triggering page faults. (Nick Alcock) [Orabug: 18412802] \r\n- config: enable nfs client support for rdma (Jerry Snitselaar) [Orabug: 18560595] \r\n- NFS: Fix negative overflow in SETATTR timestamps (Chuck Lever) [Orabug: 18476361] \r\n- NFS: Transfer full int64 for NFSv4 SETATTR timestamps (Chuck Lever) [Orabug: 18476361] \r\n- NFS: Block file size updates during async READ (Chuck Lever) [Orabug: 18391310] \r\n- NFS: Use an RPC/RDMA long request for NFS symlink operations (Chuck Lever) [Orabug: 18261861] \r\n- SUNRPC: Support long RPC/RDMA requests (Chuck Lever) [Orabug: 18261861] \r\n- xprtrdma: Split the completion queue (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Make rpcrdma_ep_destroy() return void (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Simplify rpcrdma_deregister_external() synopsis (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Remove support for MEMWINDOWS registration mode (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Disable ALLPHYSICAL mode by default (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: Remove BOUNCEBUFFERS memory registration mode (Chuck Lever) [Orabug: 18560595] \r\n- SUNRPC: RPC/RDMA must invoke xprt_wake_pending_tasks() in process context (Chuck Lever) [Orabug: 18560595] \r\n- xprtrdma: add separate Kconfig options for NFSoRDMA client and server support (Jeff Layton) [Orabug: 18560595] \r\n- NFS: incorrect \"port=\" value in /proc/mounts (Chuck Lever) [Orabug: 18560595] \r\n- NFS: advertise only supported callback netids (Chuck Lever) [Orabug: 18560595] \r\n- SUNRPC: remove KERN_INFO from dprintk() call sites (Chuck Lever) [Orabug: 18560595] \r\n- SUNRPC: Fix large reads on NFS/RDMA (Chuck Lever) [Orabug: 18560595] \r\n- fnic: Failing to queue aborts due to Q full cause terminate driver timeout (Simha) [Orabug: 18548644] \r\n- net: enic: include irq.h for irqreturn_t definitions (Josh Boyer) [Orabug: 18548634] \r\n- enic: Call dev_kfree_skb_any instead of dev_kfree_skb. (Eric W. Biederman) [Orabug: 18548634] \r\n- enic: Don't receive packets when the napi budget == 0 (Eric W. Biederman) [Orabug: 18548634] \r\n- net: enic: slight optimization of addr compare (dingtianhong) [Orabug: 18548634] \r\n- net: enic: remove unnecessary pci_set_drvdata() (Jingoo Han) [Orabug: 18548634] \r\n- driver/net: enic: update enic maintainers and driver (govindarajulu.v) [Orabug: 18548634] \r\n- driver/net: enic: Exposing symbols for Cisco's low latency driver (govindarajulu.v) [Orabug: 18548634] \r\n- driver/net: enic: Try DMA 64 first, then failover to DMA (govindarajulu.v) [Orabug: 18548634] \r\n- driver/net: enic: record q_number and rss_hash for skb (govindarajulu.v) [Orabug: 18548634] \r\n- driver/net: enic: Add multi tx support for enic (govindarajulu.v) [Orabug: 18548634] \r\n- drivers/net: enic: Generate notification of hardware crash (Neel Patel) [Orabug: 18548634] \r\n- drivers/net: enic: Add an interface for USNIC to interact with firmware (Neel Patel) [Orabug: 18548634] \r\n- drivers/net: enic: Adding support for Cisco Low Latency NIC (Neel Patel) [Orabug: 18548634] \r\n- drivers/net: enic: Move ethtool code to a separate file (Neel Patel) [Orabug: 18548634] \r\n- drivers/net: enic: release rtnl_lock on error-path (Konstantin Khlebnikov) [Orabug: 18548634] \r\n- enic: be less verbose about non-critical firmware errors (Stefan Assmann) [Orabug: 18548634] \r\n- enic: change sprintf() to snprintf() (Dan Carpenter) [Orabug: 18548634] \r\n- dtrace: implement omni-present cyclics (Kris Van Hees) [Orabug: 18323501] \r\n- Update .gitignore with generated SDT files. (Nick Alcock) [Orabug: 17851716] \r\n- dtrace: avoid unreliable entries in stack() output (Kris Van Hees) [Orabug: 18323450] \r\n- drm/i915: hsw: replace !is_pch_edp() with port==PORT_A (Imre Deak) [Orabug: 18429992] \r\n- drm/i915: IVB/HSW have 32 fence register (Ville Syrjala) [Orabug: 18429992] \r\n- drm/i915: Configure GAM_ECOCHK appropriatly for Gen7 (Ville Syrjala) [Orabug: 18429992] \r\n- drm/i915: use lower aux clock divider on non-ULT HSW (Jani Nikula) [Orabug: 18429992] \r\n- drm/i915: HSW PM Frequency bits fix (Rodrigo Vivi) [Orabug: 18429992] \r\n- drm/i915: there's no PIPESTAT on HAS_PCH_SPLIT platforms (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: there's no DSPPOS register on gen4+ (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: reorganize intel_lvds_supported (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: fix DSPADDR Gen check (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: there's no DSPADDR register on Haswell (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: there's no DSPSIZE register on gen4+ (Paulo Zanoni) [Orabug: 18429992] \r\n- drm/i915: Use cpu_transcoder for HSW_TVIDEO_DIP_* instead of pipe (Rodrigo Vivi) [Orabug: 18429992] \r\n- PM: intel_powerclamp: enable driver in defconfigs (Brian Maly) [Orabug: 18429987] \r\n- intel_powerclamp: Fix cstate counter detection. (Yuxuan Shui) [Orabug: 18429987] \r\n- thermal/intel_powerclamp: Add newer CPU models (Jacob Pan) [Orabug: 18429987] \r\n- PM: Introduce Intel PowerClamp Driver (Jacob Pan) [Orabug: 18429987] \r\n- tick: export nohz tick idle symbols for module use (Jacob Pan) [Orabug: 18429987] \r\n- x86/nmi: export local_touch_nmi() symbol for modules (Jacob Pan) [Orabug: 18429987] \r\n- ioatdma: disable RAID on non-Atom platforms and reenable unaligned copies (Brice Goglin) [Orabug: 18430022] \r\n- ioatdma: ioat3_alloc_sed can be static (Fengguang Wu) [Orabug: 18430022] \r\n- ioatdma: Adding write back descriptor error status support for ioatdma 3.3 (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: S1200 platforms ioatdma channel 2 and 3 falsely advertise RAID cap (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Adding support for 16 src PQ ops and super extended descriptors (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: skip silicon bug workaround for pq_align for cb3.3 (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Removing PQ val disable for cb3.3 (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: channel reset scheme fixup on Intel Atom S1200 platforms (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Add 64bit chansts register read for ioat v3.3. (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Adding PCI IDs for Intel Atom S1200 product family ioatdma devices (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: Adding Haswell devid for ioatdma (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: allow all channels to have irq coalescing support (Dave Jiang) [Orabug: 18430022] \r\n- ioatdma: make debug output more readable (Dave Jiang) [Orabug: 18430022] \r\n- ioat/dca: Update DCA BIOS workarounds to use TAINT_FIRMWARE_WORKAROUND (Alexander Duyck) [Orabug: 18430022] \r\n- dmaengine: ioat - fix spare sparse complain (Fengguang Wu) [Orabug: 18430022] \r\n- ioatdma: fix race between updating ioat->head and IOAT_COMPLETION_PENDING (Dave Jiang) [Orabug: 18430022] \r\n- ioat: remove chanerr mask setting for IOAT v3.x (Dave Jiang) [Orabug: 18430022] \r\n- PCI: Remove Intel Haswell D3 delays (Todd E Brandt) [Orabug: 18559933] \r\n- hyperv-fb: kick off efifb early (Gerd Hoffmann) [Orabug: 18276803] \r\n- hyperv-fb: add support for generation 2 virtual machines. (Gerd Hoffmann) [Orabug: 18276803] \r\n- vmbus: use resource for hyperv mmio region (Gerd Hoffmann) [Orabug: 18276803] \r\n- vmbus: add missing breaks (Gerd Hoffmann) [Orabug: 18276803] \r\n- Drivers: hv: fcopy_open() can be static (Fengguang Wu) [Orabug: 18276803] \r\n- Drivers: hv: Implement the file copy service (K. Y. Srinivasan) [Orabug: 18276803] \r\n- hv: Add hyperv.h to uapi headers (Bjarke Istrup Pedersen) [Orabug: 18276803] \r\n- Drivers: hv: Ballon: Make pressure posting thread sleep interruptibly (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Cleanup the packet send path (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: vmbus: Extract the mmio information from DSDT (K. Y. Srinivasan) [Orabug: 18276803] \r\n- add support for Hyper-V reference time counter (Vadim Rozenfeld) [Orabug: 18276803] \r\n- hyperv: enable framebuffer and keyboard drivers (Jerry Snitselaar) [Orabug: 18276803] \r\n- Drivers: hv: remove HV_DRV_VERSION (Olaf Hering) [Orabug: 18276803] \r\n- x86, hyperv: Move a variable to avoid an unused variable warning (H. Peter Anvin) [Orabug: 18276803] \r\ninclude (David Rientjes) [Orabug: 18276803] \r\n- x86, hyperv: Correctly guard the local APIC calibration code (K. Y. Srinivasan) [Orabug: 18276803] \r\n- x86, hyperv: Get the local APIC timer frequency from the hypervisor (K. Y. Srinivasan) [Orabug: 18276803] \r\n- x86: Correctly detect hypervisor (Jason Wang) [Orabug: 18276803] \r\n- x86, hyperv: Handle Xen emulation of Hyper-V more gracefully (K. Y. Srinivasan) [Orabug: 18276803] \r\n- X86: Handle Hyper-V vmbus interrupts as special hypervisor interrupts (K. Y. Srinivasan) [Orabug: 18276803] \r\n- X86: Add a check to catch Xen emulation of Hyper-V (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Input: hyperv-keyboard - pass through 0xE1 prefix (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Input: add a driver to support Hyper-V synthetic keyboard (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: NULL pointer dereference fix (Ales Novak) [Orabug: 18276803] \r\n- [SCSI] storvsc: Increase the value of STORVSC_MAX_IO_REQUESTS (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Support FC devices (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: hv: Add the GUID fot synthetic fibre channel device (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Implement multi-channel support (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Update the storage protocol to win8 level (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Increase the value of scsi timeout for storvsc devices (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Handle dynamic resizing of the device (K. Y. Srinivasan) [Orabug: 18276803] \r\n- [SCSI] storvsc: Restructure error handling code on command completion (K. Y. Srinivasan) [Orabug: 18276803] \r\n- Drivers: scsi: storvsc: Use the consolidated GUID definition (K. Y. Srinivasan) [Orabug: 18276803] \r\n- HID: hyperv: make sure input buffer is big enough (David Herrmann) [Orabug: 18276803] \r\n- HID: hyperv: convert alloc+memcpy to memdup (Thomas Meyer) [Orabug: 18276803] \r\n- Drivers: hid: hid-hyperv: Use consolidated G U I D d e f i n i t i o n s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v : M o v e s t a t e s e t t i n g f o r l i n k q u e r y ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v : F i x t h e c a r r i e r s t a t u s s e t t i n g ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v : F i x r a c e b e t w e e n p r o b e a n d o p e n c a l l s ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v : F i x t h e N E T I F _ F _ S G f l a g s e t t i n g i n n e t v s c ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - F i x t h e V L A N _ T A G _ P R E S E N T i n n e t v s c _ r e c v _ c a l l b a c k ( ) ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v : F i x v l a n _ p r o t o s e t t i n g i n n e t v s c _ r e c v _ c a l l b a c k ( ) ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v : F i x a c o m p i l e r w a r n i n g i n n e t v s c _ s e n d ( ) ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v : F i x a k e r n e l w a r n i n g f r o m n e t v s c _ l i n k s t a t u s _ c a l l b a c k ( ) ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : n e t : h y p e r v : U s e t h e c o n s o l i d a t e d G U I D d e f i n i t i o n ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v - f b : a d d b l a n k i n g s u p p o r t ( G e r d H o f f m a n n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v - f b : a d d p c i s t u b ( G e r d H o f f m a n n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - d r i v e r s / v i d e o : a d d H y p e r - V S y n t h e t i c V i d e o F r a m e B u f f e r D r i v e r ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : D o n ' t t i m e o u t d u r i n g t h e i n i t i a l c o n n e c t i o n w i t h h o s t ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : S p e c i f y t h e t a r g e t C P U t h a t s h o u l d r e c e i v e n o t i f i c a t i o n ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h y p e r v : A d d s u p p o r t f o r p h y s i c a l l y d i s c o n t i n u o u s r e c e i v e b u f f e r ( H a i y a n g Z h a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - d r i v e r s : h v : M a r k t h e f u n c t i o n h v _ s y n i c _ f r e e _ c p u ( ) a s s t a t i c i n h v . c ( R a s h i k a K h e r i a ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : F i x a b u g i n c h a n n e l r e s c i n d c o d e ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - d r i v e r s : h v : F i x w r o n g c h e c k f o r s y n i c _ e v e n t _ p a g e ( F e l i p e P e n a ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : T e r m i n a t e v m b u s v e r s i o n n e g o t i a t i o n o n t i m e o u t ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : u t i l : C o r r e c t l y s u p p o r t w s 2 0 0 8 R 2 a n d e a r l i e r ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h v : v m b u s : f i x v m b u s _ r e c v p a c k e t _ r a w ( ) r e t u r n c o d e ( D a n C a r p e n t e r ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h v : C h a n g e v a r i a b l e t y p e t o b o o l ( P e t e r S e n n a T s c h u d i n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : D o n o t a t t e m p t t o n e g o a t i a t e a n e w v e r s i o n p r e m a t u r e l y ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : F i x a b u g i n t h e h a n d l i n g o f c h a n n e l o f f e r s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : D o n o t p o s t p r e s s u r e s t a t u s i f i n t e r r u p t e d ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : F i x a b u g i n t h e h o t - a d d c o d e ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : i n c o r r e c t d e v i c e n a m e i s p r i n t e d w h e n c h i l d d e v i c e i s u n r e g i s t e r e d ( F e r n a n d o S o t o ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : I n i t i a l i z e t h e t r a n s a c t i o n I D j u s t b e f o r e s e n d i n g t h e p a c k e t ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : u t i l : F i x a b u g i n v e r s i o n n e g o t i a t i o n c o d e f o r u t i l s e r v i c e s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - d r i v e r s : h v : a l l o c a t e s y n i c s t r u c t u r e s b e f o r e h v _ s y n i c _ i n i t ( ) ( J a s o n W a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - d r i v e r s : h v : c h e c k i n t e r r u p t m a s k b e f o r e r e a d _ i n d e x ( J a s o n W a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - d r i v e r s : h v : s w i t c h t o u s e m b ( ) i n s t e a d o f s m p _ m b ( ) ( J a s o n W a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : I m p l e m e n t m u l t i - c h a n n e l s u p p o r t ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : F i x a b u g i n g e t _ v p _ i n d e x ( ) ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : F i x a b u g i n h v _ n e e d _ t o _ s i g n a l ( ) ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : N o t i f y t h e h o s t o f p e r m a n e n t h o t - a d d f a i l u r e s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : S u p p o r t 2 M p a g e a l l o c a t i o n s f o r b a l l o o n i n g ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : P e r m i t L i n u x t o s p e c i f y h o t - a d d a l i g n m e n t r e q u i r e m e n t s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : m a k e l o c a l f u n c t i o n s s t a t i c ( W e i Y o n g j u n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : A d d a n e w d r i v e r t o s u p p o r t h o s t i n i t i a t e d b a c k u p ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : H a n d l e c h a n n e l r e s c i n d m e s s a g e c o r r e c t l y ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : I m p l e m e n t h o t - a d d f u n c t i o n a l i t y ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : M a k e t h e b a l l o o n d r i v e r n o t u n l o a d a b l e ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : E x e c u t e h o t - a d d c o d e i n a s e p a r a t e c o n t e x t ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : E x e c u t e b a l l o o n i n f l a t i o n i n a s e p a r a t e c o n t e x t ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : D o n o t r e q u e s t c o m p l e t i o n n o t i f i c a t i o n ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - d r i v e r : h v : r e m o v e c a s t f o r k m a l l o c r e t u r n v a l u e ( Z h a n g Y a n f e i ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : U s e t h e n e w i n f r a s t r u c t u r e f o r d e l i v e r i n g V M B U S i n t e r r u p t s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : P r e v e n t t h e h o s t f r o m b a l l o o n i n g t h e g u e s t t o o l o w ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : A d d a p a r a m e t e r t o d e l a y p r e s s u r e r e p o r t i n g ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : b a l l o o n : M a k e a d j u s t m e n t s t o t h e p r e s s u r e r e p o r t ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : U s e c o n s o l i d a t e d G U I D d e f i n i t i o n s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s : C o n s o l i d a t e a l l o f f e r G U I D d e f i n i t i o n s i n h y p e r v . h ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : B i n d a l l v m b b u s i n t e r r u p t s t o t h e b o o t C P U ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : v m b u s _ f l o w _ h a n d l e r ( ) c a n b e s t a t i c ( F e n g g u a n g W u ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : r e m o v e u n u s e d v a r i a b l e i n v m b u s _ r e c v p a c k e t _ r a w ( ) ( W e i Y o n g j u n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : C l e a n u p a n d c o n s o l i d a t e r e p o r t i n g o f b u i l d / v e r s i o n i n f o ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : C a p t u r e t h e h o s t b u i l d i n f o r m a t i o n ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : I m p l e m e n t f l o w m a n a g e m e n t o n t h e s e n d s i d e ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : E n a b l e p r o t o c o l n e g o t i a t i o n w i t h w i n 8 h o s t s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : A d d a c h e c k t o d e a l w i t h s p u r i o u s i n t e r r u p t s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : H a n d l e v m b u s i n t e r r u p t s c o n c u r r e n t l y o n a l l c p u s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : M a n a g e e v e n t t a s k l e t s o n p e r - c p u b a s i s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : G e t r i d o f u n n e c e s s a r y r e q u e s t f o r o f f e r s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : G e t r i d o f t h e u n u s e d g l o b a l s i g n a l i n g s t a t e ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : A d d c o d e t o d i s t r i b u t e c h a n n e l i n t e r r u p t l o a d ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : M o d i f y t h e i n t e r r u p t h a n d l i n g c o d e t o s u p p o r t w i n 8 a n d b e y o n d ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : A d d s t a t e t o m a n a g e i n c o m i n g c h a n n e l i n t e r r u p t l o a d ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : S e t u p a m a p p i n g f o r H y p e r - V ' s n o t i o n c p u I D ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : C l e a n u p v m b u s _ s e t _ e v e n t ( ) t o s u p p o r t w i n 7 a n d b e y o n d ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : M a n a g e s i g n a l i n g s t a t e o n a p e r - c o n n e c t i o n b a s i s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : M o v e v m b u s v e r s i o n d e f i n i t i o n s t o h y p e r v . h ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : C h a n g e t h e s i g n a t u r e o f v m b u s _ s e t _ e v e n t ( ) ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : C h a n g e t h e s i g n a t u r