{"id": "SL_20140723_KERNEL_ON_SL5_X.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140723)", "description": "- A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate)\n\n - It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself. (CVE-2014-4021, Moderate)\n\nThis update also fixes the following bugs :\n\n - A bug in the journaling block device (jbd and jbd2) code could, under certain circumstances, trigger a BUG_ON() assertion and result in a kernel oops. This happened when an application performed an extensive number of commits to the journal of the ext3 file system and there was no currently active transaction while synchronizing the file's in-core state. This problem has been resolved by correcting respective test conditions in the jbd and jbd2 code.\n\n - After a statically defined gateway became unreachable and its corresponding neighbor entry entered a FAILED state, the gateway stayed in the FAILED state even after it became reachable again. As a consequence, traffic was not routed through that gateway. This update allows probing such a gateway automatically so that the traffic can be routed through this gateway again once it becomes reachable.\n\n - Due to an incorrect condition check in the IPv6 code, the ipv6 driver was unable to correctly assemble incoming packet fragments, which resulted in a high IPv6 packet loss rate. This update fixes the said check for a fragment overlap and ensures that incoming IPv6 packet fragments are now processed as expected.\n\n - Recent changes in the d_splice_alias() function introduced a bug that allowed d_splice_alias() to return a dentry from a different directory than the directory being looked up. As a consequence in cluster environment, a kernel panic could be triggered when a directory was being removed while a concurrent cross-directory operation was performed on this directory on another cluster node. This update avoids the kernel panic in this situation by correcting the search logic in the d_splice_alias() function so that the function can no longer return a dentry from an incorrect directory.\n\n - The NFSv4 server did not handle multiple OPEN operations to the same file separately, which could cause the NFSv4 client to repeatedly send CLOSE requests with the same state ID, even though the NFS server rejected the request with an NFS4ERR_OLD_STATEID (10024) error code.\n This update ensures that the NFSv4 client no longer re-sends the same CLOSE request after receiving NFS4ERR_OLD_STATEID.\n\nThe system must be rebooted for this update to take effect.", "published": "2014-07-25T00:00:00", "modified": "2021-01-14T00:00:00", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cvss2": {}, "cvss3": {"score": null, "vector": null}, "href": "https://www.tenable.com/plugins/nessus/76782", "reporter": "This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4021", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2678", "http://www.nessus.org/u?317a2c7e"], "cvelist": ["CVE-2014-2678", "CVE-2014-4021"], "immutableFields": [], "lastseen": "2021-08-19T12:49:03", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "centos", "idList": ["CESA-2014:0926", "CESA-2014:0981"]}, {"type": "cve", "idList": ["CVE-2014-2678", "CVE-2014-4021"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3006-1:087E5"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-2678", "DEBIANCVE:CVE-2014-4021"]}, {"type": "fedora", "idList": ["FEDORA:0960721640", "FEDORA:131186087E1C", "FEDORA:1835E22100", "FEDORA:18E4222173", "FEDORA:1AE8521943", "FEDORA:1CCC322073", "FEDORA:1EF2D60C422E", "FEDORA:23B6E225A0", "FEDORA:26C5127E25", "FEDORA:26DF321BA7", "FEDORA:2784A21C29", "FEDORA:28A7021A1E", "FEDORA:2A0322BA2C", "FEDORA:2BA602158D", "FEDORA:2EEE52123F", "FEDORA:2F13360877A3", "FEDORA:3060D60E9A21", "FEDORA:33D8860877E1", "FEDORA:3867160CA762", "FEDORA:39B5660877A6", "FEDORA:4359160906D1", "FEDORA:57F742243A", "FEDORA:60A4760D7BFC", "FEDORA:756F822091", "FEDORA:7734E613B647", "FEDORA:83A806087B99", "FEDORA:84C4E22D8F", "FEDORA:857BE60876CE", "FEDORA:8C61D2154D", "FEDORA:8E01360DC908", "FEDORA:8F0BC22D1D", "FEDORA:9330A21FE6", "FEDORA:933ED22AF3", "FEDORA:95CE3608A4B8", "FEDORA:9860860E0662", "FEDORA:A04AF60D68C0", "FEDORA:A4C8660C350E", "FEDORA:A71996092079", "FEDORA:B72CD214AC", "FEDORA:B81A721D1C", "FEDORA:BD41660BC2B1", "FEDORA:C08BD21DF1", "FEDORA:C26F460906BA", "FEDORA:C288E6087B0C", "FEDORA:C35B860CD859", "FEDORA:C56CF6087715", "FEDORA:CFDB8604972F", "FEDORA:D15E060F33C2", "FEDORA:D352760CFA94", "FEDORA:D478B601FBE0", "FEDORA:D69CC24B48", "FEDORA:DB49F219DE", "FEDORA:E3C3621E9B", "FEDORA:E7CE72245B"]}, {"type": "gentoo", "idList": ["GLSA-201407-03"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2014-0926.NASL", "CENTOS_RHSA-2014-0981.NASL", "CITRIX_XENSERVER_CTX140984.NASL", "DEBIAN_DSA-3006.NASL", "EULEROS_SA-2019-1484.NASL", "FEDORA_2014-4844.NASL", "FEDORA_2014-4849.NASL", "FEDORA_2014-7722.NASL", "FEDORA_2014-7734.NASL", "GENTOO_GLSA-201407-03.NASL", "MANDRIVA_MDVSA-2014-124.NASL", "OPENSUSE-2014-441.NASL", "OPENSUSE-2014-451.NASL", "OPENSUSE-2014-579.NASL", "OPENSUSE-2014-580.NASL", "ORACLELINUX_ELSA-2014-0926.NASL", "ORACLELINUX_ELSA-2014-0981.NASL", "ORACLEVM_OVMSA-2015-0004.NASL", "REDHAT-RHSA-2014-0557.NASL", "REDHAT-RHSA-2014-0926.NASL", "REDHAT-RHSA-2014-0981.NASL", "REDHAT-RHSA-2014-1101.NASL", "SUSE_11_KERNEL-140709.NASL", "SUSE_11_XEN-201409-141002.NASL", "SUSE_SU-2014-1691-1.NASL", "SUSE_SU-2014-1710-1.NASL", "SUSE_SU-2014-1732-1.NASL", "UBUNTU_USN-2219-1.NASL", "UBUNTU_USN-2220-1.NASL", "UBUNTU_USN-2221-1.NASL", "UBUNTU_USN-2223-1.NASL", "UBUNTU_USN-2224-1.NASL", "UBUNTU_USN-2225-1.NASL", "UBUNTU_USN-2228-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105145", "OPENVAS:1361412562310121242", "OPENVAS:1361412562310123347", "OPENVAS:1361412562310123350", "OPENVAS:1361412562310123351", "OPENVAS:1361412562310703006", "OPENVAS:1361412562310804551", "OPENVAS:1361412562310841831", "OPENVAS:1361412562310841832", "OPENVAS:1361412562310841834", "OPENVAS:1361412562310841836", "OPENVAS:1361412562310841837", "OPENVAS:1361412562310841838", "OPENVAS:1361412562310841839", "OPENVAS:1361412562310841840", "OPENVAS:1361412562310850593", "OPENVAS:1361412562310850594", "OPENVAS:1361412562310850619", "OPENVAS:1361412562310850620", "OPENVAS:1361412562310850818", "OPENVAS:1361412562310850821", "OPENVAS:1361412562310850840", "OPENVAS:1361412562310850881", "OPENVAS:1361412562310851057", "OPENVAS:1361412562310867680", "OPENVAS:1361412562310867682", "OPENVAS:1361412562310867773", "OPENVAS:1361412562310867774", "OPENVAS:1361412562310867811", "OPENVAS:1361412562310867820", "OPENVAS:1361412562310867852", "OPENVAS:1361412562310867857", "OPENVAS:1361412562310867886", "OPENVAS:1361412562310867905", "OPENVAS:1361412562310867911", "OPENVAS:1361412562310867939", "OPENVAS:1361412562310867952", "OPENVAS:1361412562310867953", "OPENVAS:1361412562310867967", "OPENVAS:1361412562310867986", "OPENVAS:1361412562310868019", "OPENVAS:1361412562310868055", "OPENVAS:1361412562310868076", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310868121", "OPENVAS:1361412562310868122", "OPENVAS:1361412562310868149", "OPENVAS:1361412562310868196", "OPENVAS:1361412562310868351", "OPENVAS:1361412562310868383", "OPENVAS:1361412562310868385", "OPENVAS:1361412562310868403", "OPENVAS:1361412562310868416", "OPENVAS:1361412562310868434", "OPENVAS:1361412562310868437", "OPENVAS:1361412562310868489", "OPENVAS:1361412562310868501", "OPENVAS:1361412562310868524", "OPENVAS:1361412562310868534", "OPENVAS:1361412562310868572", "OPENVAS:1361412562310868574", "OPENVAS:1361412562310868583", "OPENVAS:1361412562310868627", "OPENVAS:1361412562310868851", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310868929", "OPENVAS:1361412562310868984", "OPENVAS:1361412562310869091", "OPENVAS:1361412562310869118", "OPENVAS:1361412562310869213", "OPENVAS:1361412562310869230", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310869337", "OPENVAS:1361412562310869392", "OPENVAS:1361412562310869433", "OPENVAS:1361412562310869464", "OPENVAS:1361412562310871211", "OPENVAS:1361412562310871216", "OPENVAS:1361412562310881973", "OPENVAS:1361412562310881979", "OPENVAS:1361412562311220191484", "OPENVAS:703006", "OPENVAS:804551", "OPENVAS:867680", "OPENVAS:867682", "OPENVAS:867773", "OPENVAS:867774"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0926", "ELSA-2014-0926-1", "ELSA-2014-0981"]}, {"type": "redhat", "idList": ["RHSA-2014:0557", "RHSA-2014:0926", "RHSA-2014:0981", "RHSA-2014:1101", "RHSA-2014:1168"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30757", "SECURITYVULNS:DOC:30901", "SECURITYVULNS:VULN:13706", "SECURITYVULNS:VULN:13852"]}, {"type": "seebug", "idList": ["SSV:62043"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0840-1", "OPENSUSE-SU-2014:0856-1", "OPENSUSE-SU-2014:1279-1", "OPENSUSE-SU-2014:1281-1", "SUSE-SU-2014:0696-1", "SUSE-SU-2014:0807-1", "SUSE-SU-2014:0908-1", "SUSE-SU-2014:0909-1", "SUSE-SU-2014:0910-1", "SUSE-SU-2014:0911-1", "SUSE-SU-2014:0912-1"]}, {"type": "ubuntu", "idList": ["USN-2219-1", "USN-2220-1", "USN-2221-1", "USN-2223-1", "USN-2224-1", "USN-2225-1", "USN-2227-1", "USN-2228-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-2678", "UB:CVE-2014-4021"]}, {"type": "xen", "idList": ["XSA-100"]}], "rev": 4}, "score": {"value": 6.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "centos", "idList": ["CESA-2014:0926", "CESA-2014:0981"]}, {"type": "cve", "idList": ["CVE-2014-2678", "CVE-2014-4021"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-2678"]}, {"type": "fedora", "idList": ["FEDORA:2F13360877A3", "FEDORA:D15E060F33C2", "FEDORA:D69CC24B48"]}, {"type": "gentoo", "idList": ["GLSA-201407-03"]}, {"type": "nessus", "idList": ["EULEROS_SA-2019-1484.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310813197", "OPENVAS:1361412562310841836", "OPENVAS:1361412562310850594", "OPENVAS:1361412562310850620", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310881979"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0981"]}, {"type": "redhat", "idList": ["RHSA-2014:1168"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30757"]}, {"type": "seebug", "idList": ["SSV:62043"]}, {"type": "suse", "idList": ["SUSE-SU-2014:0912-1"]}, {"type": "ubuntu", "idList": ["USN-2221-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-2678"]}, {"type": "xen", "idList": ["XSA-100"]}]}, "exploitation": null, "vulnersScore": 6.1}, "pluginID": "76782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76782);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-4021\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20140723)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - A NULL pointer dereference flaw was found in the\n rds_iw_laddr_check() function in the Linux kernel's\n implementation of Reliable Datagram Sockets (RDS). A\n local, unprivileged user could use this flaw to crash\n the system. (CVE-2014-2678, Moderate)\n\n - It was found that the Xen hypervisor implementation did\n not properly clean memory pages previously allocated by\n the hypervisor. A privileged guest user could\n potentially use this flaw to read data relating to other\n guests or the hypervisor itself. (CVE-2014-4021,\n Moderate)\n\nThis update also fixes the following bugs :\n\n - A bug in the journaling block device (jbd and jbd2) code\n could, under certain circumstances, trigger a BUG_ON()\n assertion and result in a kernel oops. This happened\n when an application performed an extensive number of\n commits to the journal of the ext3 file system and there\n was no currently active transaction while synchronizing\n the file's in-core state. This problem has been resolved\n by correcting respective test conditions in the jbd and\n jbd2 code.\n\n - After a statically defined gateway became unreachable\n and its corresponding neighbor entry entered a FAILED\n state, the gateway stayed in the FAILED state even after\n it became reachable again. As a consequence, traffic was\n not routed through that gateway. This update allows\n probing such a gateway automatically so that the traffic\n can be routed through this gateway again once it becomes\n reachable.\n\n - Due to an incorrect condition check in the IPv6 code,\n the ipv6 driver was unable to correctly assemble\n incoming packet fragments, which resulted in a high IPv6\n packet loss rate. This update fixes the said check for a\n fragment overlap and ensures that incoming IPv6 packet\n fragments are now processed as expected.\n\n - Recent changes in the d_splice_alias() function\n introduced a bug that allowed d_splice_alias() to return\n a dentry from a different directory than the directory\n being looked up. As a consequence in cluster\n environment, a kernel panic could be triggered when a\n directory was being removed while a concurrent\n cross-directory operation was performed on this\n directory on another cluster node. This update avoids\n the kernel panic in this situation by correcting the\n search logic in the d_splice_alias() function so that\n the function can no longer return a dentry from an\n incorrect directory.\n\n - The NFSv4 server did not handle multiple OPEN operations\n to the same file separately, which could cause the NFSv4\n client to repeatedly send CLOSE requests with the same\n state ID, even though the NFS server rejected the\n request with an NFS4ERR_OLD_STATEID (10024) error code.\n This update ensures that the NFSv4 client no longer\n re-sends the same CLOSE request after receiving\n NFS4ERR_OLD_STATEID.\n\nThe system must be rebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1407&L=scientific-linux-errata&T=0&P=2150\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?317a2c7e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"kernel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-debuginfo-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-debuginfo-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debug-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debuginfo-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-debuginfo-common-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-doc-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-headers-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-debuginfo-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"kernel-xen-devel-2.6.18-371.11.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n}\n", "naslFamily": "Scientific Linux Local Security Checks", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-PAE", "p-cpe:/a:fermilab:scientific_linux:kernel-PAE-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-PAE-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:kernel-xen", "p-cpe:/a:fermilab:scientific_linux:kernel-xen-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-xen-devel", "x-cpe:/o:fermilab:scientific_linux"], "solution": "Update the affected packages.", "nessusSeverity": "Medium", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.6"}, "exploitAvailable": false, "exploitEase": "", "patchPublicationDate": "2014-07-23T00:00:00", "vulnerabilityPublicationDate": "2014-04-01T00:00:00", "exploitableWith": [], "_state": {"dependencies": 1647589307, "score": 0}}

{"nessus": [{"lastseen": "2021-08-26T00:44:16", "description": "From Red Hat Security Advisory 2014:0926 :\n\nUpdated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself. (CVE-2014-4021, Moderate)\n\nRed Hat would like to thank the Xen project for reporting CVE-2014-4021. Upstream acknowledges Jan Beulich as the original reporter.\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling block device (jbd and jbd2) code could, under certain circumstances, trigger a BUG_ON() assertion and result in a kernel oops. This happened when an application performed an extensive number of commits to the journal of the ext3 file system and there was no currently active transaction while synchronizing the file's in-core state. This problem has been resolved by correcting respective test conditions in the jbd and jbd2 code. (BZ#1097528)\n\n* After a statically defined gateway became unreachable and its corresponding neighbor entry entered a FAILED state, the gateway stayed in the FAILED state even after it became reachable again. As a consequence, traffic was not routed through that gateway. This update allows probing such a gateway automatically so that the traffic can be routed through this gateway again once it becomes reachable.\n(BZ#1106354)\n\n* Due to an incorrect condition check in the IPv6 code, the ipv6 driver was unable to correctly assemble incoming packet fragments, which resulted in a high IPv6 packet loss rate. This update fixes the said check for a fragment overlap and ensures that incoming IPv6 packet fragments are now processed as expected. (BZ#1107932)\n\n* Recent changes in the d_splice_alias() function introduced a bug that allowed d_splice_alias() to return a dentry from a different directory than the directory being looked up. As a consequence in cluster environment, a kernel panic could be triggered when a directory was being removed while a concurrent cross-directory operation was performed on this directory on another cluster node.\nThis update avoids the kernel panic in this situation by correcting the search logic in the d_splice_alias() function so that the function can no longer return a dentry from an incorrect directory.\n(BZ#1109720)\n\n* The NFSv4 server did not handle multiple OPEN operations to the same file separately, which could cause the NFSv4 client to repeatedly send CLOSE requests with the same state ID, even though the NFS server rejected the request with an NFS4ERR_OLD_STATEID (10024) error code.\nThis update ensures that the NFSv4 client no longer re-sends the same CLOSE request after receiving NFS4ERR_OLD_STATEID. (BZ#1113468)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-27T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2014-0926)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2678", "CVE-2014-4021"], "modified": "2021-08-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-PAE", "p-cpe:/a:oracle:linux:kernel-PAE-devel", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-xen", "p-cpe:/a:oracle:linux:kernel-xen-devel", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2014-0926.NASL", "href": "https://www.tenable.com/plugins/nessus/76856", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:0926 and \n# Oracle Linux Security Advisory ELSA-2014-0926 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76856);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/08/24\");\n\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-4021\");\n script_bugtraq_id(66543, 68070);\n script_xref(name:\"RHSA\", value:\"2014:0926\");\n\n script_name(english:\"Oracle Linux 5 : kernel (ELSA-2014-0926)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2014:0926 :\n\nUpdated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A NULL pointer dereference flaw was found in the\nrds_iw_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* It was found that the Xen hypervisor implementation did not properly\nclean memory pages previously allocated by the hypervisor. A\nprivileged guest user could potentially use this flaw to read data\nrelating to other guests or the hypervisor itself. (CVE-2014-4021,\nModerate)\n\nRed Hat would like to thank the Xen project for reporting\nCVE-2014-4021. Upstream acknowledges Jan Beulich as the original\nreporter.\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling block device (jbd and jbd2) code could,\nunder certain circumstances, trigger a BUG_ON() assertion and result\nin a kernel oops. This happened when an application performed an\nextensive number of commits to the journal of the ext3 file system and\nthere was no currently active transaction while synchronizing the\nfile's in-core state. This problem has been resolved by correcting\nrespective test conditions in the jbd and jbd2 code. (BZ#1097528)\n\n* After a statically defined gateway became unreachable and its\ncorresponding neighbor entry entered a FAILED state, the gateway\nstayed in the FAILED state even after it became reachable again. As a\nconsequence, traffic was not routed through that gateway. This update\nallows probing such a gateway automatically so that the traffic can be\nrouted through this gateway again once it becomes reachable.\n(BZ#1106354)\n\n* Due to an incorrect condition check in the IPv6 code, the ipv6\ndriver was unable to correctly assemble incoming packet fragments,\nwhich resulted in a high IPv6 packet loss rate. This update fixes the\nsaid check for a fragment overlap and ensures that incoming IPv6\npacket fragments are now processed as expected. (BZ#1107932)\n\n* Recent changes in the d_splice_alias() function introduced a bug\nthat allowed d_splice_alias() to return a dentry from a different\ndirectory than the directory being looked up. As a consequence in\ncluster environment, a kernel panic could be triggered when a\ndirectory was being removed while a concurrent cross-directory\noperation was performed on this directory on another cluster node.\nThis update avoids the kernel panic in this situation by correcting\nthe search logic in the d_splice_alias() function so that the function\ncan no longer return a dentry from an incorrect directory.\n(BZ#1109720)\n\n* The NFSv4 server did not handle multiple OPEN operations to the same\nfile separately, which could cause the NFSv4 client to repeatedly send\nCLOSE requests with the same state ID, even though the NFS server\nrejected the request with an NFS4ERR_OLD_STATEID (10024) error code.\nThis update ensures that the NFSv4 client no longer re-sends the same\nCLOSE request after receiving NFS4ERR_OLD_STATEID. (BZ#1113468)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2014-July/004299.