e f o r h v _ s i g n a l _ e v e n t ( ) ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : S a v e a n d e x p o r t n e g o t i a t e d v m b u s v e r s i o n ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : E x t e n d / m o d i f y v m b u s _ c h a n n e l _ o f f e r _ c h a n n e l f o r w i n 7 a n d b e y o n d ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : U p d a t e t h e r i n g b u f f e r s t r u c t u r e t o m a t c h w i n 8 f u n c t i o n a l i t y ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : S u p p o r t h a n d l i n g m u l t i p l e V M B U S v e r s i o n s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : G e t r i d o f h v _ g e t _ r i n g b u f f e r _ i n t e r r u p t _ m a s k ( ) ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : O p t i m i z e t h e s i g n a l i n g o n t h e w r i t e p a t h ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : O p t i m i z e s i g n a l i n g i n t h e r e a d p a t h ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : T u r n o f f b a t c h e d r e a d i n g f o r u t i l d r i v e r s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : A d d s t a t e t o m a n a g e b a t c h e d r e a d i n g ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - D r i v e r s : h v : I m p l e m e n t r o u t i n e s f o r r e a d s i d e s i g n a l i n g o p t i m i z a t i o n ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - h v : h v _ b a l l o o n : r e m o v e d u p l i c a t e d i n c l u d e f r o m h v _ b a l l o o n . c ( W e i Y o n g j u n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - x 8 6 , k v m : S w i t c h t o u s e h y p e r v i s o r _ c p u i d _ b a s e ( ) ( J a s o n W a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - x 8 6 : I n t r o d u c e h y p e r v i s o r _ c p u i d _ b a s e ( ) ( J a s o n W a n g ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - x 8 6 , m m : C r e a t e s l o w _ v i r t _ t o _ p h y s ( ) ( D a v e H a n s e n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - x 8 6 , m m : P a g e t a b l e l e v e l s i z e / s h i f t / m a s k h e l p e r s ( D a v e H a n s e n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - m m : e x p o r t s p l i t _ p a g e ( ) ( K . Y . S r i n i v a s a n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - x 8 6 , h y p e r v : H Y P E R V d e p e n d s o n X 8 6 _ L O C A L _ A P I C ( H . P e t e r A n v i n ) [ O r a b u g : 1 8 2 7 6 8 0 3 ] \r b r > - q l a 2 x x x : U p d a t e t h e d r i v e r v e r s i o n t o 8 . 0 7 . 0 0 . 0 8 . 3 9 . 0 - k 1 . ( S a u r a v K a s h y a p ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : R e m o v e I S P 8 0 4 4 I D f r o m t h e p c i t a b l e . ( S a u r a v K a s h y a p ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : R e m o v e m a p p e d v p i n d e x i t e r a t o r m a c r o d e a d c o d e . ( H i m a n s h u M a d h a n i ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A d d M B C o p t i o n f o r f a s t S F P d a t a a c c e s s . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : F i x I S P F X 0 0 n o t d i s p l a y i n g t h e c o r r e c t F W v e r s i o n a f t e r F W u p d a t e t h r o u g h s y s f s I n t e r f a c e . ( A r m e n B a l o y a n ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : F i x b e a c o n b l i n k l o g i c f o r I S P 2 6 x x / 8 3 x x . ( H i m a n s h u M a d h a n i ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : D o n ' t c h e c k f o r f i r m w a r e h u n g d u r i n g t h e r e s e t c o n t e x t f o r I S P 8 2 X X . ( T e j P r a k a s h ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : F i x u p l o o k i n g f o r a s p a c e i n t h e o u t s t a n d i n g _ c m d s a r r a y i n q l a 2 x 0 0 _ a l l o c _ i o c b s ( ) . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : D e l a y d r i v e r u n l o a d i f t h e r e i s a n y p e n d i n g a c t i v i t y g o i n g o n . ( S a w a n C h a n d a k ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : I S P 2 7 x x q u e u e i n d e x s h a d o w r e g i s t e r s . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : I S P 2 7 x x f i r m w a r e d u m p t e m p l a t e s p e c u p d a t e s ( i n c l u d i n g T 2 7 4 ) . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : R e d u c e t h e t i m e w e w a i t f o r a c o m m a n d t o c o m p l e t e d u r i n g S C S I e r r o r h a n d l i n g . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : C h e c k t h e Q L A 8 0 4 4 _ C R B _ D R V _ A C T I V E _ I N D E X r e g i s t e r w h e n w e a r e n o t t h e o w n e r o f t h e r e s e t . ( H i r a l P a t e l ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : C l e a r l o o p _ i d f o r p o r t s t h a t a r e m a r k e d l o s t d u r i n g f a b r i c s c a n n i n g . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A d j u s t a d a p t e r r e s e t r o u t i n e t o t h e c h a n g e s i n f i r m w a r e s p e c i f i c a t i o n f o r I S P F x 0 0 . ( A r m e n B a l o y a n ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A v o i d e s c a l a t i n g t h e S C S I e r r o r h a n d l e r i f t h e c o m m a n d i s n o t f o u n d i n f i r m w a r e . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : I O C B d a t a s h o u l d b e c o p i e d t o I / O m e m u s i n g m e m c p y _ t o i o . ( A t u l D e s h m u k h ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : U s e p r o p e r l o g m e s s a g e f o r f l a s h l o c k f a i l e d e r r o r f o r I S P 8 2 X X . ( A t u l D e s h m u k h ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : R e m o v e c o n f i g u r e V F s m a i l b o x c o m m a n d c a l l . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : I S P 8 0 4 4 p o l l i p m d i o b u s t i m e o u t i m p r o v e m e n t . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : P o l l d u r i n g i n i t i a l i z a t i o n f o r I S P 2 5 x x a n d I S P 8 3 x x . ( G i r i d h a r M a l a v a l i ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : F i x b u i l d e r r o r s r e l a t e d t o i n v a l i d p r i n t f i e l d s o n s o m e a r c h i t e c t u r e s . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > f i l e f o r m s l e e p d e c l a r t i o n i n q l a _ n x 2 . c f i l e . ( A t u l D e s h m u k h ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : U s e p r o p e r l o g m e s s a g e f o r f l a s h l o c k f a i l e d e r r o r . ( A t u l D e s h m u k h ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : D e c r e a s e p c i a c c e s s f o r r e s p o n s e q u e u e p r o c e s s i n g f o r I S P F X 0 0 . ( A r m e n B a l o y a n ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : U s e j i f f i e s i n s t e a d o f s t r u c t t i m e v a l a n d g e t t i m e o f d a y ( ) . ( A t u l D e s h m u k h ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : U p d a t e e n t r y t y p e 2 7 0 t o m a t c h s p e c u p d a t e . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : E n a b l e f w _ d u m p _ s i z e f o r h e l g a ( H i r a l P a t e l ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : R e m o v e u n n e c e s s a r y c o d e f r o m q l a f x 0 0 _ i n t r _ h a n d l e r ( H i r a l P a t e l ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : I n t r o d u c e f w _ d u m p _ f l a g t o t r a c k f w d u m p p r o g r e s s ( H i r a l P a t e l ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : R e m o v e u n n e c e s s a r y d e l a y s f r o m f w d u m p c o d e p a t h ( H i r a l P a t e l ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : T r a c k t h e p r o c e s s w h e n t h e R O M _ L O C K f a i l u r e h a p p e n s ( H i r a l P a t e l ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : C o r r e c t i o n t o 2 7 x x t e m p l a t e e n t r y t y p e s 2 5 6 a n d 2 5 8 . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A d d 8 0 4 4 s e r d e s b s g i n t e r f a c e . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : F i x P 3 P m a x d e b u g I D . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : C h e c k f o r p e g a l i v e c o u n t e r a n d c l e a r a n y o u t s t a n d i n g m a i l b o x c o m m a n d . ( G i r i d h a r M a l a v a l i ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : S u p p o r t o f n e w H e l g a m i n i d u m p o p c o d e s Q L A 8 0 4 4 _ R D D F E ( 3 8 ) , Q L A 8 0 4 4 _ R D M D I O ( 3 9 ) , Q L A 8 0 4 4 _ P O L L W R ( 4 0 ) . ( P r a t i k M o h a n t y ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A l l o w t h e n e x t f i r m w a r e d u m p i f t h e p r e v i o u s d u m p c a p t u r e f a i l s f o r I S P 8 0 4 4 . ( S a u r a v K a s h y a p ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A d d p c i d e v i c e i d 0 x 2 2 7 1 . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : I s s u e a b o r t c o m m a n d f o r o u t s t a n d i n g c o m m a n d s d u r i n g c l e a n u p w h e n o n l y f i r m w a r e i s a l i v e . ( G i r i d h a r M a l a v a l i ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : L o g w h e n d e v i c e s t a t e i s m o v e d t o f a i l e d s t a t e . ( G i r i d h a r M a l a v a l i ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : F i x s p a r s e w a r n i n g s i n q l a _ m r . c ( A r m e n B a l o y a n ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : C o r r e c t o p e r a t i o n s f o r I S P 2 7 x x t e m p l a t e t y p e s 2 7 0 a n d 2 7 1 . ( J o e C a r n u c c i o ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A d d a n d u s e 3 2 G b p s F C - G S d e f i n i t i o n s . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : D o n o t s c h e d u l e r e s e t w h e n o n e i s a l r e a d y a c t i v e w h e n r e c e i v i n g a n i n v a l i d s t a t u s h a n d l e . ( C h a d D u p u i s ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A d d I O C B A b o r t c o m m a n d a s y n c h r o n o u s h a n d l i n g ( A r m e n B a l o y a n ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - q l a 2 x x x : A d d I S P 2 7 0 1 t o P C I I D t a b l e . ( S a w a n C h a n d a k ) [ O r a b u g : 1 8 5 2 4 7 6 7 ] \r b r > - U p d a t e q l g e d r i v e r t o v 1 . 0 0 . 0 0 . 3 4 ( S u c h e t a C h a k r a b o r t y ) [ O r a b u g : 1 8 5 5 2 2 2 5 ] \r b r > - [ S C S I ] h p s a : u p d a t e d r i v e r v e r s i o n t o 3 . 4 . 4 - 1 ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 8 5 2 4 7 6 6 ] \r b r > - [ S C S I ] h p s a : f i x b a d e n d i f p l a c e m e n t i n R A I D 5 m a p p e r c o d e ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 8 5 2 4 7 6 6 ] \r b r > - [ S C S I ] h p s a : D o n o t z e r o f i e l d s o f i o a c c e l 2 c o m m a n d s t r u c t u r e t w i c e ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 8 5 2 4 7 6 6 ] \r b r > - [ S C S I ] h p s a : A d d h b a m o d e t o t h e h p s a d r i v e r ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 8 5 2 4 7 6 6 ] \r b r > - [ S C S I ] h p s a : r e m o v e u n u s e d s t r u c t r e q u e s t f r o m C o m m a n d L i s t ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 8 5 2 4 7 6 6 ] \r b r > - [ S C S I ] h p s a : i n c r e a s e t h e p r o b a b i l i t y o f a r e p o r t e d s u c c e s s a f t e r a d e v i c e r e s e t ( T o m a s H e n z l ) [ O r a b u g : 1 8 5 2 4 7 6 6 ] \r b r > - [ S C S I ] h p s a : b r i n g f o r m a t - i n - p r o g r e s s d r i v e s o n l i n e w h e n r e a d y ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 8 5 2 4 7 6 6 ] \r b r > - [ S C S I ] h p s a : r e m o v e u n u s e d k t h r e a d . h h e a d e r ( S t e p h e n M . C a m e r o n ) [ O r a b u g : 1 8 5 2 4 7 6 6 ] \r b r > - b o n d i n g : I n a c t i v e s l a v e s s h o u l d k e e p i n a c t i v e f l a g ' s v a l u e ( z h e n g . l i ) [ O r a b u g : 1 8 3 4 5 4 8 2 ] \r b r > - d t r a c e : f i x l e a k i n g p s i n f o o b j e c t s ( K r i s V a n H e e s ) [ O r a b u g : 1 8 3 8 3 0 2 7 ] \r b r > - x e n / p v h v m : S u p p o r t m o r e t h a n 3 2 V C P U s w h e n m i g r a t i n g . ( K o n r a d R z e s z u t e k W i l k ) [ O r a b u g : 1 8 5 5 2 6 6 4 ] \r b r > - x e n / m i c r o c o d e : O n l y l o a d u n d e r i n i t i a l d o m a i n . ( K o n r a d R z e s z u t e k W i l k ) [ O r a b u g : 1 8 3 7 9 8 2 4 ] \r b r > - a u d i t : M a k e t e s t i n g f o r a v a l i d l o g i n u i d e x p l i c i t . ( E r i c W . B i e d e r m a n ) [ O r a b u g : 1 8 3 4 6 9 0 1 ] \r b r > - a u d i t : m a k e v a l i d i t y c h e c k i n g g e n e r i c ( E r i c P a r i s ) [ O r a b u g : 1 8 3 4 6 9 0 1 ] \r b r > - a u d i t : a l l o w c h e c k i n g t h e t y p e o f a u d i t m e s s a g e i n t h e u s e r f i l t e r ( E r i c P a r i s ) [ O r a b u g : 1 8 3 4 6 9 0 1 ] \r b r > - i 4 0 e : e n a b l e C O N F I G _ I 4 0 E b y d e f a u l t ( B r i a n M a l y ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : a d d k c o m p a t c a l l s ( B r i a n M a l y ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : i n c l u d e i 4 0 e i n k e r n e l p r o p e r ( J e s s e B r a n d e b u r g ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : d e b u g f s i n t e r f a c e ( J e s s e B r a n d e b u r g ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : i n i t c o d e a n d h a r d w a r e s u p p o r t ( J e s s e B r a n d e b u r g ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : i m p l e m e n t v i r t u a l d e v i c e i n t e r f a c e ( J e s s e B r a n d e b u r g ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : d r i v e r c o r e h e a d e r s ( J e s s e B r a n d e b u r g ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : d r i v e r e t h t o o l c o r e ( J e s s e B r a n d e b u r g ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : t r a n s m i t , r e c e i v e , a n d N A P I ( J e s s e B r a n d e b u r g ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - i 4 0 e : m a i n d r i v e r c o r e ( J e s s e B r a n d e b u r g ) [ O r a b u g : 1 8 4 2 9 9 7 3 ] \r b r > - o c f s 2 : p a s s \" n e w \" p a r a m e t e r t o o c f s 2 _ i n i t _ x a t t r _ b u c k e t ( W e n g a n g W a n g ) [ O r a b u g : 1 8 4 4 7 7 6 5 ] \r b r > - q l c n i c : m a k e K c o n f i g / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 0 1 9 6 . h t m l \" > C V E - 2 0 1 4 - 0 1 9 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 2 3 0 9 . h t m l \" > C V E - 2 0 1 4 - 2 3 0 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 0 0 4 9 . h t m l \" > C V E - 2 0 1 4 - 0 0 4 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 4 - 0 0 3 8 . h t m l \" > C V E - 2 0 1 4 - 0 0 3 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 4 5 8 7 . h t m l \" > C V E - 2 0 1 3 - 4 5 8 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 7 2 6 6 . h t m l \" > C V E - 2 0 1 3 - 7 2 6 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 6 8 8 5 . h t m l \" > C V E - 2 0 1 3 - 6 8 8 5 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 3 5 . e l 6 u e k - 0 . 4 . 3 - 4 . e l 6 . s r c . r p m / t d > t d > 4 9 f a a d b 4 c 0 f 6 e 0 9 0 2 d 7 d 0 4 e a d 7 5 d 3 4 3 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 3 5 . e l 6 u e k . s r c . r p m / t d > t d > 2 1 3 4 9 e 3 2 4 b d 3 5 a 8 7 f c 2 d e d e 5 7 c 4 9 2 0 1 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 3 . 8 . 1 3 - 3 5 . e l 6 u e k - 0 . 4 . 3 - 4 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 9 e 1 a b 5 d 5 2 8 7 b 9 b 2 4 2 0 4 0 b e 8 6 8 5 3 6 f 1 a c / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - h e a d e r s - 0 . 4 . 3 - 4 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > a d e 5 6 a d 5 d 1 6 3 a 5 0 1 2 0 b 1 5 4 0 f c 4 e 3 c 9 6 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - p r o v i d e r - h e a d e r s - 0 . 4 . 3 - 4 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > f 1 7 7 2 1 2 6 8 3 4 1 8 2 d 0 2 2 5 6 7 9 7 d 5 0 9 c e f 7 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 7 - 3 5 4 3 . h t m l \" > E L B A - 2 0 1 7 - 3 5 4 3 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 3 . 8 . 1 3 - 3 5 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 1 a c c 5 e c 8 6 d 3 5 3 8 3 0 9 e 9 4 c c d b a 0 0 0 b f 6 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 3 . 8 . 1 3 - 3 5 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 4 d 3 f 5 9 4 c 7 c 0 3 c b 4 3 f 4 b 6 6 e e 1 b c e 7 3 e 0 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 3 . 8 . 1 3 - 3 5 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 6 a e 2 7 b 0 8 0 e a 2 6 e a 6 6 8 6 8 5 1 2 8 2 e 3 9 5 d e 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 3 . 8 . 1 3 - 3 5 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > b 3 1 5 6 3 d a a 3 3 e c 7 e 4 c 0 9 c 0 1 2 4 3 e c b a e b b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 3 . 8 . 1 3 - 3 5 . e l 6 u e k . n o a r c h . r p m / t d > t d > b 5 4 5 6 2 1 f 0 5 6 0 2 b 0 a f 4 f c 6 0 2 e c 4 0 3 0 e 8 5 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 3 . 8 . 1 3 - 3 5 . e l 6 u e k . n o a r c h . r p m / t d > t d > b a 2 a 4 1 a 0 7 0 9 6 5 e 6 1 8 c 9 b 6 7 c 6 9 6 2 7 2 3 3 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "modified": "2014-05-19T00:00:00", "published": "2014-05-19T00:00:00", "id": "ELSA-2014-3034", "href": "http://linux.oracle.com/errata/ELSA-2014-3034.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:49:24", "bulletinFamily": "unix", "description": "kernel-uek\n[3.8.13-26.2.2.el6uek]\n- netfilter: nf_conntrack_dccp: fix skb_header_pointer API usages (Daniel Borkmann) [Orabug: 18421673] {CVE-2014-2523}\n- cifs: ensure that uncached writes handle unmapped areas correctly (Jeff Layton) [Orabug: 18461067] {CVE-2014-0069} {CVE-2014-0069}\n- net: sctp: fix sctp_sf_do_5_1D_ce to verify if we/peer is AUTH capable (Daniel Borkmann) [Orabug: 18461065] {CVE-2014-0101}\n- vhost-net: insufficient handling of error conditions in get_rx_bufs() (Guangyu Sun) [Orabug: 18461050] {CVE-2014-0055}", "modified": "2014-03-26T00:00:00", "published": "2014-03-26T00:00:00", "id": "ELSA-2014-3014", "href": "http://linux.oracle.com/errata/ELSA-2014-3014.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:25", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nThe ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.\n\nnet/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function.\n\nThe get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors.\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-3.10.37-47.135.amzn1.i686 \n perf-debuginfo-3.10.37-47.135.amzn1.i686 \n kernel-debuginfo-3.10.37-47.135.amzn1.i686 \n perf-3.10.37-47.135.amzn1.i686 \n kernel-debuginfo-common-i686-3.10.37-47.135.amzn1.i686 \n kernel-devel-3.10.37-47.135.amzn1.i686 \n kernel-headers-3.10.37-47.135.amzn1.i686 \n \n noarch: \n kernel-doc-3.10.37-47.135.amzn1.noarch \n \n src: \n kernel-3.10.37-47.135.amzn1.src \n \n x86_64: \n perf-debuginfo-3.10.37-47.135.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.10.37-47.135.amzn1.x86_64 \n kernel-debuginfo-3.10.37-47.135.amzn1.x86_64 \n kernel-3.10.37-47.135.amzn1.x86_64 \n kernel-headers-3.10.37-47.135.amzn1.x86_64 \n perf-3.10.37-47.135.amzn1.x86_64 \n kernel-devel-3.10.37-47.135.amzn1.x86_64 \n \n \n", "modified": "2014-09-18T00:24:00", "published": "2014-09-18T00:24:00", "id": "ALAS-2014-328", "href": "https://alas.aws.amazon.com/ALAS-2014-328.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:30:06", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 66279\r\nCVE ID: CVE-2014-2523\r\n\r\nLinux Kernel\u662fLinux\u64cd\u4f5c\u7cfb\u7edf\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel 2.6.32.61, 3.2.55, 3.4.83, 3.10.33, 3.12.14, 3.13.6\u7248\u672c\u5728 &quot;dccp_new()&quot;, &quot;dccp_packet()&quot;, , &quot;dccp_error()&quot;\u51fd\u6570(net/netfilter/nf_conntrack_proto_dccp.c)\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u6076\u610f\u7528\u6237\u901a\u8fc7\u7279\u5236\u7684DCCP\u6570\u636e\u5305\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u7834\u574f\u5185\u6838\u6808\uff0c\u7136\u540e\u4ee5\u5185\u6838\u6743\u9650\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\n0\nLinux kernel 3.4.x\r\nLinux kernel 3.2.x\r\nLinux kernel 3.13.x\r\nLinux kernel 3.12.x\r\nLinux kernel 3.10.x\r\nLinux kernel 2.6.x\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.kernel.org/", "modified": "2014-03-19T00:00:00", "published": "2014-03-19T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61843", "id": "SSV:61843", "title": "Linux Kernel DCCP\u62a5\u6587\u5904\u7406\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:27:47", "bulletinFamily": "exploit", "description": "Bugtraq ID:66678\r\nCVE ID:CVE-2014-0077\r\n\r\nLinux Kernel\u662fLinux\u64cd\u4f5c\u7cfb\u7edf\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u5728handle_rx()\u51fd\u6570\u5904\u7406\u8f83\u5927\u6570\u636e\u5305\u65f6\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u4f7f\u53d7\u5f71\u54cd\u5e94\u7528\u5d29\u6e83\u3002\n0\nLinux kernel\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8bf7\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.kernel.org/", "modified": "2014-04-09T00:00:00", "published": "2014-04-09T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-62091", "id": "SSV:62091", "title": "Linux Kernel 'handle_rx()'\u51fd\u6570\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "sourceData": "", "cvss": {"score": 5.5, "vector": "AV:ADJACENT_NETWORK/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:COMPLETE/"}, "sourceHref": ""}], "securityvulns": [{"lastseen": "2018-08-31T11:10:51", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2173-1\r\nApril 26, 2014\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nA flaw was discovered in the Linux kernel&#39;s handling of SCTP handshake. A\r\nremote attacker could exploit this flaw to cause a denial of service\r\n&#40;system crash&#41;. &#40;CVE-2014-0101&#41;\r\n\r\nAn error was discovered in the Linux kernel&#39;s DCCP protocol support. A\r\nremote attacked could exploit this flaw to cause a denial of service\r\n&#40;system crash&#41; or possibly execute arbitrary code. &#40;CVE-2014-2523&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 10.04 LTS:\r\n linux-image-2.6.32-58-386 2.6.32-58.120\r\n linux-image-2.6.32-58-generic 2.6.32-58.120\r\n linux-image-2.6.32-58-generic-pae 2.6.32-58.120\r\n linux-image-2.6.32-58-ia64 2.6.32-58.120\r\n linux-image-2.6.32-58-lpia 2.6.32-58.120\r\n linux-image-2.6.32-58-powerpc 2.6.32-58.120\r\n linux-image-2.6.32-58-powerpc-smp 2.6.32-58.120\r\n linux-image-2.6.32-58-powerpc64-smp 2.6.32-58.120\r\n linux-image-2.6.32-58-preempt 2.6.32-58.120\r\n linux-image-2.6.32-58-server 2.6.32-58.120\r\n linux-image-2.6.32-58-sparc64 2.6.32-58.120\r\n linux-image-2.6.32-58-sparc64-smp 2.6.32-58.120\r\n linux-image-2.6.32-58-versatile 2.6.32-58.120\r\n linux-image-2.6.32-58-virtual 2.6.32-58.120\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2173-1\r\n CVE-2014-0101, CVE-2014-2523\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/2.6.32-58.120\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "modified": "2014-05-04T00:00:00", "published": "2014-05-04T00:00:00", "id": "SECURITYVULNS:DOC:30535", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30535", "title": "[USN-2173-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:52", "bulletinFamily": "software", "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2228-1\r\nMay 27, 2014\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 13.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nMatthew Daley reported an information leak in the floppy disk driver of the\r\nLinux kernel. An unprivileged local user could exploit this flaw to obtain\r\npotentially sensitive information from kernel memory. &#40;CVE-2014-1738&#41;\r\n\r\nMatthew Daley reported a flaw in the handling of ioctl commands by the\r\nfloppy disk driver in the Linux kernel. An unprivileged local user could\r\nexploit this flaw to gain administrative privileges if the floppy disk\r\nmodule is loaded. &#40;CVE-2014-1737&#41;\r\n\r\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest\r\nOS users could exploit this flaw to cause a denial of service &#40;host OS\r\ncrash&#41;. &#40;CVE-2014-0055&#41;\r\n\r\nA flaw was discovered in the handling of network packets when mergeable\r\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\r\nusers may exploit this flaw to cause a denial of service &#40;host OS crash&#41; or\r\npossibly gain privilege on the host OS. &#40;CVE-2014-0077&#41;\r\n\r\nNikolay Aleksandrov discovered a race condition in Linux kernel&#39;s IPv4\r\nfragment handling code. Remote attackers could exploit this flaw to cause a\r\ndenial of service &#40;system crash&#41; or possibly have other unspecified impact.\r\n&#40;CVE-2014-0100&#41;\r\n\r\nA flaw was discovered in the Linux kernel&#39;s handling of the SCTP handshake.\r\nA remote attacker could exploit this flaw to cause a denial of service\r\n&#40;system crash&#41;. &#40;CVE-2014-0101&#41;\r\n\r\nA flaw was discovered in the handling of routing information in Linux\r\nkernel&#39;s IPv6 stack. A remote attacker could exploit this flaw to cause a\r\ndenial of service &#40;memory consumption&#41; via a flood of ICMPv6 router\r\nadvertisement packets. &#40;CVE-2014-2309&#41;\r\n\r\nAn error was discovered in the Linux kernel&#39;s DCCP protocol support. A\r\nremote attacked could exploit this flaw to cause a denial of service\r\n&#40;system crash&#41; or possibly execute arbitrary code. &#40;CVE-2014-2523&#41;\r\n\r\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\r\nin the Linux kernel. This race could be exploited by remote attackers to\r\ncause a denial of service &#40;system crash&#41;. &#40;CVE-2014-2672&#41;\r\n\r\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory\r\n&#40;TM&#41; implementation for powerpc based machine. An unprivileged local user\r\ncould exploit this flaw to cause a denial of service &#40;system crash&#41;.\r\n&#40;CVE-2014-2673&#41;\r\n\r\nAn error was discovered in the Reliable Datagram Sockets &#40;RDS&#41; protocol\r\nstack in the Linux kernel. A local user could exploit this flaw to cause a\r\ndenial of service &#40;system crash&#41; or possibly have unspecified other impact.\r\n&#40;CVE-2014-2678&#41;\r\n\r\nYaara Rozenblum discovered a race condition in the Linux kernel&#39;s Generic\r\nIEEE 802.11 Networking Stack &#40;mac80211&#41;. Remote attackers could exploit\r\nthis flaw to cause a denial of service &#40;system crash&#41;. &#40;CVE-2014-2706&#41;\r\n\r\nA flaw was discovered in the Linux kernel&#39;s ping sockets. An unprivileged\r\nlocal user could exploit this flaw to cause a denial of service &#40;system\r\ncrash&#41; or possibly gain privileges via a crafted application.