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n cve_list = make_list(\"CVE-2014-2678\", \"CVE-2014-4021\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2014-0926\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-PAE-devel-2.6.18\") && rpm_check(release:\"EL5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-debug-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-debug-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-doc-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-doc-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-headers-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-headers-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-xen-devel-2.6.18\") && rpm_check(release:\"EL5\", reference:\"kernel-xen-devel-2.6.18-371.11.1.el5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:49:16", "description": "Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself. (CVE-2014-4021, Moderate)\n\nRed Hat would like to thank the Xen project for reporting CVE-2014-4021. Upstream acknowledges Jan Beulich as the original reporter.\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling block device (jbd and jbd2) code could, under certain circumstances, trigger a BUG_ON() assertion and result in a kernel oops. This happened when an application performed an extensive number of commits to the journal of the ext3 file system and there was no currently active transaction while synchronizing the file's in-core state. This problem has been resolved by correcting respective test conditions in the jbd and jbd2 code. (BZ#1097528)\n\n* After a statically defined gateway became unreachable and its corresponding neighbor entry entered a FAILED state, the gateway stayed in the FAILED state even after it became reachable again. As a consequence, traffic was not routed through that gateway. This update allows probing such a gateway automatically so that the traffic can be routed through this gateway again once it becomes reachable.\n(BZ#1106354)\n\n* Due to an incorrect condition check in the IPv6 code, the ipv6 driver was unable to correctly assemble incoming packet fragments, which resulted in a high IPv6 packet loss rate. This update fixes the said check for a fragment overlap and ensures that incoming IPv6 packet fragments are now processed as expected. (BZ#1107932)\n\n* Recent changes in the d_splice_alias() function introduced a bug that allowed d_splice_alias() to return a dentry from a different directory than the directory being looked up. As a consequence in cluster environment, a kernel panic could be triggered when a directory was being removed while a concurrent cross-directory operation was performed on this directory on another cluster node.\nThis update avoids the kernel panic in this situation by correcting the search logic in the d_splice_alias() function so that the function can no longer return a dentry from an incorrect directory.\n(BZ#1109720)\n\n* The NFSv4 server did not handle multiple OPEN operations to the same file separately, which could cause the NFSv4 client to repeatedly send CLOSE requests with the same state ID, even though the NFS server rejected the request with an NFS4ERR_OLD_STATEID (10024) error code.\nThis update ensures that the NFSv4 client no longer re-sends the same CLOSE request after receiving NFS4ERR_OLD_STATEID. (BZ#1113468)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-24T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2014:0926)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2678", "CVE-2014-4021"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2014-0926.NASL", "href": "https://www.tenable.com/plugins/nessus/76751", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0926. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76751);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-4021\");\n script_bugtraq_id(66543, 68070);\n script_xref(name:\"RHSA\", value:\"2014:0926\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2014:0926)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A NULL pointer dereference flaw was found in the\nrds_iw_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* It was found that the Xen hypervisor implementation did not properly\nclean memory pages previously allocated by the hypervisor. A\nprivileged guest user could potentially use this flaw to read data\nrelating to other guests or the hypervisor itself. (CVE-2014-4021,\nModerate)\n\nRed Hat would like to thank the Xen project for reporting\nCVE-2014-4021. Upstream acknowledges Jan Beulich as the original\nreporter.\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling block device (jbd and jbd2) code could,\nunder certain circumstances, trigger a BUG_ON() assertion and result\nin a kernel oops. This happened when an application performed an\nextensive number of commits to the journal of the ext3 file system and\nthere was no currently active transaction while synchronizing the\nfile's in-core state. This problem has been resolved by correcting\nrespective test conditions in the jbd and jbd2 code. (BZ#1097528)\n\n* After a statically defined gateway became unreachable and its\ncorresponding neighbor entry entered a FAILED state, the gateway\nstayed in the FAILED state even after it became reachable again. As a\nconsequence, traffic was not routed through that gateway. This update\nallows probing such a gateway automatically so that the traffic can be\nrouted through this gateway again once it becomes reachable.\n(BZ#1106354)\n\n* Due to an incorrect condition check in the IPv6 code, the ipv6\ndriver was unable to correctly assemble incoming packet fragments,\nwhich resulted in a high IPv6 packet loss rate. This update fixes the\nsaid check for a fragment overlap and ensures that incoming IPv6\npacket fragments are now processed as expected. (BZ#1107932)\n\n* Recent changes in the d_splice_alias() function introduced a bug\nthat allowed d_splice_alias() to return a dentry from a different\ndirectory than the directory being looked up. As a consequence in\ncluster environment, a kernel panic could be triggered when a\ndirectory was being removed while a concurrent cross-directory\noperation was performed on this directory on another cluster node.\nThis update avoids the kernel panic in this situation by correcting\nthe search logic in the d_splice_alias() function so that the function\ncan no longer return a dentry from an incorrect directory.\n(BZ#1109720)\n\n* The NFSv4 server did not handle multiple OPEN operations to the same\nfile separately, which could cause the NFSv4 client to repeatedly send\nCLOSE requests with the same state ID, even though the NFS server\nrejected the request with an NFS4ERR_OLD_STATEID (10024) error code.\nThis update ensures that the NFSv4 client no longer re-sends the same\nCLOSE request after receiving NFS4ERR_OLD_STATEID. (BZ#1113468)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-4021\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0926\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-371.11.1.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-371.11.1.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:49:13", "description": "Updated kernel packages that fix two security issues and several bugs are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* It was found that the Xen hypervisor implementation did not properly clean memory pages previously allocated by the hypervisor. A privileged guest user could potentially use this flaw to read data relating to other guests or the hypervisor itself. (CVE-2014-4021, Moderate)\n\nRed Hat would like to thank the Xen project for reporting CVE-2014-4021. Upstream acknowledges Jan Beulich as the original reporter.\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling block device (jbd and jbd2) code could, under certain circumstances, trigger a BUG_ON() assertion and result in a kernel oops. This happened when an application performed an extensive number of commits to the journal of the ext3 file system and there was no currently active transaction while synchronizing the file's in-core state. This problem has been resolved by correcting respective test conditions in the jbd and jbd2 code. (BZ#1097528)\n\n* After a statically defined gateway became unreachable and its corresponding neighbor entry entered a FAILED state, the gateway stayed in the FAILED state even after it became reachable again. As a consequence, traffic was not routed through that gateway. This update allows probing such a gateway automatically so that the traffic can be routed through this gateway again once it becomes reachable.\n(BZ#1106354)\n\n* Due to an incorrect condition check in the IPv6 code, the ipv6 driver was unable to correctly assemble incoming packet fragments, which resulted in a high IPv6 packet loss rate. This update fixes the said check for a fragment overlap and ensures that incoming IPv6 packet fragments are now processed as expected. (BZ#1107932)\n\n* Recent changes in the d_splice_alias() function introduced a bug that allowed d_splice_alias() to return a dentry from a different directory than the directory being looked up. As a consequence in cluster environment, a kernel panic could be triggered when a directory was being removed while a concurrent cross-directory operation was performed on this directory on another cluster node.\nThis update avoids the kernel panic in this situation by correcting the search logic in the d_splice_alias() function so that the function can no longer return a dentry from an incorrect directory.\n(BZ#1109720)\n\n* The NFSv4 server did not handle multiple OPEN operations to the same file separately, which could cause the NFSv4 client to repeatedly send CLOSE requests with the same state ID, even though the NFS server rejected the request with an NFS4ERR_OLD_STATEID (10024) error code.\nThis update ensures that the NFSv4 client no longer re-sends the same CLOSE request after receiving NFS4ERR_OLD_STATEID. (BZ#1113468)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-25T00:00:00", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2014:0926)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2678", "CVE-2014-4021"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-PAE", "p-cpe:/a:centos:centos:kernel-PAE-devel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-xen", "p-cpe:/a:centos:centos:kernel-xen-devel", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2014-0926.NASL", "href": "https://www.tenable.com/plugins/nessus/76779", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0926 and \n# CentOS Errata and Security Advisory 2014:0926 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76779);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-4021\");\n script_bugtraq_id(66543, 68070);\n script_xref(name:\"RHSA\", value:\"2014:0926\");\n\n script_name(english:\"CentOS 5 : kernel (CESA-2014:0926)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nModerate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A NULL pointer dereference flaw was found in the\nrds_iw_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* It was found that the Xen hypervisor implementation did not properly\nclean memory pages previously allocated by the hypervisor. A\nprivileged guest user could potentially use this flaw to read data\nrelating to other guests or the hypervisor itself. (CVE-2014-4021,\nModerate)\n\nRed Hat would like to thank the Xen project for reporting\nCVE-2014-4021. Upstream acknowledges Jan Beulich as the original\nreporter.\n\nThis update also fixes the following bugs :\n\n* A bug in the journaling block device (jbd and jbd2) code could,\nunder certain circumstances, trigger a BUG_ON() assertion and result\nin a kernel oops. This happened when an application performed an\nextensive number of commits to the journal of the ext3 file system and\nthere was no currently active transaction while synchronizing the\nfile's in-core state. This problem has been resolved by correcting\nrespective test conditions in the jbd and jbd2 code. (BZ#1097528)\n\n* After a statically defined gateway became unreachable and its\ncorresponding neighbor entry entered a FAILED state, the gateway\nstayed in the FAILED state even after it became reachable again. As a\nconsequence, traffic was not routed through that gateway. This update\nallows probing such a gateway automatically so that the traffic can be\nrouted through this gateway again once it becomes reachable.\n(BZ#1106354)\n\n* Due to an incorrect condition check in the IPv6 code, the ipv6\ndriver was unable to correctly assemble incoming packet fragments,\nwhich resulted in a high IPv6 packet loss rate. This update fixes the\nsaid check for a fragment overlap and ensures that incoming IPv6\npacket fragments are now processed as expected. (BZ#1107932)\n\n* Recent changes in the d_splice_alias() function introduced a bug\nthat allowed d_splice_alias() to return a dentry from a different\ndirectory than the directory being looked up. As a consequence in\ncluster environment, a kernel panic could be triggered when a\ndirectory was being removed while a concurrent cross-directory\noperation was performed on this directory on another cluster node.\nThis update avoids the kernel panic in this situation by correcting\nthe search logic in the d_splice_alias() function so that the function\ncan no longer return a dentry from an incorrect directory.\n(BZ#1109720)\n\n* The NFSv4 server did not handle multiple OPEN operations to the same\nfile separately, which could cause the NFSv4 client to repeatedly send\nCLOSE requests with the same state ID, even though the NFS server\nrejected the request with an NFS4ERR_OLD_STATEID (10024) error code.\nThis update ensures that the NFSv4 client no longer re-sends the same\nCLOSE request after receiving NFS4ERR_OLD_STATEID. (BZ#1113468)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-July/020443.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?11f5af27\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-2678\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", cpu:\"i386\", reference:\"kernel-PAE-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-debug-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-devel-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-doc-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-headers-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-2.6.18-371.11.1.el5\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"kernel-xen-devel-2.6.18-371.11.1.el5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:49:12", "description": "Hypervisor heap contents leaked to guest, with extra patch to avoid regression\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-05T00:00:00", "type": "nessus", "title": "Fedora 19 : xen-4.2.4-6.fc19 (2014-7734)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xen", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-7734.NASL", "href": "https://www.tenable.com/plugins/nessus/76371", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-7734.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76371);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-4021\");\n script_bugtraq_id(68070);\n script_xref(name:\"FEDORA\", value:\"2014-7734\");\n\n script_name(english:\"Fedora 19 : xen-4.2.4-6.fc19 (2014-7734)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hypervisor heap contents leaked to guest, with extra patch to avoid\nregression\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1103646\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?23b7402f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"xen-4.2.4-6.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 2.7, "vector": "AV:A/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:49:14", "description": "Hypervisor heap contents leaked to guest, with extra patch to avoid regression\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-05T00:00:00", "type": "nessus", "title": "Fedora 20 : xen-4.3.2-6.fc20 (2014-7722)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:xen", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-7722.NASL", "href": "https://www.tenable.com/plugins/nessus/76370", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-7722.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76370);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-4021\");\n script_bugtraq_id(68070);\n script_xref(name:\"FEDORA\", value:\"2014-7722\");\n\n script_name(english:\"Fedora 20 : xen-4.3.2-6.fc20 (2014-7722)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hypervisor heap contents leaked to guest, with extra patch to avoid\nregression\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1103646\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?455cdda6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"xen-4.3.2-6.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 2.7, "vector": "AV:A/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:50:44", "description": "The 3.13.9 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-04-09T00:00:00", "type": "nessus", "title": "Fedora 20 : kernel-3.13.9-200.fc20 (2014-4844)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2678"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-4844.NASL", "href": "https://www.tenable.com/plugins/nessus/73427", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-4844.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73427);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-2678\");\n script_bugtraq_id(66543);\n script_xref(name:\"FEDORA\", value:\"2014-4844\");\n\n script_name(english:\"Fedora 20 : kernel-3.13.9-200.fc20 (2014-4844)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.13.9 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1083274\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131276.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?38c1deb5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"kernel-3.13.9-200.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:49:12", "description": "The remote host is running a version of Citrix XenServer that is affected by multiple vulnerabilities :\n\n - An information disclosure exists due to the Xen hypervisor's failure to properly clean memory pages.\n (CVE-2014-4021)\n\n - An unspecified vulnerability exists due to a buffer overflow in the HVM graphics console. (CVE-2014-4947)\n\n - XenServer is affected by an unspecified denial of service and information disclosure vulnerability.\n (CVE-2014-4948)", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-07-24T00:00:00", "type": "nessus", "title": "Citrix XenServer Multiple Vulnerabilities (CTX140984)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-4947", "CVE-2014-4948"], "modified": "2018-07-09T00:00:00", "cpe": ["cpe:/a:citrix:xenserver"], "id": "CITRIX_XENSERVER_CTX140984.NASL", "href": "https://www.tenable.com/plugins/nessus/76771", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76771);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/07/09 12:26:58\");\n\n script_cve_id(\"CVE-2014-4021\", \"CVE-2014-4947\", \"CVE-2014-4948\");\n script_bugtraq_id(68070, 68659, 68660);\n\n script_name(english:\"Citrix XenServer Multiple Vulnerabilities (CTX140984)\");\n script_summary(english:\"Checks XenServer version and installed hotfixes.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of Citrix XenServer that is\naffected by multiple vulnerabilities :\n\n - An information disclosure exists due to the Xen\n hypervisor's failure to properly clean memory pages.\n (CVE-2014-4021)\n\n - An unspecified vulnerability exists due to a buffer\n overflow in the HVM graphics console. (CVE-2014-4947)\n\n - XenServer is affected by an unspecified denial of\n service and information disclosure vulnerability.\n (CVE-2014-4948)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.citrix.com/article/CTX140984\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the relevant hotfix referenced in the advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/07/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:citrix:xenserver\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"citrix_xenserver_version.nbin\");\n script_require_keys(\"Host/XenServer/version\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\napp_name = \"Citrix XenServer\";\nversion = get_kb_item_or_exit(\"Host/XenServer/version\");\nget_kb_item_or_exit(\"Host/local_checks_enabled\");\npatches = get_kb_item(\"Host/XenServer/patches\");\nvuln = FALSE;\n\n# We will do our checks within the branches because 6.0.2 needs\n# special treatment.\nif (version == \"6.0.0\")\n{\n fix = \"XS60E039 / XS60E038\";\n if (\"XS60E039\" >!< patches || \"XS60E038\" >!< patches) vuln = TRUE;\n}\nelse if (version == \"6.0.2\")\n{\n fix = \"XS602E035 or XS602ECC011 / XS602ECC010\";\n if (\"XS602E035\" >!< patches && (\"XS602ECC011\" >!< patches || \"XS602ECC010\" >!< patches)) vuln = TRUE;\n}\nelse if (version =~ \"^6\\.1\\.\")\n{\n fix = \"XS61E041 / XS61E040\";\n if (\"XS61E041\" >!< patches || \"XS61E040\" >!< patches) vuln = TRUE;\n}\nelse if (version =~ \"^6\\.2\\.\")\n{\n fix = \"XS62ESP1008\";\n if (\"XS62ESP1008\" >!< patches) vuln = TRUE;\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, app_name, version);\n\nif (vuln)\n{\n port = 0;\n report =\n '\\n Installed version : ' + version +\n '\\n Missing hotfix : ' + fix +\n '\\n';\n\n security_report_v4(severity:SECURITY_HOLE, extra:report, port:port);\n}\nelse audit(AUDIT_PATCH_INSTALLED, fix);\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:50:21", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel for systems that lack RDS transports. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-27T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2220-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2678"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts"], "id": "UBUNTU_USN-2220-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74183", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2220-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74183);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2678\");\n script_bugtraq_id(66351, 66543, 67300, 67302);\n script_xref(name:\"USN\", value:\"2220-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-2220-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol\nimplementation in the Linux kernel for systems that lack RDS\ntransports. An unprivileged local user could exploit this flaw to\ncause a denial of service (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2220-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2678\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2220-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-364-ec2\", pkgver:\"2.6.32-364.77\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:50:26", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel for systems that lack RDS transports. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-27T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-2219-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2678"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts"], "id": "UBUNTU_USN-2219-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74182", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2219-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74182);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2678\");\n script_bugtraq_id(66351, 66543, 67300, 67302);\n script_xref(name:\"USN\", value:\"2219-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerabilities (USN-2219-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol\nimplementation in the Linux kernel for systems that lack RDS\ntransports. An unprivileged local user could exploit this flaw to\ncause a denial of service (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2219-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7339\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2678\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2219-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-386\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-generic\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-generic-pae\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-lpia\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-preempt\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-server\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-versatile\", pkgver:\"2.6.32-60.122\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-60-virtual\", pkgver:\"2.6.32-60.122\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:50:39", "description": "The 3.13.9 stable update contains a number of important fixes across the tree. The 3.13.8 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-04-09T00:00:00", "type": "nessus", "title": "Fedora 19 : kernel-3.13.9-100.fc19 (2014-4849)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2568", "CVE-2014-2580", "CVE-2014-2678"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-4849.NASL", "href": "https://www.tenable.com/plugins/nessus/73428", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-4849.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(73428);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-2568\", \"CVE-2014-2580\", \"CVE-2014-2678\");\n script_bugtraq_id(66348, 66386, 66441, 66543, 66678);\n script_xref(name:\"FEDORA\", value:\"2014-4849\");\n\n script_name(english:\"Fedora 19 : kernel-3.13.9-100.fc19 (2014-4849)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 3.13.9 stable update contains a number of important fixes across\nthe tree. The 3.13.8 stable update contains a number of important\nfixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1062577\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1064440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1079012\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1080084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1083274\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131224.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?29650b38\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/04/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"kernel-3.13.9-100.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 5.5, "vector": "AV:A/AC:L/Au:S/C:N/I:N/A:C"}}, {"lastseen": "2021-09-01T02:26:25", "description": "Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter.\nA local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2851, Important)\n\n* A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate)\n\n* It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter. (CVE-2014-2672, Moderate)\n\n* A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system. (CVE-2014-2706, Moderate)\n\nThis update also fixes the following bugs :\n\n* The Completely Fair Scheduler (CFS) did not verify whether the CFS period timer is running while throttling tasks on the CFS run queue.\nTherefore under certain circumstances, the CFS run queue became stuck because the CFS period timer was inactive and could not be restarted.\nTo fix this problem, the CFS now restarts the CFS period timer inside the throttling function if it is inactive. (BZ#1120666)\n\n* A previous change to the SCSI code fixed a race condition that could occur when removing a SCSI device. However, that change caused performance degradation because it used a certain function from the block layer code that was returning different values compared with later versions of the kernel. This update alters the SCSI code to properly utilize the values returned by the block layer code.\n(BZ#1117581)\n\n* If a statically defined gateway became unreachable and its corresponding neighbor entry entered a FAILED state, the gateway stayed in the FAILED state even after it became reachable again. This prevented routing of the traffic through that gateway. This update allows probing such a gateway automatically and routing the traffic through the gateway again once it becomes reachable. (BZ#1115262)\n\n* A miscalculation in the 'radix_tree' swap encoding corrupted swap area indexes bigger than 8 by truncating lower bits of swap entries.\nConsequently, systems with more than 8 swap areas could trigger a bogus OOM scenario when swapping out to such a swap area. This update fixes this problem by reducing a return value of the SWP_TYPE_SHIFT() function and removing a broken function call from the read_swap_header() function. (BZ#1099727)\n\n* The automatic route cache rebuilding feature could incorrectly compute the length of a route hash chain if the cache contained multiple entries with the same key but a different TOS, mark, or OIF bit. Consequently, the feature could reach the rebuild limit and disable the routing cache on the system. This problem is fixed by using a helper function that avoids counting such duplicate routes.\n(BZ#1113823)\n\n* When booting a guest in the Hyper-V environment and enough of Programmable Interval Timer (PIT) interrupts were lost or not injected into the guest on time, the kernel panicked and the guest failed to boot. This problem has been fixed by bypassing the relevant PIT check when the guest is running under the Hyper-V environment. (BZ#1112225)\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2014:1101)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.4"], "id": "REDHAT-RHSA-2014-1101.NASL", "href": "https://www.tenable.com/plugins/nessus/79043", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1101. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79043);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n script_bugtraq_id(66351, 66492, 66543, 66591, 66779);\n script_xref(name:\"RHSA\", value:\"2014:1101\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:1101)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.4 Extended\nUpdate Support.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A use-after-free flaw was found in the way the ping_init_sock()\nfunction of the Linux kernel handled the group_info reference counter.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2851,\nImportant)\n\n* A NULL pointer dereference flaw was found in the\nrds_ib_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2013-7339, Moderate)\n\n* It was found that a remote attacker could use a race condition flaw\nin the ath_tx_aggr_sleep() function to crash the system by creating\nlarge network traffic on the system's Atheros 9k wireless network\nadapter. (CVE-2014-2672, Moderate)\n\n* A NULL pointer dereference flaw was found in the\nrds_iw_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's\nmac80211 subsystem implementation handled synchronization between TX\nand STA wake-up code paths. A remote attacker could use this flaw to\ncrash the system. (CVE-2014-2706, Moderate)\n\nThis update also fixes the following bugs :\n\n* The Completely Fair Scheduler (CFS) did not verify whether the CFS\nperiod timer is running while throttling tasks on the CFS run queue.\nTherefore under certain circumstances, the CFS run queue became stuck\nbecause the CFS period timer was inactive and could not be restarted.\nTo fix this problem, the CFS now restarts the CFS period timer inside\nthe throttling function if it is inactive. (BZ#1120666)\n\n* A previous change to the SCSI code fixed a race condition that could\noccur when removing a SCSI device. However, that change caused\nperformance degradation because it used a certain function from the\nblock layer code that was returning different values compared with\nlater versions of the kernel. This update alters the SCSI code to\nproperly utilize the values returned by the block layer code.\n(BZ#1117581)\n\n* If a statically defined gateway became unreachable and its\ncorresponding neighbor entry entered a FAILED state, the gateway\nstayed in the FAILED state even after it became reachable again. This\nprevented routing of the traffic through that gateway. This update\nallows probing such a gateway automatically and routing the traffic\nthrough the gateway again once it becomes reachable. (BZ#1115262)\n\n* A miscalculation in the 'radix_tree' swap encoding corrupted swap\narea indexes bigger than 8 by truncating lower bits of swap entries.\nConsequently, systems with more than 8 swap areas could trigger a\nbogus OOM scenario when swapping out to such a swap area. This update\nfixes this problem by reducing a return value of the SWP_TYPE_SHIFT()\nfunction and removing a broken function call from the\nread_swap_header() function. (BZ#1099727)\n\n* The automatic route cache rebuilding feature could incorrectly\ncompute the length of a route hash chain if the cache contained\nmultiple entries with the same key but a different TOS, mark, or OIF\nbit. Consequently, the feature could reach the rebuild limit and\ndisable the routing cache on the system. This problem is fixed by\nusing a helper function that avoids counting such duplicate routes.\n(BZ#1113823)\n\n* When booting a guest in the Hyper-V environment and enough of\nProgrammable Interval Timer (PIT) interrupts were lost or not injected\ninto the guest on time, the kernel panicked and the guest failed to\nboot. This problem has been fixed by bypassing the relevant PIT check\nwhen the guest is running under the Hyper-V environment. (BZ#1112225)\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. The system\nmust be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-7339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2672\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2851\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-7339\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2014:1101\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1101\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", sp:\"4\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-358.48.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:45:57", "description": "Xen has been updated to fix six security issues :\n\n - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030).\n\n - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor (CVE-2014-8867).\n\n - Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595).\n\n - Guest user mode triggerable VM exits not handled by hypervisor (bnc#903850).\n\n - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation (CVE-2014-7155).\n\n - Hypervisor heap contents leaked to guests (CVE-2014-4021).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLES10 Security Update : Xen (SUSE-SU-2014:1691-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-7155", "CVE-2014-8594", "CVE-2014-8595", "CVE-2014-8866", "CVE-2014-8867", "CVE-2014-9030"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-devel", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-doc-pdf", "p-cpe:/a:novell:suse_linux:xen-doc-ps", "p-cpe:/a:novell:suse_linux:xen-kmp-bigsmp", "p-cpe:/a:novell:suse_linux:xen-kmp-debug", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-kmp-kdump", "p-cpe:/a:novell:suse_linux:xen-kmp-kdumppae", "p-cpe:/a:novell:suse_linux:xen-kmp-smp", "p-cpe:/a:novell:suse_linux:xen-kmp-vmi", "p-cpe:/a:novell:suse_linux:xen-kmp-vmipae", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "p-cpe:/a:novell:suse_linux:xen-tools-ioemu", "cpe:/o:novell:suse_linux:10"], "id": "SUSE_SU-2014-1691-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83651", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:1691-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83651);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-4021\", \"CVE-2014-7155\", \"CVE-2014-8594\", \"CVE-2014-8595\", \"CVE-2014-8866\", \"CVE-2014-8867\", \"CVE-2014-9030\");\n script_bugtraq_id(68070, 70057, 71149, 71151, 71207, 71331, 71332);\n\n script_name(english:\"SUSE SLES10 Security Update : Xen (SUSE-SU-2014:1691-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Xen has been updated to fix six security issues :\n\n - Guest effectable page reference leak in\n MMU_MACHPHYS_UPDATE handling (CVE-2014-9030).\n\n - Insufficient bounding of 'REP MOVS' to MMIO emulated\n inside the hypervisor (CVE-2014-8867).\n\n - Missing privilege level checks in x86 emulation of far\n branches (CVE-2014-8595).\n\n - Guest user mode triggerable VM exits not handled by\n hypervisor (bnc#903850).\n\n - Missing privilege level checks in x86 HLT, LGDT, LIDT,\n and LMSW emulation (CVE-2014-7155).\n\n - Hypervisor heap contents leaked to guests\n (CVE-2014-4021).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=880751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=903850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=903970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=905467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=906439\"\n );\n # https://download.suse.com/patch/finder/?keywords=2430903f7edca75f2ff542e854abf451\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c1ba1e75\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8594/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8595/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8866/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8867/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9030/\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20141691-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0b43f28e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected Xen packages\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-ps\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-kdumppae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-smp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-vmi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-vmipae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-ioemu\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES10\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-devel-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-html-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-pdf-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-doc-ps-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-debug-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-default-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-kdump-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-smp-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-domU-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-tools-ioemu-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-libs-32bit-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-bigsmp-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-kdumppae-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-vmi-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"xen-kmp-vmipae-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-devel-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-doc-html-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-doc-pdf-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-doc-ps-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-debug-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-default-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-kdump-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-smp-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-libs-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-domU-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-tools-ioemu-3.2.3_17040_46-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-bigsmp-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-kdumppae-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-vmi-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"i586\", reference:\"xen-kmp-vmipae-3.2.3_17040_46_2.6.16.60_0.107.24-0.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Xen\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-05-10T17:35:22", "description": "The Linux kernel was updated to fix security issues and bugs :\n\nSecurity issues fixed: CVE-2014-3153: The futex_requeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.\n\nCVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable buffers are disabled, did not properly validate packet lengths, which allowed guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.\n\nCVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package did not properly handle vhost_get_vq_desc errors, which allowed guest OS users to cause a denial of service (host OS crash) via unspecified vectors.\n\nCVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.\n\nCVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.\n\nCVE-2014-2851: Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.\n\nCVE-2014-3122: The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel did not properly consider which pages must be locked, which allowed local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table mappings.\n\nBugs fixed :\n\n - memcg: deprecate memory.force_empty knob (bnc#878274).", "cvss3": {"score": null, "vector": null}, "published": "2014-07-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (openSUSE-SU-2014:0856-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2678", "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3153"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debugsource", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace-debugsource", "p-cpe:/a:novell:opensuse:kernel-trace-devel", "p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2014-451.NASL", "href": "https://www.tenable.com/plugins/nessus/76342", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-451.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76342);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-2678\", \"CVE-2014-2851\", \"CVE-2014-3122\", \"CVE-2014-3153\");\n\n script_name(english:\"openSUSE Security Update : kernel (openSUSE-SU-2014:0856-1)\");\n script_summary(english:\"Check for the openSUSE-2014-451 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel was updated to fix security issues and bugs :\n\nSecurity issues fixed: CVE-2014-3153: The futex_requeue function in\nkernel/futex.c in the Linux kernel did not ensure that calls have two\ndifferent futex addresses, which allowed local users to gain\nprivileges via a crafted FUTEX_REQUEUE command that facilitates unsafe\nwaiter modification.\n\nCVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable\nbuffers are disabled, did not properly validate packet lengths, which\nallowed guest OS users to cause a denial of service (memory corruption\nand host OS crash) or possibly gain privileges on the host OS via\ncrafted packets, related to the handle_rx and get_rx_bufs functions.\n\nCVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the\nvhost-net subsystem in the Linux kernel package did not properly\nhandle vhost_get_vq_desc errors, which allowed guest OS users to cause\na denial of service (host OS crash) via unspecified vectors.\n\nCVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the\nLinux kernel allowed local users to cause a denial of service (NULL\npointer dereference and system crash) or possibly have unspecified\nother impact via a bind system call for an RDS socket on a system that\nlacks RDS transports.\n\nCVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the\nLinux kernel allowed local users to cause a denial of service (NULL\npointer dereference and system crash) or possibly have unspecified\nother impact via a bind system call for an RDS socket on a system that\nlacks RDS transports.\n\nCVE-2014-2851: Integer overflow in the ping_init_sock function in\nnet/ipv4/ping.c in the Linux kernel allowed local users to cause a\ndenial of service (use-after-free and system crash) or possibly gain\nprivileges via a crafted application that leverages an improperly\nmanaged reference counter.\n\nCVE-2014-3122: The try_to_unmap_cluster function in mm/rmap.c in the\nLinux kernel did not properly consider which pages must be locked,\nwhich allowed local users to cause a denial of service (system crash)\nby triggering a memory-usage pattern that requires removal of\npage-table mappings.\n\nBugs fixed :\n\n - memcg: deprecate memory.force_empty knob (bnc#878274).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=869563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=873374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=876102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-07/msg00002.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android \"Towelroot\" Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-default-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-source-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-source-vanilla-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"kernel-syms-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-desktop-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-ec2-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-pae-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-trace-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-vanilla-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"i686\", reference:\"kernel-xen-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-trace-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.7.10-1.36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-debuginfo-3.7.10-1.36.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:47:05", "description": "The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2015-0004 for details.", "cvss3": {"score": null, "vector": null}, "published": "2015-01-23T00:00:00", "type": "nessus", "title": "OracleVM 3.3 : xen (OVMSA-2015-0004)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-5146", "CVE-2014-5149", "CVE-2014-8595", "CVE-2014-8866", "CVE-2014-8867", "CVE-2014-9065", "CVE-2014-9066"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:xen", "p-cpe:/a:oracle:vm:xen-tools", "cpe:/o:oracle:vm_server:3.3"], "id": "ORACLEVM_OVMSA-2015-0004.NASL", "href": "https://www.tenable.com/plugins/nessus/80928", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2015-0004.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80928);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-4021\", \"CVE-2014-5146\", \"CVE-2014-5149\", \"CVE-2014-8595\", \"CVE-2014-8866\", \"CVE-2014-8867\", \"CVE-2014-9065\", \"CVE-2014-9066\");\n script_bugtraq_id(68070, 69198, 69199, 71151, 71331, 71332, 71544, 71546);\n\n script_name(english:\"OracleVM 3.3 : xen (OVMSA-2015-0004)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates : please see Oracle VM Security Advisory\nOVMSA-2015-0004 for details.\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2015-January/000256.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42e43aca\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen / xen-tools packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.3\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.3\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.3\", reference:\"xen-4.3.0-55.el6.0.16\")) flag++;\nif (rpm_check(release:\"OVS3.3\", reference:\"xen-tools-4.3.0-55.el6.0.16\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-tools\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-09T01:51:19", "description": "The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0981 advisory.\n\n - Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.\n (CVE-2014-2851)\n\n - The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. (CVE-2013-7339)\n\n - The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and\n __skb_get_nlattr_nest functions before the vulnerability was announced. (CVE-2014-3144)\n\n - The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.\n (CVE-2014-3145)\n\n - The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. (CVE-2014-2678)\n\n - The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that calls have two different futex addresses, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command. (CVE-2012-6647)\n\n - Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions. (CVE-2014-2672)\n\n - Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. (CVE-2014-2706)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-30T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : kernel (ELSA-2014-0981)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6647", "CVE-2013-7339", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2014-0981.NASL", "href": "https://www.tenable.com/plugins/nessus/76888", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2014-0981.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76888);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\n \"CVE-2012-6647\",\n \"CVE-2013-7339\",\n \"CVE-2014-2672\",\n \"CVE-2014-2678\",\n \"CVE-2014-2706\",\n \"CVE-2014-2851\",\n \"CVE-2014-3144\",\n \"CVE-2014-3145\"\n );\n script_bugtraq_id(\n 66351,\n 66492,\n 66543,\n 66591,\n 66779,\n 67300,\n 67302,\n 67309,\n 67321,\n 67395,\n 67906,\n 68125,\n 68411,\n 68683\n );\n script_xref(name:\"RHSA\", value:\"2014:0981\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2014-0981)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2014-0981 advisory.\n\n - Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1\n allows local users to cause a denial of service (use-after-free and system crash) or possibly gain\n privileges via a crafted application that leverages an improperly managed reference counter.\n (CVE-2014-2851)\n\n - The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to\n cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other\n impact via a bind system call for an RDS socket on a system that lacks RDS transports. (CVE-2013-7339)\n\n - The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter\n function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length\n value is sufficiently large, which allows local users to cause a denial of service (integer underflow and\n system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and\n __skb_get_nlattr_nest functions before the vulnerability was announced. (CVE-2014-3144)\n\n - The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in\n the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users\n to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected\n code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced.\n (CVE-2014-3145)\n\n - The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to\n cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other\n impact via a bind system call for an RDS socket on a system that lacks RDS transports. (CVE-2014-2678)\n\n - The futex_wait_requeue_pi function in kernel/futex.c in the Linux kernel before 3.5.1 does not ensure that\n calls have two different futex addresses, which allows local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other impact via a crafted\n FUTEX_WAIT_REQUEUE_PI command. (CVE-2012-6647)\n\n - Race condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux\n kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large\n amount of network traffic that triggers certain list deletions. (CVE-2014-2672)\n\n - Race condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to\n cause a denial of service (system crash) via network traffic that improperly interacts with the\n WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c. (CVE-2014-2706)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2014-0981.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-2851\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['2.6.32-431.23.3.el6'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2014-0981');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '2.6';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-2.6.32'},\n {'reference':'kernel-abi-whitelists-2.6.32-431.23.3.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-abi-whitelists-2.6.32'},\n {'reference':'kernel-debug-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-debug-devel-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-debug-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-devel-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-devel-2.6.32'},\n {'reference':'kernel-firmware-2.6.32-431.23.3.el6', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-firmware-2.6.32'},\n {'reference':'kernel-headers-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'kernel-headers-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-headers-2.6.32'},\n {'reference':'perf-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-431.23.3.el6', 'cpu':'i686', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-2.6.32-431.23.3.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / etc');\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-01T02:30:13", "description": "Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter.\nA local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2851, Important)\n\n* A NULL pointer dereference flaw was found in the way the futex_wait_requeue_pi() function of the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to crash the system.\n(CVE-2012-6647, Moderate)\n\n* A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate)\n\n* It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter. (CVE-2014-2672, Moderate)\n\n* A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system. (CVE-2014-2706, Moderate)\n\n* An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145, Moderate)\n\nThis update also fixes several bugs and adds one enhancement.\nDocumentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. The system must be rebooted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-08-01T00:00:00", "type": "nessus", "title": "CentOS 6 : kernel (CESA-2014:0981)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6647", "CVE-2013-7339", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-debug-devel", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-firmware", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2014-0981.NASL", "href": "https://www.tenable.com/plugins/nessus/76948", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0981 and \n# CentOS Errata and Security Advisory 2014:0981 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76948);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-6647\", \"CVE-2013-7339\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_bugtraq_id(66351, 66492, 66543, 66591, 66779, 67309, 67321, 67395);\n script_xref(name:\"RHSA\", value:\"2014:0981\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2014:0981)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues, several\nbugs, and add one enhancement are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A use-after-free flaw was found in the way the ping_init_sock()\nfunction of the Linux kernel handled the group_info reference counter.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2851,\nImportant)\n\n* A NULL pointer dereference flaw was found in the way the\nfutex_wait_requeue_pi() function of the Linux kernel's futex subsystem\nhandled the requeuing of certain Priority Inheritance (PI) futexes. A\nlocal, unprivileged user could use this flaw to crash the system.\n(CVE-2012-6647, Moderate)\n\n* A NULL pointer dereference flaw was found in the\nrds_ib_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2013-7339, Moderate)\n\n* It was found that a remote attacker could use a race condition flaw\nin the ath_tx_aggr_sleep() function to crash the system by creating\nlarge network traffic on the system's Atheros 9k wireless network\nadapter. (CVE-2014-2672, Moderate)\n\n* A NULL pointer dereference flaw was found in the\nrds_iw_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's\nmac80211 subsystem implementation handled synchronization between TX\nand STA wake-up code paths. A remote attacker could use this flaw to\ncrash the system. (CVE-2014-2706, Moderate)\n\n* An out-of-bounds memory access flaw was found in the Netlink\nAttribute extension of the Berkeley Packet Filter (BPF) interpreter\nfunctionality in the Linux kernel's networking implementation. A\nlocal, unprivileged user could use this flaw to crash the system or\nleak kernel memory to user space via a specially crafted socket\nfilter. (CVE-2014-3144, CVE-2014-3145, Moderate)\n\nThis update also fixes several bugs and adds one enhancement.\nDocumentation for these changes will be available shortly from the\nTechnical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add this\nenhancement. The system must be rebooted for this update to take\neffect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-July/020458.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?71444326\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-2672\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-431.23.3.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-431.23.3.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-01T02:30:30", "description": "Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\n* A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter.\nA local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system. (CVE-2014-2851, Important)\n\n* A NULL pointer dereference flaw was found in the way the futex_wait_requeue_pi() function of the Linux kernel's futex subsystem handled the requeuing of certain Priority Inheritance (PI) futexes. A local, unprivileged user could use this flaw to crash the system.\n(CVE-2012-6647, Moderate)\n\n* A NULL pointer dereference flaw was found in the rds_ib_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2013-7339, Moderate)\n\n* It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter. (CVE-2014-2672, Moderate)\n\n* A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths. A remote attacker could use this flaw to crash the system. (CVE-2014-2706, Moderate)\n\n* An out-of-bounds memory access flaw was found in the Netlink Attribute extension of the Berkeley Packet Filter (BPF) interpreter functionality in the Linux kernel's networking implementation. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space via a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145, Moderate)\n\nThis update also fixes several bugs and adds one enhancement.\nDocumentation for these changes will be available shortly from the Technical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues and add this enhancement. The system must be rebooted for this update to take effect.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-30T00:00:00", "type": "nessus", "title": "RHEL 6 : kernel (RHSA-2014:0981)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6647", "CVE-2013-7339", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3144", "CVE-2014-3145"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.5"], "id": "REDHAT-RHSA-2014-0981.NASL", "href": "https://www.tenable.com/plugins/nessus/76908", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0981. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76908);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-6647\", \"CVE-2013-7339\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_bugtraq_id(66351, 66492, 66543, 66591, 66779, 67309, 67321, 67395);\n script_xref(name:\"RHSA\", value:\"2014:0981\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2014:0981)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues, several\nbugs, and add one enhancement are now available for Red Hat Enterprise\nLinux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n* A use-after-free flaw was found in the way the ping_init_sock()\nfunction of the Linux kernel handled the group_info reference counter.\nA local, unprivileged user could use this flaw to crash the system or,\npotentially, escalate their privileges on the system. (CVE-2014-2851,\nImportant)\n\n* A NULL pointer dereference flaw was found in the way the\nfutex_wait_requeue_pi() function of the Linux kernel's futex subsystem\nhandled the requeuing of certain Priority Inheritance (PI) futexes. A\nlocal, unprivileged user could use this flaw to crash the system.\n(CVE-2012-6647, Moderate)\n\n* A NULL pointer dereference flaw was found in the\nrds_ib_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2013-7339, Moderate)\n\n* It was found that a remote attacker could use a race condition flaw\nin the ath_tx_aggr_sleep() function to crash the system by creating\nlarge network traffic on the system's Atheros 9k wireless network\nadapter. (CVE-2014-2672, Moderate)\n\n* A NULL pointer dereference flaw was found in the\nrds_iw_laddr_check() function in the Linux kernel's implementation of\nReliable Datagram Sockets (RDS). A local, unprivileged user could use\nthis flaw to crash the system. (CVE-2014-2678, Moderate)\n\n* A race condition flaw was found in the way the Linux kernel's\nmac80211 subsystem implementation handled synchronization between TX\nand STA wake-up code paths. A remote attacker could use this flaw to\ncrash the system. (CVE-2014-2706, Moderate)\n\n* An out-of-bounds memory access flaw was found in the Netlink\nAttribute extension of the Berkeley Packet Filter (BPF) interpreter\nfunctionality in the Linux kernel's networking implementation. A\nlocal, unprivileged user could use this flaw to crash the system or\nleak kernel memory to user space via a specially crafted socket\nfilter. (CVE-2014-3144, CVE-2014-3145, Moderate)\n\nThis update also fixes several bugs and adds one enhancement.\nDocumentation for these changes will be available shortly from the\nTechnical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues and add this\nenhancement. The system must be rebooted for this update to take\neffect.\"\n );\n # https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b5caa05f\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:0981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-7339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2672\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2706\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-2851\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3144\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-6647\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-6647\", \"CVE-2013-7339\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2014:0981\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0981\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-abi-whitelists-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-431.23.3.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:45:57", "description": "xen was updated to fix 10 security issues :\n\n - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030).\n\n - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor (CVE-2014-8867).\n\n - Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595).\n\n - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation (CVE-2014-7155).\n\n - Hypervisor heap contents leaked to guests (CVE-2014-4021).\n\n - Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595).\n\n - Insufficient restrictions on certain MMU update hypercalls (CVE-2014-8594).\n\n - Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts (CVE-2013-3495).\n\n - Missing privilege level checks in x86 emulation of software interrupts (CVE-2014-7156).\n\n - Race condition in HVMOP_track_dirty_vram (CVE-2014-7154).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : xen (SUSE-SU-2014:1732-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3495", "CVE-2014-4021", "CVE-2014-7154", "CVE-2014-7155", "CVE-2014-7156", "CVE-2014-8594", "CVE-2014-8595", "CVE-2014-8867", "CVE-2014-9030"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-doc-pdf", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:xen-kmp-trace", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2014-1732-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83659", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:1732-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83659);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-3495\", \"CVE-2014-4021\", \"CVE-2014-7154\", \"CVE-2014-7155\", \"CVE-2014-7156\", \"CVE-2014-8594\", \"CVE-2014-8595\", \"CVE-2014-8867\", \"CVE-2014-9030\");\n script_bugtraq_id(61854, 68070, 70055, 70057, 70062, 71149, 71151, 71207, 71331);\n\n script_name(english:\"SUSE SLES11 Security Update : xen (SUSE-SU-2014:1732-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"xen was updated to fix 10 security issues :\n\n - Guest effectable page reference leak in\n MMU_MACHPHYS_UPDATE handling (CVE-2014-9030).\n\n - Insufficient bounding of 'REP MOVS' to MMIO emulated\n inside the hypervisor (CVE-2014-8867).\n\n - Missing privilege level checks in x86 emulation of far\n branches (CVE-2014-8595).\n\n - Missing privilege level checks in x86 HLT, LGDT, LIDT,\n and LMSW emulation (CVE-2014-7155).\n\n - Hypervisor heap contents leaked to guests\n (CVE-2014-4021).\n\n - Missing privilege level checks in x86 emulation of far\n branches (CVE-2014-8595).\n\n - Insufficient restrictions on certain MMU update\n hypercalls (CVE-2014-8594).\n\n - Intel VT-d Interrupt Remapping engines can be evaded by\n native NMI interrupts (CVE-2013-3495).\n\n - Missing privilege level checks in x86 emulation of\n software interrupts (CVE-2014-7156).\n\n - Race condition in HVMOP_track_dirty_vram\n (CVE-2014-7154).