\r\n&#40;CVE-2014-2851&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 13.10:\r\n linux-image-3.11.0-22-generic 3.11.0-22.38\r\n linux-image-3.11.0-22-generic-lpae 3.11.0-22.38\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2228-1\r\n CVE-2014-0055, CVE-2014-0077, CVE-2014-0100, CVE-2014-0101,\r\n CVE-2014-1737, CVE-2014-1738, CVE-2014-2309, CVE-2014-2523,\r\n CVE-2014-2672, CVE-2014-2673, CVE-2014-2678, CVE-2014-2706,\r\n CVE-2014-2851\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.11.0-22.38\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "modified": "2014-05-29T00:00:00", "published": "2014-05-29T00:00:00", "id": "SECURITYVULNS:DOC:30757", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30757", "title": "[USN-2228-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:50", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)", "modified": "2014-04-26T00:00:00", "published": "2014-04-26T00:00:00", "id": "USN-2173-1", "href": "https://usn.ubuntu.com/2173-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:03", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)", "modified": "2014-04-26T00:00:00", "published": "2014-04-26T00:00:00", "id": "USN-2174-1", "href": "https://usn.ubuntu.com/2174-1/", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:09", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel\u2019s virtual memory management subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3122)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2224-1", "href": "https://usn.ubuntu.com/2224-1/", "title": "Linux kernel (Raring HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:23", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel\u2019s IPv4 fragment handling code. Remote attackers could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory \u2122 implementation for powerpc based machine. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2228-1", "href": "https://usn.ubuntu.com/2228-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:29", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel\u2019s IPC reference counting. An unprivileged local user could exploit this flaw to cause a denial of service (OOM system crash). (CVE-2013-4483)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel\u2019s virtual memory management subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3122)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2223-1", "href": "https://usn.ubuntu.com/2223-1/", "title": "Linux kernel (Quantal HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:52", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel\u2019s IPC reference counting. An unprivileged local user could exploit this flaw to cause a denial of service (OOM system crash). (CVE-2013-4483)\n\nAl Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged local user could exploit this flaw to cause a denial of service (system crash), obtain sensitive information from kernel memory, or possibly gain privileges. (CVE-2014-0069)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nJouni Malinen reported a flaw in the handling of fragmentation in the mac8Linux subsystem of the kernel. A remote attacker could exploit this flaw to obtain potential sensitive cleartext information by reading packets. (CVE-2014-8709)", "modified": "2014-05-26T00:00:00", "published": "2014-05-26T00:00:00", "id": "USN-2221-1", "href": "https://usn.ubuntu.com/2221-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:58", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in the Linux kernel. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) of the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7265)\n\nmpb reported an information leak in the Low-Rate Wireless Personal Area Networks support (IEEE 802.15.4) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7281)", "modified": "2014-02-18T00:00:00", "published": "2014-02-18T00:00:00", "id": "USN-2108-1", "href": "https://usn.ubuntu.com/2108-1/", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:09", "bulletinFamily": "unix", "description": "A flaw was discovered in the Linux kernel\u2019s compat ioctls for Adaptec AACRAID scsi raid devices. An unprivileged local user could send administrative commands to these devices potentially compromising the data stored on the device. (CVE-2013-6383)\n\nmpd reported an information leak in the recvfrom, recvmmsg, and recvmsg system calls in the Linux kernel. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7263)\n\nmpb reported an information leak in the Layer Two Tunneling Protocol (l2tp) of the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7264)\n\nmpb reported an information leak in the Phone Network protocol (phonet) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7265)\n\nmpb reported an information leak in the Low-Rate Wireless Personal Area Networks support (IEEE 802.15.4) in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel stack memory. (CVE-2013-7281)", "modified": "2014-02-18T00:00:00", "published": "2014-02-18T00:00:00", "id": "USN-2107-1", "href": "https://usn.ubuntu.com/2107-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:18", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nT\u00f6r\u00f6k Edwin discovered a flaw with Xen netback driver when used with Linux configurations that do not allow sleeping in softirq context. A guest administrator could exploit this flaw to cause a denial of service (system crash) on the host. (CVE-2014-2580)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nHannes Frederic Sowa reported a hash collision ordering problem in the xfs filesystem in the Linux kernel. A local user could exploit this flaw to cause filesystem corruption and a denial of service (oops or panic). (CVE-2014-7283)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2226-1", "href": "https://usn.ubuntu.com/2226-1/", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:41", "bulletinFamily": "unix", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS. (CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel\u2019s IPv4 fragment handling code. Remote attackers could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel\u2019s handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel\u2019s IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel\u2019s DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory \u2122 implementation for powerpc based machine. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel\u2019s Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel\u2019s ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nVincent Tondellier discovered an integer overflow in the Linux kernel\u2019s netfilter connection tracking accounting of loaded extensions. An attacker on the local area network (LAN) could potential exploit this flaw to cause a denial of service (system crash of targeted system). (CVE-2014-9715)", "modified": "2014-05-27T00:00:00", "published": "2014-05-27T00:00:00", "id": "USN-2225-1", "href": "https://usn.ubuntu.com/2225-1/", "title": "Linux kernel (Saucy HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}