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=826717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=880751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=903967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=903970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=905467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=906439\"\n );\n # https://download.suse.com/patch/finder/?keywords=39575907259e980068f0caf772c05144\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3762a464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-3495/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-4021/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7154/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7155/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7156/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8594/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8595/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8867/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9030/\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20141732-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6413f22b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP1 LTSS :\n\nzypper in -t patch slessp1-xen-10080\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-doc-html-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-doc-pdf-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.0.3_21548_18_2.6.32.59_0.15-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-kmp-trace-4.0.3_21548_18_2.6.32.59_0.15-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-libs-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-tools-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"x86_64\", reference:\"xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.15-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-doc-html-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-doc-pdf-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-kmp-default-4.0.3_21548_18_2.6.32.59_0.15-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-kmp-trace-4.0.3_21548_18_2.6.32.59_0.15-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-libs-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-tools-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-tools-domU-4.0.3_21548_18-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"1\", cpu:\"i586\", reference:\"xen-kmp-pae-4.0.3_21548_18_2.6.32.59_0.15-0.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-05-10T17:29:40", "description": "The Linux kernel was updated to fix security issues and bugs.\n\nSecurity issues fixed: CVE-2014-3153: The futex_requeue function in kernel/futex.c in the Linux kernel did not ensure that calls have two different futex addresses, which allowed local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.\n\nCVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel did not check whether a certain length value is sufficiently large, which allowed local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the\n__skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced.\n\nCVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel used the reverse order in a certain subtraction, which allowed local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the\n__skb_get_nlattr_nest function before the vulnerability was announced.\n\nCVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable buffers are disabled, did not properly validate packet lengths, which allowed guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions.\n\nCVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package did not properly handle vhost_get_vq_desc errors, which allowed guest OS users to cause a denial of service (host OS crash) via unspecified vectors.\n\nCVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.\n\nCVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.\n\nCVE-2014-2851: Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel allowed local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter.\n\n - ext4: Fix buffer double free in ext4_alloc_branch() (bnc#880599 bnc#876981).\n\n - patches.fixes/firewire-01-net-fix-use-after-free.patch, patches.fixes/firewire-02-ohci-fix-probe-failure-with-ag ere-lsi-controllers.patch, patches.fixes/firewire-03-dont-use-prepare_delayed_work.\n patch: Add missing bug reference (bnc#881697).\n\n - firewire: don't use PREPARE_DELAYED_WORK.\n\n - firewire: ohci: fix probe failure with Agere/LSI controllers.\n\n - firewire: net: fix use after free.\n\n - USB: OHCI: fix problem with global suspend on ATI controllers (bnc#868315).\n\n - mm: revert 'page-writeback.c: subtract min_free_kbytes from dirtyable memory' (bnc#879792).\n\n - usb: musb: tusb6010: Use musb->tusb_revision instead of tusb_get_revision call (bnc#872715).\n\n - usb: musb: tusb6010: Add tusb_revision to struct musb to store the revision (bnc#872715).\n\n - ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets (bnc#880613).\n\n - floppy: do not corrupt bio.bi_flags when reading block 0 (bnc#879258).\n\n - reiserfs: call truncate_setsize under tailpack mutex (bnc#878115).\n\n - Update Xen config files: Set compatibility level back to 4.1 (bnc#851338).\n\n - Update config files. Guillaume GARDET reported a broken build due to CONFIG_USB_SERIAL_GENERIC being modular\n\n - memcg: deprecate memory.force_empty knob (bnc#878274).\n\n - nfsd: when reusing an existing repcache entry, unhash it first (bnc#877721).\n\n - Enable Socketcan again for i386 and x86_64 (bnc#858067)\n\n - xhci: extend quirk for Renesas cards (bnc#877713).\n\n - xhci: Fix resume issues on Renesas chips in Samsung laptops (bnc#877713).\n\n - mm: try_to_unmap_cluster() should lock_page() before mlocking (bnc#876102, CVE-2014-3122).\n\n - drm/i915, HD-audio: Don't continue probing when nomodeset is given (bnc#882648).\n\n - x86/mm/numa: Fix 32-bit kernel NUMA boot (bnc#881727).", "cvss3": {"score": null, "vector": null}, "published": "2014-06-26T00:00:00", "type": "nessus", "title": "openSUSE Security Update : kernel (openSUSE-SU-2014:0840-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7339", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2678", "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:cloop", "p-cpe:/a:novell:opensuse:cloop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-debugsource", "p-cpe:/a:novell:opensuse:cloop-kmp-default", "p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-pae", "p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-xen", "p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:crash", "p-cpe:/a:novell:opensuse:crash-debuginfo", "p-cpe:/a:novell:opensuse:crash-debugsource", "p-cpe:/a:novell:opensuse:crash-devel", "p-cpe:/a:novell:opensuse:crash-eppic", "p-cpe:/a:novell:opensuse:crash-eppic-debuginfo", "p-cpe:/a:novell:opensuse:crash-gcore", "p-cpe:/a:novell:opensuse:crash-gcore-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-default", "p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-desktop", "p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-pae", "p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-xen", "p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-debugsource", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:ipset", "p-cpe:/a:novell:opensuse:ipset-debuginfo", "p-cpe:/a:novell:opensuse:ipset-debugsource", "p-cpe:/a:novell:opensuse:ipset-devel", "p-cpe:/a:novell:opensuse:ipset-kmp-default", "p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-pae", "p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-xen", "p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget", "p-cpe:/a:novell:opensuse:iscsitarget-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget-debugsource", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-default", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-desktop", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-pae", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-xen", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debugsource", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace-debugsource", "p-cpe:/a:novell:opensuse:kernel-trace-devel", "p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo", "p-cpe:/a:novell:opensuse:libipset3", "p-cpe:/a:novell:opensuse:libipset3-debuginfo", "p-cpe:/a:novell:opensuse:ndiswrapper", "p-cpe:/a:novell:opensuse:ndiswrapper-debuginfo", "p-cpe:/a:novell:opensuse:ndiswrapper-debugsource", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-desktop", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-pae", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock", "p-cpe:/a:novell:opensuse:pcfclock-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-debugsource", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:python-virtualbox", "p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-debugsource", "p-cpe:/a:novell:opensuse:vhba-kmp-default", "p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-pae", "p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-xen", "p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox", "p-cpe:/a:novell:opensuse:virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-debugsource", "p-cpe:/a:novell:opensuse:virtualbox-devel", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-qt", "p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-websrv", "p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo", "p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-kmp-default", "p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-pae", "p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domU", "p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo", "p-cpe:/a:novell:opensuse:xen-xend-tools", "p-cpe:/a:novell:opensuse:xen-xend-tools-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons", "p-cpe:/a:novell:opensuse:xtables-addons-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-debugsource", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-441.NASL", "href": "https://www.tenable.com/plugins/nessus/76228", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-441.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76228);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-2678\", \"CVE-2014-2851\", \"CVE-2014-3122\", \"CVE-2014-3144\", \"CVE-2014-3145\", \"CVE-2014-3153\");\n script_bugtraq_id(66351, 66441, 66543, 66678, 66779, 67162, 67309, 67321, 67906);\n\n script_name(english:\"openSUSE Security Update : kernel (openSUSE-SU-2014:0840-1)\");\n script_summary(english:\"Check for the openSUSE-2014-441 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel was updated to fix security issues and bugs.\n\nSecurity issues fixed: CVE-2014-3153: The futex_requeue function in\nkernel/futex.c in the Linux kernel did not ensure that calls have two\ndifferent futex addresses, which allowed local users to gain\nprivileges via a crafted FUTEX_REQUEUE command that facilitates unsafe\nwaiter modification.\n\nCVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST\nextension implementations in the sk_run_filter function in\nnet/core/filter.c in the Linux kernel did not check whether a certain\nlength value is sufficiently large, which allowed local users to cause\na denial of service (integer underflow and system crash) via crafted\nBPF instructions. NOTE: the affected code was moved to the\n__skb_get_nlattr and __skb_get_nlattr_nest functions before the\nvulnerability was announced.\n\nCVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in\nthe sk_run_filter function in net/core/filter.c in the Linux kernel\nused the reverse order in a certain subtraction, which allowed local\nusers to cause a denial of service (over-read and system crash) via\ncrafted BPF instructions. NOTE: the affected code was moved to the\n__skb_get_nlattr_nest function before the vulnerability was announced.\n\nCVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable\nbuffers are disabled, did not properly validate packet lengths, which\nallowed guest OS users to cause a denial of service (memory corruption\nand host OS crash) or possibly gain privileges on the host OS via\ncrafted packets, related to the handle_rx and get_rx_bufs functions.\n\nCVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the\nvhost-net subsystem in the Linux kernel package did not properly\nhandle vhost_get_vq_desc errors, which allowed guest OS users to cause\na denial of service (host OS crash) via unspecified vectors.\n\nCVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the\nLinux kernel allowed local users to cause a denial of service (NULL\npointer dereference and system crash) or possibly have unspecified\nother impact via a bind system call for an RDS socket on a system that\nlacks RDS transports.\n\nCVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the\nLinux kernel allowed local users to cause a denial of service (NULL\npointer dereference and system crash) or possibly have unspecified\nother impact via a bind system call for an RDS socket on a system that\nlacks RDS transports.\n\nCVE-2014-2851: Integer overflow in the ping_init_sock function in\nnet/ipv4/ping.c in the Linux kernel allowed local users to cause a\ndenial of service (use-after-free and system crash) or possibly gain\nprivileges via a crafted application that leverages an improperly\nmanaged reference counter.\n\n - ext4: Fix buffer double free in ext4_alloc_branch()\n (bnc#880599 bnc#876981).\n\n - patches.fixes/firewire-01-net-fix-use-after-free.patch,\n patches.fixes/firewire-02-ohci-fix-probe-failure-with-ag\n ere-lsi-controllers.patch,\n patches.fixes/firewire-03-dont-use-prepare_delayed_work.\n patch: Add missing bug reference (bnc#881697).\n\n - firewire: don't use PREPARE_DELAYED_WORK.\n\n - firewire: ohci: fix probe failure with Agere/LSI\n controllers.\n\n - firewire: net: fix use after free.\n\n - USB: OHCI: fix problem with global suspend on ATI\n controllers (bnc#868315).\n\n - mm: revert 'page-writeback.c: subtract min_free_kbytes\n from dirtyable memory' (bnc#879792).\n\n - usb: musb: tusb6010: Use musb->tusb_revision instead of\n tusb_get_revision call (bnc#872715).\n\n - usb: musb: tusb6010: Add tusb_revision to struct musb to\n store the revision (bnc#872715).\n\n - ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets\n (bnc#880613).\n\n - floppy: do not corrupt bio.bi_flags when reading block 0\n (bnc#879258).\n\n - reiserfs: call truncate_setsize under tailpack mutex\n (bnc#878115).\n\n - Update Xen config files: Set compatibility level back to\n 4.1 (bnc#851338).\n\n - Update config files. Guillaume GARDET reported a broken\n build due to CONFIG_USB_SERIAL_GENERIC being modular\n\n - memcg: deprecate memory.force_empty knob (bnc#878274).\n\n - nfsd: when reusing an existing repcache entry, unhash it\n first (bnc#877721).\n\n - Enable Socketcan again for i386 and x86_64 (bnc#858067)\n\n - xhci: extend quirk for Renesas cards (bnc#877713).\n\n - xhci: Fix resume issues on Renesas chips in Samsung\n laptops (bnc#877713).\n\n - mm: try_to_unmap_cluster() should lock_page() before\n mlocking (bnc#876102, CVE-2014-3122).\n\n - drm/i915, HD-audio: Don't continue probing when\n nomodeset is given (bnc#882648).\n\n - x86/mm/numa: Fix 32-bit kernel NUMA boot (bnc#881727).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=851338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=858067\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=868315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=869563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=872715\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=873374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=876102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=876981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=877257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=877713\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=877721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=879258\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=879792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880613\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880892\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=881697\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=881727\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882648\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-06/msg00050.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android \"Towelroot\" Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-xend-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-xend-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/26\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-2.639-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-debuginfo-2.639-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-debugsource-2.639-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-default-2.639_k3.11.10_17-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-default-debuginfo-2.639_k3.11.10_17-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-desktop-2.639_k3.11.10_17-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-desktop-debuginfo-2.639_k3.11.10_17-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-pae-2.639_k3.11.10_17-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-pae-debuginfo-2.639_k3.11.10_17-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-xen-2.639_k3.11.10_17-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-xen-debuginfo-2.639_k3.11.10_17-11.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-7.0.2-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-debuginfo-7.0.2-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-debugsource-7.0.2-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-devel-7.0.2-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-eppic-7.0.2-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-eppic-debuginfo-7.0.2-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-gcore-7.0.2-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-gcore-debuginfo-7.0.2-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-default-7.0.2_k3.11.10_17-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-default-debuginfo-7.0.2_k3.11.10_17-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-desktop-7.0.2_k3.11.10_17-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-desktop-debuginfo-7.0.2_k3.11.10_17-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-pae-7.0.2_k3.11.10_17-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-pae-debuginfo-7.0.2_k3.11.10_17-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-xen-7.0.2_k3.11.10_17-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-xen-debuginfo-7.0.2_k3.11.10_17-2.10.9\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-debugsource-1.28-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-default-1.28_k3.11.10_17-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-default-debuginfo-1.28_k3.11.10_17-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-desktop-1.28_k3.11.10_17-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-desktop-debuginfo-1.28_k3.11.10_17-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-pae-1.28_k3.11.10_17-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-pae-debuginfo-1.28_k3.11.10_17-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-xen-1.28_k3.11.10_17-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-xen-debuginfo-1.28_k3.11.10_17-16.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-6.21.1-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-debuginfo-6.21.1-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-debugsource-6.21.1-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-devel-6.21.1-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-default-6.21.1_k3.11.10_17-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-default-debuginfo-6.21.1_k3.11.10_17-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-desktop-6.21.1_k3.11.10_17-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-desktop-debuginfo-6.21.1_k3.11.10_17-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-pae-6.21.1_k3.11.10_17-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-pae-debuginfo-6.21.1_k3.11.10_17-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-xen-6.21.1_k3.11.10_17-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-xen-debuginfo-6.21.1_k3.11.10_17-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-1.4.20.3-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-debuginfo-1.4.20.3-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-debugsource-1.4.20.3-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-default-1.4.20.3_k3.11.10_17-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.11.10_17-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-desktop-1.4.20.3_k3.11.10_17-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.11.10_17-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-pae-1.4.20.3_k3.11.10_17-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.11.10_17-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-xen-1.4.20.3_k3.11.10_17-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.11.10_17-13.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-source-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-source-vanilla-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-syms-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libipset3-6.21.1-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libipset3-debuginfo-6.21.1-2.14.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-1.58-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-debuginfo-1.58-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-debugsource-1.58-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-default-1.58_k3.11.10_17-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-default-debuginfo-1.58_k3.11.10_17-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-desktop-1.58_k3.11.10_17-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-desktop-debuginfo-1.58_k3.11.10_17-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-pae-1.58_k3.11.10_17-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-pae-debuginfo-1.58_k3.11.10_17-10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-0.44-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-debuginfo-0.44-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-debugsource-0.44-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-default-0.44_k3.11.10_17-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-default-debuginfo-0.44_k3.11.10_17-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-desktop-0.44_k3.11.10_17-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-desktop-debuginfo-0.44_k3.11.10_17-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-pae-0.44_k3.11.10_17-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-pae-debuginfo-0.44_k3.11.10_17-258.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-virtualbox-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-virtualbox-debuginfo-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-debugsource-20130607-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-default-20130607_k3.11.10_17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-default-debuginfo-20130607_k3.11.10_17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-desktop-20130607_k3.11.10_17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-desktop-debuginfo-20130607_k3.11.10_17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-pae-20130607_k3.11.10_17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-pae-debuginfo-20130607_k3.11.10_17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-xen-20130607_k3.11.10_17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-xen-debuginfo-20130607_k3.11.10_17-2.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-debuginfo-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-debugsource-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-devel-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-default-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-default-debuginfo-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-desktop-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-desktop-debuginfo-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-pae-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-pae-debuginfo-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-tools-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-tools-debuginfo-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-x11-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-x11-debuginfo-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-default-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-default-debuginfo-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-desktop-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-desktop-debuginfo-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-pae-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-pae-debuginfo-4.2.18_k3.11.10_17-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-qt-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-qt-debuginfo-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-websrv-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-websrv-debuginfo-4.2.18-2.15.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-debugsource-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-devel-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-default-4.3.2_01_k3.11.10_17-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-default-debuginfo-4.3.2_01_k3.11.10_17-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-desktop-4.3.2_01_k3.11.10_17-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-desktop-debuginfo-4.3.2_01_k3.11.10_17-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-pae-4.3.2_01_k3.11.10_17-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-pae-debuginfo-4.3.2_01_k3.11.10_17-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-libs-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-libs-debuginfo-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-tools-domU-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-tools-domU-debuginfo-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-2.3-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-debuginfo-2.3-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-debugsource-2.3-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-default-2.3_k3.11.10_17-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-default-debuginfo-2.3_k3.11.10_17-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-desktop-2.3_k3.11.10_17-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-desktop-debuginfo-2.3_k3.11.10_17-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-pae-2.3_k3.11.10_17-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-pae-debuginfo-2.3_k3.11.10_17-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-xen-2.3_k3.11.10_17-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-xen-debuginfo-2.3_k3.11.10_17-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-base-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-devel-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-devel-debuginfo-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-debuginfo-3.11.10-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-debuginfo-3.11.10-17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-doc-html-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-tools-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-xend-tools-4.3.2_01-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-xend-tools-debuginfo-4.3.2_01-18.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-17T15:20:10", "description": "Updated kernel-rt packages that fix multiple security issues are now available for Red Hat Enterprise MRG 2.5.\n\nThe Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux operating system.\n\n * A race condition leading to a use-after-free flaw was found in the way the Linux kernel's TCP/IP protocol suite implementation handled the addition of fragments to the LRU (Last-Recently Used) list under certain conditions. A remote attacker could use this flaw to crash the system or, potentially, escalate their privileges on the system by sending a large amount of specially crafted fragmented packets to that system.\n (CVE-2014-0100, Important)\n\n * A race condition flaw, leading to heap-based buffer overflows, was found in the way the Linux kernel's N_TTY line discipline (LDISC) implementation handled concurrent processing of echo output and TTY write operations originating from user space when the underlying TTY driver was PTY. An unprivileged, local user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n (CVE-2014-0196, Important)\n\n * A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)\n\n * It was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.\n\n * A use-after-free flaw was found in the way the ping_init_sock() function of the Linux kernel handled the group_info reference counter. A local, unprivileged user could use this flaw to crash the system or, potentially, escalate their privileges on the system.\n (CVE-2014-2851, Important)\n\n * It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter.\n (CVE-2014-2672, Moderate)\n\n * A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system. (CVE-2014-2678, Moderate)\n\n * A race condition flaw was found in the way the Linux kernel's mac80211 subsystem implementation handled synchronization between TX and STA wake-up code paths.\n A remote attacker could use this flaw to crash the system. (CVE-2014-2706, Moderate)\n\n * It was found that the try_to_unmap_cluster() function in the Linux kernel's Memory Managment subsystem did not properly handle page locking in certain cases, which could potentially trigger the BUG_ON() macro in the mlock_vma_page() function. A local, unprivileged user could use this flaw to crash the system. (CVE-2014-3122, Moderate)\n\nUsers are advised to upgrade to these updated packages, which upgrade the kernel-rt kernel to version kernel-rt-3.10.33-rt32.34 and correct these issues. The system must be rebooted for this update to take effect.", "cvss3": {"score": 8.1, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2014-07-22T00:00:00", "type": "nessus", "title": "RHEL 6 : MRG (RHSA-2014:0557)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0100", "CVE-2014-0196", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3122"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2014-0557.NASL", "href": "https://www.tenable.com/plugins/nessus/76677", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:0557. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76677);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\n \"CVE-2014-0100\",\n \"CVE-2014-0196\",\n \"CVE-2014-1737\",\n \"CVE-2014-1738\",\n \"CVE-2014-2672\",\n \"CVE-2014-2678\",\n \"CVE-2014-2706\",\n \"CVE-2014-2851\",\n \"CVE-2014-3122\"\n );\n script_bugtraq_id(\n 65952,\n 66492,\n 66543,\n 66591,\n 66779,\n 67162,\n 67282,\n 67300,\n 67302\n );\n script_xref(name:\"RHSA\", value:\"2014:0557\");\n\n script_name(english:\"RHEL 6 : MRG (RHSA-2014:0557)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"Updated kernel-rt packages that fix multiple security issues are now\navailable for Red Hat Enterprise MRG 2.5.\n\nThe Red Hat Security Response Team has rated this update as having\nImportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A race condition leading to a use-after-free flaw was\n found in the way the Linux kernel's TCP/IP protocol\n suite implementation handled the addition of fragments\n to the LRU (Last-Recently Used) list under certain\n conditions. A remote attacker could use this flaw to\n crash the system or, potentially, escalate their\n privileges on the system by sending a large amount of\n specially crafted fragmented packets to that system.\n (CVE-2014-0100, Important)\n\n * A race condition flaw, leading to heap-based buffer\n overflows, was found in the way the Linux kernel's N_TTY\n line discipline (LDISC) implementation handled\n concurrent processing of echo output and TTY write\n operations originating from user space when the\n underlying TTY driver was PTY. An unprivileged, local\n user could use this flaw to crash the system or,\n potentially, escalate their privileges on the system.\n (CVE-2014-0196, Important)\n\n * A flaw was found in the way the Linux kernel's floppy\n driver handled user space provided data in certain error\n code paths while processing FDRAWCMD IOCTL commands. A\n local user with write access to /dev/fdX could use this\n flaw to free (using the kfree() function) arbitrary\n kernel memory. (CVE-2014-1737, Important)\n\n * It was found that the Linux kernel's floppy driver\n leaked internal kernel memory addresses to user space\n during the processing of the FDRAWCMD IOCTL command. A\n local user with write access to /dev/fdX could use this\n flaw to obtain information about the kernel heap\n arrangement. (CVE-2014-1738, Low)\n\nNote: A local user with write access to /dev/fdX could use these two\nflaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate\ntheir privileges on the system.\n\n * A use-after-free flaw was found in the way the\n ping_init_sock() function of the Linux kernel handled\n the group_info reference counter. A local, unprivileged\n user could use this flaw to crash the system or,\n potentially, escalate their privileges on the system.\n (CVE-2014-2851, Important)\n\n * It was found that a remote attacker could use a race\n condition flaw in the ath_tx_aggr_sleep() function to\n crash the system by creating large network traffic on\n the system's Atheros 9k wireless network adapter.\n (CVE-2014-2672, Moderate)\n\n * A NULL pointer dereference flaw was found in the\n rds_iw_laddr_check() function in the Linux kernel's\n implementation of Reliable Datagram Sockets (RDS). A\n local, unprivileged user could use this flaw to crash\n the system. (CVE-2014-2678, Moderate)\n\n * A race condition flaw was found in the way the Linux\n kernel's mac80211 subsystem implementation handled\n synchronization between TX and STA wake-up code paths.\n A remote attacker could use this flaw to crash the\n system. (CVE-2014-2706, Moderate)\n\n * It was found that the try_to_unmap_cluster() function in\n the Linux kernel's Memory Managment subsystem did not\n properly handle page locking in certain cases, which\n could potentially trigger the BUG_ON() macro in the\n mlock_vma_page() function. A local, unprivileged user\n could use this flaw to crash the system. (CVE-2014-3122,\n Moderate)\n\nUsers are advised to upgrade to these updated packages, which upgrade\nthe kernel-rt kernel to version kernel-rt-3.10.33-rt32.34 and correct\nthese issues. The system must be rebooted for this update to take\neffect.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-0100.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-0196.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-1737.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-1738.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-2672.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-2678.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-2706.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-2851.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.redhat.com/security/data/cve/CVE-2014-3122.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://rhn.redhat.com/errata/RHSA-2014-0557.html\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:0557\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mrg-release\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MRG\");\n\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-debug-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-debug-debuginfo-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-debug-devel-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-debuginfo-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-debuginfo-common-x86_64-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-devel-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-doc-3.10.0-\") && rpm_check(release:\"RHEL6\", reference:\"kernel-rt-doc-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-firmware-3.10.0-\") && rpm_check(release:\"RHEL6\", reference:\"kernel-rt-firmware-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-trace-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-trace-debuginfo-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-trace-devel-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-vanilla-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-vanilla-debuginfo-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-debuginfo-3.10.33-rt32.34.el6rt\")) flag++;\n if (! rpm_exists(release:\"RHEL6\", rpm:\"kernel-rt-vanilla-devel-3.10.0-\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-devel-3.10.33-rt32.34.el6rt\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:48:19", "description": "The SUSE Linux Enterprise 11 Service Pack 3 Xen package was updated to fix various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - XSA-108: CVE-2014-7188: Improper MSR range used for x2APIC emulation. (bnc#897657)\n\n - XSA-106: CVE-2014-7156: Missing privilege level checks in x86 emulation of software interrupts. (bnc#895802)\n\n - XSA-105: CVE-2014-7155: Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation. (bnc#895799)\n\n - XSA-104: CVE-2014-7154: Race condition in HVMOP_track_dirty_vram. (bnc#895798)\n\n - XSA-100: CVE-2014-4021: Hypervisor heap contents leaked to guests. (bnc#880751)\n\n - XSA-96: CVE-2014-3967 / CVE-2014-3968: Vulnerabilities in HVM MSI injection. (bnc#878841)\n\n - XSA-89: CVE-2014-2599: HVMOP_set_mem_access is not preemptible. (bnc#867910)\n\n - XSA-65: CVE-2013-4344: qemu SCSI REPORT LUNS buffer overflow. (bnc#842006)\n\n - qemu: zaurus: buffer overrun on invalid state load (bnc#864801) The following non-security issues have been fixed:. (CVE-2013-4540)\n\n - xend: Fix netif convertToDeviceNumber for running domains. (bnc#891539)\n\n - Installing SLES12 as a VM on SLES11 SP3 fails because of btrfs in the VM. (bnc#882092)\n\n - XEN kernel panic do_device_not_available(). (bnc#881900)\n\n - Boot Failure with xen kernel in UEFI mode with error 'No memory for trampoline'. (bnc#833483)\n\n - SLES 11 SP3 vm-install should get RHEL 7 support when released. (bnc#862608)\n\n - SLES 11 SP3 XEN kiso version cause softlockup on 8 blades npar(480 cpu). (bnc#858178)\n\n - Local attach support for PHY backends using scripts local_attach_support_for_phy.patch. (bnc#865682)\n\n - Improve multipath support for npiv devices block-npiv (bnc#798770)", "cvss3": {"score": null, "vector": null}, "published": "2014-10-23T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : Xen (SAT Patch Number 9828)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4344", "CVE-2013-4540", "CVE-2014-2599", "CVE-2014-3967", "CVE-2014-3968", "CVE-2014-4021", "CVE-2014-7154", "CVE-2014-7155", "CVE-2014-7156", "CVE-2014-7188"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:xen", "p-cpe:/a:novell:suse_linux:11:xen-doc-html", "p-cpe:/a:novell:suse_linux:11:xen-doc-pdf", "p-cpe:/a:novell:suse_linux:11:xen-kmp-default", "p-cpe:/a:novell:suse_linux:11:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:11:xen-libs", "p-cpe:/a:novell:suse_linux:11:xen-libs-32bit", "p-cpe:/a:novell:suse_linux:11:xen-tools", "p-cpe:/a:novell:suse_linux:11:xen-tools-domU", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_XEN-201409-141002.NASL", "href": "https://www.tenable.com/plugins/nessus/78652", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78652);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4344\", \"CVE-2013-4540\", \"CVE-2014-2599\", \"CVE-2014-3967\", \"CVE-2014-3968\", \"CVE-2014-4021\", \"CVE-2014-7154\", \"CVE-2014-7155\", \"CVE-2014-7156\", \"CVE-2014-7188\");\n\n script_name(english:\"SuSE 11.3 Security Update : Xen (SAT Patch Number 9828)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Service Pack 3 Xen package was updated to\nfix various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - XSA-108: CVE-2014-7188: Improper MSR range used for\n x2APIC emulation. (bnc#897657)\n\n - XSA-106: CVE-2014-7156: Missing privilege level checks\n in x86 emulation of software interrupts. (bnc#895802)\n\n - XSA-105: CVE-2014-7155: Missing privilege level checks\n in x86 HLT, LGDT, LIDT, and LMSW emulation. (bnc#895799)\n\n - XSA-104: CVE-2014-7154: Race condition in\n HVMOP_track_dirty_vram. (bnc#895798)\n\n - XSA-100: CVE-2014-4021: Hypervisor heap contents leaked\n to guests. (bnc#880751)\n\n - XSA-96: CVE-2014-3967 / CVE-2014-3968: Vulnerabilities\n in HVM MSI injection. (bnc#878841)\n\n - XSA-89: CVE-2014-2599: HVMOP_set_mem_access is not\n preemptible. (bnc#867910)\n\n - XSA-65: CVE-2013-4344: qemu SCSI REPORT LUNS buffer\n overflow. (bnc#842006)\n\n - qemu: zaurus: buffer overrun on invalid state load\n (bnc#864801) The following non-security issues have been\n fixed:. (CVE-2013-4540)\n\n - xend: Fix netif convertToDeviceNumber for running\n domains. (bnc#891539)\n\n - Installing SLES12 as a VM on SLES11 SP3 fails because of\n btrfs in the VM. (bnc#882092)\n\n - XEN kernel panic do_device_not_available(). (bnc#881900)\n\n - Boot Failure with xen kernel in UEFI mode with error 'No\n memory for trampoline'. (bnc#833483)\n\n - SLES 11 SP3 vm-install should get RHEL 7 support when\n released. (bnc#862608)\n\n - SLES 11 SP3 XEN kiso version cause softlockup on 8\n blades npar(480 cpu). (bnc#858178)\n\n - Local attach support for PHY backends using scripts\n local_attach_support_for_phy.patch. (bnc#865682)\n\n - Improve multipath support for npiv devices block-npiv\n (bnc#798770)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=798770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=858178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=862608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=864801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=865682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=881900\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882092\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=891539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=897657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4344.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4540.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-2599.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3967.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3968.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4021.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-7154.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-7155.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-7156.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-7188.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9828.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-default-4.2.4_04_3.0.101_0.40-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-pae-4.2.4_04_3.0.101_0.40-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-libs-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-tools-domU-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-doc-html-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-doc-pdf-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.4_04_3.0.101_0.40-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-libs-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-libs-32bit-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-tools-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-tools-domU-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-default-4.2.4_04_3.0.101_0.40-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-pae-4.2.4_04_3.0.101_0.40-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-libs-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-tools-domU-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-doc-html-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-doc-pdf-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.4_04_3.0.101_0.40-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-libs-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-libs-32bit-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-tools-4.2.4_04-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-tools-domU-4.2.4_04-0.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:48:04", "description": "XEN was updated to fix various bugs and security issues.\n\nSecurity issues fixed :\n\n - bnc#897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation\n\n - bnc#895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts\n\n - bnc#895799 - CVE-2014-7155: XSA-105: Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation\n\n - bnc#895798 - CVE-2014-7154: XSA-104: Race condition in HVMOP_track_dirty_vram\n\n - bnc#864801 - CVE-2013-4540: qemu: zaurus: buffer overrun on invalid state load \n\n - bnc#880751 - CVE-2014-4021: XSA-100: Hypervisor heap contents leaked to guests\n\n - bnc#878841 - CVE-2014-3967,CVE-2014-3968: XSA-96:\n Vulnerabilities in HVM MSI injection\n\n - bnc#867910 - CVE-2014-2599: XSA-89: HVMOP_set_mem_access is not preemptible\n\n - bnc#842006 - CVE-2013-4344: XSA-65: xen: qemu SCSI REPORT LUNS buffer overflow\n\nOther bugs fixed :\n\n - bnc#896023 - Adjust xentop column layout\n\n - bnc#891539 - xend: fix netif convertToDeviceNumber for running domains\n\n - bnc#820873 - The 'long' option doesn't work with 'xl list'\n\n - bnc#881900 - XEN kernel panic do_device_not_available()\n\n - bnc#833483 - Boot Failure with xen kernel in UEFI mode with error 'No memory for trampoline'\n\n - bnc#862608 - SLES 11 SP3 vm-install should get RHEL 7 support when released\n\n - bnc#858178 - [HP HPS Bug]: SLES11sp3 XEN kiso version cause softlockup on 8 blades npar(480 cpu)\n\n - bnc#865682 - Local attach support for PHY backends using scripts\n\n - bnc#798770 - Improve multipath support for npiv devices", "cvss3": {"score": null, "vector": null}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : xen (openSUSE-SU-2014:1279-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4344", "CVE-2013-4540", "CVE-2014-2599", "CVE-2014-3967", "CVE-2014-3968", "CVE-2014-4021", "CVE-2014-7154", "CVE-2014-7155", "CVE-2014-7156", "CVE-2014-7188"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-doc-pdf", "p-cpe:/a:novell:opensuse:xen-kmp-default", "p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-pae", "p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domU", "p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2014-579.NASL", "href": "https://www.tenable.com/plugins/nessus/78116", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-579.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78116);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4344\", \"CVE-2013-4540\", \"CVE-2014-2599\", \"CVE-2014-3967\", \"CVE-2014-3968\", \"CVE-2014-4021\", \"CVE-2014-7154\", \"CVE-2014-7155\", \"CVE-2014-7156\", \"CVE-2014-7188\");\n\n script_name(english:\"openSUSE Security Update : xen (openSUSE-SU-2014:1279-1)\");\n script_summary(english:\"Check for the openSUSE-2014-579 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"XEN was updated to fix various bugs and security issues.\n\nSecurity issues fixed :\n\n - bnc#897657 - CVE-2014-7188: XSA-108 Improper MSR range\n used for x2APIC emulation\n\n - bnc#895802 - CVE-2014-7156: XSA-106: Missing privilege\n level checks in x86 emulation of software interrupts\n\n - bnc#895799 - CVE-2014-7155: XSA-105: Missing privilege\n level checks in x86 HLT, LGDT, LIDT, and LMSW emulation\n\n - bnc#895798 - CVE-2014-7154: XSA-104: Race condition in\n HVMOP_track_dirty_vram\n\n - bnc#864801 - CVE-2013-4540: qemu: zaurus: buffer overrun\n on invalid state load \n\n - bnc#880751 - CVE-2014-4021: XSA-100: Hypervisor heap\n contents leaked to guests\n\n - bnc#878841 - CVE-2014-3967,CVE-2014-3968: XSA-96:\n Vulnerabilities in HVM MSI injection\n\n - bnc#867910 - CVE-2014-2599: XSA-89: HVMOP_set_mem_access\n is not preemptible\n\n - bnc#842006 - CVE-2013-4344: XSA-65: xen: qemu SCSI\n REPORT LUNS buffer overflow\n\nOther bugs fixed :\n\n - bnc#896023 - Adjust xentop column layout\n\n - bnc#891539 - xend: fix netif convertToDeviceNumber for\n running domains\n\n - bnc#820873 - The 'long' option doesn't work with 'xl\n list'\n\n - bnc#881900 - XEN kernel panic do_device_not_available()\n\n - bnc#833483 - Boot Failure with xen kernel in UEFI mode\n with error 'No memory for trampoline'\n\n - bnc#862608 - SLES 11 SP3 vm-install should get RHEL 7\n support when released\n\n - bnc#858178 - [HP HPS Bug]: SLES11sp3 XEN kiso version\n cause softlockup on 8 blades npar(480 cpu)\n\n - bnc#865682 - Local attach support for PHY backends using\n scripts\n\n - bnc#798770 - Improve multipath support for npiv devices\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=798770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=833483\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=858178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=862608\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=864801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=865682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=881900\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=891539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=896023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=897657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-10/msg00008.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-debugsource-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-devel-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-kmp-default-4.2.4_04_k3.7.10_1.40-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-kmp-default-debuginfo-4.2.4_04_k3.7.10_1.40-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-kmp-desktop-4.2.4_04_k3.7.10_1.40-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-kmp-desktop-debuginfo-4.2.4_04_k3.7.10_1.40-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-kmp-pae-4.2.4_04_k3.7.10_1.40-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-kmp-pae-debuginfo-4.2.4_04_k3.7.10_1.40-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-libs-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-libs-debuginfo-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-tools-domU-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"xen-tools-domU-debuginfo-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"xen-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"xen-doc-html-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"xen-doc-pdf-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"xen-tools-4.2.4_04-1.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.2.4_04-1.32.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:48:15", "description": "XEN was updated to fix security issues and bugs.\n\nSecurity issues fixed :\n\n - bnc#897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC emulation\n\n - bnc#895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in x86 emulation of software interrupts\n\n - bnc#895799 - CVE-2014-7155: XSA-105: Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation\n\n - bnc#895798 - CVE-2014-7154: XSA-104: Race condition in HVMOP_track_dirty_vram\n\n - bnc#864801 - CVE-2013-4540: qemu: zaurus: buffer overrun on invalid state load\n\n - bnc#875668 - CVE-2014-3124: XSA-92: HVMOP_set_mem_type allows invalid P2M entries to be created\n\n - bnc#878841 - CVE-2014-3967, CVE-2014-3968: XSA-96: Xen:\n Vulnerabilities in HVM MSI injection\n\n - bnc#880751 - CVE-2014-4021: XSA-100: Hypervisor heap contents leaked to guests\n\n - bnc#842006 - CVE-2013-4344: XSA-65: xen: qemu SCSI REPORT LUNS buffer overflow \n\nOther bugs fixed :\n\n - bnc#896023 - Adjust xentop column layout\n\n - bnc#820873 - The 'long' option doesn't work with 'xl list'\n\n - bnc#882127 - Xen kernel panics on booting SLES12 Beta 8\n\n - bnc#865682 - Local attach support for PHY backends using scripts\n\n - bnc#798770 - Improve multipath support for npiv devices", "cvss3": {"score": null, "vector": null}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : xen (openSUSE-SU-2014:1281-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4344", "CVE-2013-4540", "CVE-2014-3124", "CVE-2014-3967", "CVE-2014-3968", "CVE-2014-4021", "CVE-2014-7154", "CVE-2014-7155", "CVE-2014-7156", "CVE-2014-7188"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-kmp-default", "p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-pae", "p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domU", "p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo", "p-cpe:/a:novell:opensuse:xen-xend-tools", "p-cpe:/a:novell:opensuse:xen-xend-tools-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2014-580.NASL", "href": "https://www.tenable.com/plugins/nessus/78117", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2014-580.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78117);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4344\", \"CVE-2013-4540\", \"CVE-2014-3124\", \"CVE-2014-3967\", \"CVE-2014-3968\", \"CVE-2014-4021\", \"CVE-2014-7154\", \"CVE-2014-7155\", \"CVE-2014-7156\", \"CVE-2014-7188\");\n\n script_name(english:\"openSUSE Security Update : xen (openSUSE-SU-2014:1281-1)\");\n script_summary(english:\"Check for the openSUSE-2014-580 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"XEN was updated to fix security issues and bugs.\n\nSecurity issues fixed :\n\n - bnc#897657 - CVE-2014-7188: XSA-108 Improper MSR range\n used for x2APIC emulation\n\n - bnc#895802 - CVE-2014-7156: XSA-106: Missing privilege\n level checks in x86 emulation of software interrupts\n\n - bnc#895799 - CVE-2014-7155: XSA-105: Missing privilege\n level checks in x86 HLT, LGDT, LIDT, and LMSW emulation\n\n - bnc#895798 - CVE-2014-7154: XSA-104: Race condition in\n HVMOP_track_dirty_vram\n\n - bnc#864801 - CVE-2013-4540: qemu: zaurus: buffer overrun\n on invalid state load\n\n - bnc#875668 - CVE-2014-3124: XSA-92: HVMOP_set_mem_type\n allows invalid P2M entries to be created\n\n - bnc#878841 - CVE-2014-3967, CVE-2014-3968: XSA-96: Xen:\n Vulnerabilities in HVM MSI injection\n\n - bnc#880751 - CVE-2014-4021: XSA-100: Hypervisor heap\n contents leaked to guests\n\n - bnc#842006 - CVE-2013-4344: XSA-65: xen: qemu SCSI\n REPORT LUNS buffer overflow \n\nOther bugs fixed :\n\n - bnc#896023 - Adjust xentop column layout\n\n - bnc#820873 - The 'long' option doesn't work with 'xl\n list'\n\n - bnc#882127 - Xen kernel panics on booting SLES12 Beta 8\n\n - bnc#865682 - Local attach support for PHY backends using\n scripts\n\n - bnc#798770 - Improve multipath support for npiv devices\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=798770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=842006\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=864801\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=865682\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=875668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878841\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=895802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=896023\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=897657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2014-10/msg00010.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-xend-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-xend-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-debugsource-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-devel-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-default-4.3.2_02_k3.11.10_21-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-default-debuginfo-4.3.2_02_k3.11.10_21-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-desktop-4.3.2_02_k3.11.10_21-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-desktop-debuginfo-4.3.2_02_k3.11.10_21-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-pae-4.3.2_02_k3.11.10_21-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-pae-debuginfo-4.3.2_02_k3.11.10_21-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-libs-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-libs-debuginfo-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-tools-domU-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-tools-domU-debuginfo-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-doc-html-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-tools-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-xend-tools-4.3.2_02-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-xend-tools-debuginfo-4.3.2_02-27.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-01T02:35:31", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel's IPC reference counting. An unprivileged local user could exploit this flaw to cause a denial of service (OOM system crash). (CVE-2013-4483)\n\nAl Viro discovered an error in how CIFS in the Linux kernel handles uncached write operations. An unprivileged local user could exploit this flaw to cause a denial of service (system crash), obtain sensitive information from kernel memory, or possibly gain privileges.\n(CVE-2014-0069)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-27T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-2221-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4483", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0101", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2221-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74184", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2221-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74184);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4483\", \"CVE-2014-0069\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n script_bugtraq_id(63445, 65588, 65943, 66095, 66279, 66492, 66543, 66591, 66678, 66779, 67300, 67302);\n script_xref(name:\"USN\", value:\"2221-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-2221-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel's IPC reference counting. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (OOM system crash). (CVE-2013-4483)\n\nAl Viro discovered an error in how CIFS in the Linux kernel handles\nuncached write operations. An unprivileged local user could exploit\nthis flaw to cause a denial of service (system crash), obtain\nsensitive information from kernel memory, or possibly gain privileges.\n(CVE-2014-0069)\n\nA flaw was discovered in the handling of network packets when\nmergeable buffers are disabled for virtual machines in the Linux\nkernel. Guest OS users may exploit this flaw to cause a denial of\nservice (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP\nhandshake. A remote attacker could exploit this flaw to cause a denial\nof service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to\ncause a denial of service (memory consumption) via a flood of ICMPv6\nrouter advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless\ndriver in the Linux kernel. This race could be exploited by remote\nattackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's\nGeneric IEEE 802.11 Networking Stack (mac80211). Remote attackers\ncould exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash) or possibly gain privileges via a crafted\napplication. (CVE-2014-2851).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2221-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4483\", \"CVE-2014-0069\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2221-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-63-generic\", pkgver:\"3.2.0-63.95\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-63-generic-pae\", pkgver:\"3.2.0-63.95\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-63-highbank\", pkgver:\"3.2.0-63.95\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-63-virtual\", pkgver:\"3.2.0-63.95\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-01T02:36:21", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel.\nGuest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel's virtual memory management subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3122).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-28T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0055", "CVE-2014-0077", "CVE-2014-0101", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3122"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2224-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74212", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2224-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74212);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3122\");\n script_bugtraq_id(65943, 66095, 66279, 66441, 66492, 66543, 66591, 66678, 66779, 67162, 67300, 67302);\n script_xref(name:\"USN\", value:\"2224-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-raring vulnerabilities (USN-2224-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel.\nGuest OS users could exploit this flaw to cause a denial of service\n(host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when\nmergeable buffers are disabled for virtual machines in the Linux\nkernel. Guest OS users may exploit this flaw to cause a denial of\nservice (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP\nhandshake. A remote attacker could exploit this flaw to cause a denial\nof service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to\ncause a denial of service (memory consumption) via a flood of ICMPv6\nrouter advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless\ndriver in the Linux kernel. This race could be exploited by remote\nattackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's\nGeneric IEEE 802.11 Networking Stack (mac80211). Remote attackers\ncould exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash) or possibly gain privileges via a crafted\napplication. (CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel's virtual memory\nmanagement subsystem. An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2014-3122).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2224-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.8-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3122\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2224-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.8.0-41-generic\", pkgver:\"3.8.0-41.60~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.8-generic\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:45:46", "description": "xen was updated to fix 14 security issues :\n\n - Guest effectable page reference leak in MMU_MACHPHYS_UPDATE handling (CVE-2014-9030).\n\n - Insufficient bounding of 'REP MOVS' to MMIO emulated inside the hypervisor (CVE-2014-8867).\n\n - Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation (CVE-2014-7155).\n\n - Hypervisor heap contents leaked to guests (CVE-2014-4021).\n\n - Missing privilege level checks in x86 emulation of far branches (CVE-2014-8595).\n\n - Insufficient restrictions on certain MMU update hypercalls (CVE-2014-8594).\n\n - Intel VT-d Interrupt Remapping engines can be evaded by native NMI interrupts (CVE-2013-3495).\n\n - Missing privilege level checks in x86 emulation of software interrupts (CVE-2014-7156).\n\n - Race condition in HVMOP_track_dirty_vram (CVE-2014-7154).\n\n - Improper MSR range used for x2APIC emulation (CVE-2014-7188).\n\n - HVMOP_set_mem_type allows invalid P2M entries to be created (CVE-2014-3124).\n\n - HVMOP_set_mem_access is not preemptible (CVE-2014-2599).\n\n - Excessive checking in compatibility mode hypercall argument translation (CVE-2014-8866).\n\n - Guest user mode triggerable VM exits not handled by hypervisor (bnc#903850).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : xen (SUSE-SU-2014:1710-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-3495", "CVE-2014-2599", "CVE-2014-3124", "CVE-2014-4021", "CVE-2014-7154", "CVE-2014-7155", "CVE-2014-7156", "CVE-2014-7188", "CVE-2014-8594", "CVE-2014-8595", "CVE-2014-8866", "CVE-2014-8867", "CVE-2014-9030"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:xen", "p-cpe:/a:novell:suse_linux:xen-devel", "p-cpe:/a:novell:suse_linux:xen-doc-html", "p-cpe:/a:novell:suse_linux:xen-doc-pdf", "p-cpe:/a:novell:suse_linux:xen-kmp-default", "p-cpe:/a:novell:suse_linux:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:xen-kmp-trace", "p-cpe:/a:novell:suse_linux:xen-libs", "p-cpe:/a:novell:suse_linux:xen-tools", "p-cpe:/a:novell:suse_linux:xen-tools-domU", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2014-1710-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83654", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2014:1710-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83654);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-3495\", \"CVE-2014-2599\", \"CVE-2014-3124\", \"CVE-2014-4021\", \"CVE-2014-7154\", \"CVE-2014-7155\", \"CVE-2014-7156\", \"CVE-2014-7188\", \"CVE-2014-8594\", \"CVE-2014-8595\", \"CVE-2014-8866\", \"CVE-2014-8867\", \"CVE-2014-9030\");\n script_bugtraq_id(61854, 66407, 67113, 68070, 70055, 70057, 70062, 70198, 71149, 71151, 71207, 71331, 71332);\n\n script_name(english:\"SUSE SLES11 Security Update : xen (SUSE-SU-2014:1710-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"xen was updated to fix 14 security issues :\n\n - Guest effectable page reference leak in\n MMU_MACHPHYS_UPDATE handling (CVE-2014-9030).\n\n - Insufficient bounding of 'REP MOVS' to MMIO emulated\n inside the hypervisor (CVE-2014-8867).\n\n - Missing privilege level checks in x86 HLT, LGDT, LIDT,\n and LMSW emulation (CVE-2014-7155).\n\n - Hypervisor heap contents leaked to guests\n (CVE-2014-4021).\n\n - Missing privilege level checks in x86 emulation of far\n branches (CVE-2014-8595).\n\n - Insufficient restrictions on certain MMU update\n hypercalls (CVE-2014-8594).\n\n - Intel VT-d Interrupt Remapping engines can be evaded by\n native NMI interrupts (CVE-2013-3495).\n\n - Missing privilege level checks in x86 emulation of\n software interrupts (CVE-2014-7156).\n\n - Race condition in HVMOP_track_dirty_vram\n (CVE-2014-7154).\n\n - Improper MSR range used for x2APIC emulation\n (CVE-2014-7188).\n\n - HVMOP_set_mem_type allows invalid P2M entries to be\n created (CVE-2014-3124).\n\n - HVMOP_set_mem_access is not preemptible (CVE-2014-2599).\n\n - Excessive checking in compatibility mode hypercall\n argument translation (CVE-2014-8866).\n\n - Guest user mode triggerable VM exits not handled by\n hypervisor (bnc#903850).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=826717\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=867910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=875668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=880751\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=895802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=897657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=901317\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=903850\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=903967\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=903970\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=905465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=905467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=906439\"\n );\n # https://download.suse.com/patch/finder/?keywords=c3ad0fd02909cf041596ac8a665c5844\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b2b5cd9d\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-3495/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-2599/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-3124/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-4021/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7154/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7155/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7156/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-7188/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8594/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8595/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8866/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-8867/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2014-9030/\"\n );\n # https://www.suse.com/support/update/announcement/2014/suse-su-20141710-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?08a0043b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11 SP2 LTSS :\n\nzypper in -t patch slessp2-xen-11sp2-20141204-10081\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"i386|i486|i586|i686|x86_64\") audit(AUDIT_ARCH_NOT, \"i386 / i486 / i586 / i686 / x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-devel-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.1.6_08_3.0.101_0.7.23-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-kmp-trace-4.1.6_08_3.0.101_0.7.23-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-domU-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-doc-pdf-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-tools-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"xen-kmp-pae-4.1.6_08_3.0.101_0.7.23-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"i586\", reference:\"xen-devel-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"i586\", reference:\"xen-kmp-default-4.1.6_08_3.0.101_0.7.23-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"i586\", reference:\"xen-kmp-trace-4.1.6_08_3.0.101_0.7.23-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"i586\", reference:\"xen-libs-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"i586\", reference:\"xen-tools-domU-4.1.6_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"i586\", reference:\"xen-kmp-pae-4.1.6_08_3.0.101_0.7.23-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-01T02:35:30", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel.\nGuest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel's IPv4 fragment handling code. Remote attackers could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory (TM) implementation for powerpc based machine. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-28T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0055", "CVE-2014-0077", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2672", "CVE-2014-2673", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2225-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2225-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74213);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2673\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n script_bugtraq_id(65943, 66095, 66279, 66441, 66477, 66492, 66543, 66591, 66678, 66779, 67300, 67302);\n script_xref(name:\"USN\", value:\"2225-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-saucy vulnerabilities (USN-2225-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel.\nGuest OS users could exploit this flaw to cause a denial of service\n(host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when\nmergeable buffers are disabled for virtual machines in the Linux\nkernel. Guest OS users may exploit this flaw to cause a denial of\nservice (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel's IPv4\nfragment handling code. Remote attackers could exploit this flaw to\ncause a denial of service (system crash) or possibly have other\nunspecified impact. (CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP\nhandshake. A remote attacker could exploit this flaw to cause a denial\nof service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to\ncause a denial of service (memory consumption) via a flood of ICMPv6\nrouter advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless\ndriver in the Linux kernel. This race could be exploited by remote\nattackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional\nMemory (TM) implementation for powerpc based machine. An unprivileged\nlocal user could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's\nGeneric IEEE 802.11 Networking Stack (mac80211). Remote attackers\ncould exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash) or possibly gain privileges via a crafted\napplication. (CVE-2014-2851).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2225-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.11-generic and / or\nlinux-image-3.11-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2673\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2225-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.11.0-22-generic\", pkgver:\"3.11.0-22.38~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.11.0-22-generic-lpae\", pkgver:\"3.11.0-22.38~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.11-generic / linux-image-3.11-generic-lpae\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-01T02:37:11", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel.\nGuest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel's IPv4 fragment handling code. Remote attackers could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory (TM) implementation for powerpc based machine. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-28T00:00:00", "type": "nessus", "title": "Ubuntu 13.10 : linux vulnerabilities (USN-2228-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0055", "CVE-2014-0077", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2672", "CVE-2014-2673", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae", "cpe:/o:canonical:ubuntu_linux:13.10"], "id": "UBUNTU_USN-2228-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74215", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2228-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74215);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2673\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n script_bugtraq_id(65943, 66095, 66279, 66441, 66477, 66492, 66543, 66591, 66678, 66779, 67300, 67302);\n script_xref(name:\"USN\", value:\"2228-1\");\n\n script_name(english:\"Ubuntu 13.10 : linux vulnerabilities (USN-2228-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel.\nGuest OS users could exploit this flaw to cause a denial of service\n(host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when\nmergeable buffers are disabled for virtual machines in the Linux\nkernel. Guest OS users may exploit this flaw to cause a denial of\nservice (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel's IPv4\nfragment handling code. Remote attackers could exploit this flaw to\ncause a denial of service (system crash) or possibly have other\nunspecified impact. (CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP\nhandshake. A remote attacker could exploit this flaw to cause a denial\nof service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to\ncause a denial of service (memory consumption) via a flood of ICMPv6\nrouter advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless\ndriver in the Linux kernel. This race could be exploited by remote\nattackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional\nMemory (TM) implementation for powerpc based machine. An unprivileged\nlocal user could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's\nGeneric IEEE 802.11 Networking Stack (mac80211). Remote attackers\ncould exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash) or possibly gain privileges via a crafted\napplication. (CVE-2014-2851).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2228-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.11-generic and / or\nlinux-image-3.11-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.11-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/03/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(13\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 13.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2673\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2228-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"13.10\", pkgname:\"linux-image-3.11.0-22-generic\", pkgver:\"3.11.0-22.38\")) flag++;\nif (ubuntu_check(osver:\"13.10\", pkgname:\"linux-image-3.11.0-22-generic-lpae\", pkgver:\"3.11.0-22.38\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.11-generic / linux-image-3.11-generic-lpae\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-09-01T02:33:32", "description": "Matthew Daley reported an information leak in the floppy disk driver of the Linux kernel. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the floppy disk driver in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges if the floppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel's IPC reference counting. An unprivileged local user could exploit this flaw to cause a denial of service (OOM system crash). (CVE-2013-4483)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel.\nGuest OS users could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable buffers are disabled for virtual machines in the Linux kernel. Guest OS users may exploit this flaw to cause a denial of service (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake. A remote attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux kernel's IPv6 stack. A remote attacker could exploit this flaw to cause a denial of service (memory consumption) via a flood of ICMPv6 router advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A remote attacked could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver in the Linux kernel. This race could be exploited by remote attackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol stack in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have unspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic IEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a crafted application. (CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel's virtual memory management subsystem. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-3122).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-05-28T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4483", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-0101", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3122"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2223-1.NASL", "href": "https://www.tenable.com/plugins/nessus/74211", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2223-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74211);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-4483\", \"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3122\");\n script_bugtraq_id(63445, 65943, 66095, 66279, 66441, 66492, 66543, 66591, 66678, 66779, 67162, 67300, 67302);\n script_xref(name:\"USN\", value:\"2223-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2223-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley reported an information leak in the floppy disk driver\nof the Linux kernel. An unprivileged local user could exploit this\nflaw to obtain potentially sensitive information from kernel memory.\n(CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user\ncould exploit this flaw to gain administrative privileges if the\nfloppy disk module is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel's IPC reference counting. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (OOM system crash). (CVE-2013-4483)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel.\nGuest OS users could exploit this flaw to cause a denial of service\n(host OS crash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when\nmergeable buffers are disabled for virtual machines in the Linux\nkernel. Guest OS users may exploit this flaw to cause a denial of\nservice (host OS crash) or possibly gain privilege on the host OS.\n(CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP\nhandshake. A remote attacker could exploit this flaw to cause a denial\nof service (system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to\ncause a denial of service (memory consumption) via a flood of ICMPv6\nrouter advertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless\ndriver in the Linux kernel. This race could be exploited by remote\nattackers to cause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS)\nprotocol stack in the Linux kernel. A local user could exploit this\nflaw to cause a denial of service (system crash) or possibly have\nunspecified other impact. (CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's\nGeneric IEEE 802.11 Networking Stack (mac80211). Remote attackers\ncould exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash) or possibly gain privileges via a crafted\napplication. (CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel's virtual memory\nmanagement subsystem. An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash). (CVE-2014-3122).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2223-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.5-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/11/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4483\", \"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3122\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2223-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.5.0-51-generic\", pkgver:\"3.5.0-51.76~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-16T14:11:55", "description": "An updated rhev-hypervisor6 package that fixes three security issues and one bug is now available.\n\nRed Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes everything necessary to run and manage virtual machines: a subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions.\n\nA NULL pointer dereference flaw was found in the way the Linux kernel's networking implementation handled logging while processing certain invalid packets coming in via a VxLAN interface. A remote attacker could use this flaw to crash the system by sending a specially crafted packet to such an interface. (CVE-2014-3535)\n\nTwo integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use either of these flaws to corrupt QEMU process memory on the host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process. (CVE-2014-0222, CVE-2014-0223)\n\nRed Hat would like to thank NSA for reporting CVE-2014-0222 and CVE-2014-0223.\n\nThis update also fixes the following bug :\n\n* Previously, an updated version of Qlogic firmware was not supported in the Red Hat Enterprise Virtualization Hypervisor 6.5 image and an error message returned when users were using a newer version of Qlogic firmware. This update includes the latest Qlogic firmware package in the Red Hat Enterprise Virtualization Hypervisor 6.5 image so no firmware errors are returned. (BZ#1135780)\n\nThis updated package also provides updated components that include fixes for various security issues. These issues have no security impact on Red Hat Enterprise Virtualization Hypervisor itself, however. The security fixes included in this update address the following CVE numbers :\n\nCVE-2012-6647, CVE-2013-7339, CVE-2014-2672, CVE-2014-2678, CVE-2014-2706, CVE-2014-2851, CVE-2014-3144, CVE-2014-3145, CVE-2014-0205, CVE-2014-3917, and CVE-2014-4667 (kernel issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised to upgrade to this updated package.", "cvss3": {"score": null, "vector": null}, "published": "2014-11-08T00:00:00", "type": "nessus", "title": "RHEL 6 : rhev-hypervisor6 (RHSA-2014:1168)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-6647", "CVE-2013-7339", "CVE-2014-0205", "CVE-2014-0222", "CVE-2014-0223", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3535", "CVE-2014-3917", "CVE-2014-4667"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2014-1168.NASL", "href": "https://www.tenable.com/plugins/nessus/79048", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1168. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79048);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2014-0222\", \"CVE-2014-0223\", \"CVE-2014-3535\");\n script_bugtraq_id(67357, 67391);\n script_xref(name:\"RHSA\", value:\"2014:1168\");\n\n script_name(english:\"RHEL 6 : rhev-hypervisor6 (RHSA-2014:1168)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated rhev-hypervisor6 package that fixes three security issues\nand one bug is now available.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise\nVirtualization Hypervisor ISO disk image. The Red Hat Enterprise\nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine\n(KVM) hypervisor. It includes everything necessary to run and manage\nvirtual machines: a subset of the Red Hat Enterprise Linux operating\nenvironment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available\nfor the Intel 64 and AMD64 architectures with virtualization\nextensions.\n\nA NULL pointer dereference flaw was found in the way the Linux\nkernel's networking implementation handled logging while processing\ncertain invalid packets coming in via a VxLAN interface. A remote\nattacker could use this flaw to crash the system by sending a\nspecially crafted packet to such an interface. (CVE-2014-3535)\n\nTwo integer overflow flaws were found in the QEMU block driver for\nQCOW version 1 disk images. A user able to alter the QEMU disk image\nfiles loaded by a guest could use either of these flaws to corrupt\nQEMU process memory on the host, which could potentially result in\narbitrary code execution on the host with the privileges of the QEMU\nprocess. (CVE-2014-0222, CVE-2014-0223)\n\nRed Hat would like to thank NSA for reporting CVE-2014-0222 and\nCVE-2014-0223.\n\nThis update also fixes the following bug :\n\n* Previously, an updated version of Qlogic firmware was not supported\nin the Red Hat Enterprise Virtualization Hypervisor 6.5 image and an\nerror message returned when users were using a newer version of Qlogic\nfirmware. This update includes the latest Qlogic firmware package in\nthe Red Hat Enterprise Virtualization Hypervisor 6.5 image so no\nfirmware errors are returned. (BZ#1135780)\n\nThis updated package also provides updated components that include\nfixes for various security issues. These issues have no security\nimpact on Red Hat Enterprise Virtualization Hypervisor itself,\nhowever. The security fixes included in this update address the\nfollowing CVE numbers :\n\nCVE-2012-6647, CVE-2013-7339, CVE-2014-2672, CVE-2014-2678,\nCVE-2014-2706, CVE-2014-2851, CVE-2014-3144, CVE-2014-3145,\nCVE-2014-0205, CVE-2014-3917, and CVE-2014-4667 (kernel issues)\n\nUsers of the Red Hat Enterprise Virtualization Hypervisor are advised\nto upgrade to this updated package.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2014:1168\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-0222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3535\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rhev-hypervisor6 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/09/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2014:1168\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"rhev-hypervisor6-6.5-20140821.1.el6ev\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhev-hypervisor6\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:48:54", "description": "Multiple security issues have been discovered in the Xen virtualisation solution which may result in information leaks or denial of service.", "cvss3": {"score": null, "vector": null}, "published": "2014-08-19T00:00:00", "type": "nessus", "title": "Debian DSA-3006-1 : xen - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1432", "CVE-2013-1442", "CVE-2013-2076", "CVE-2013-2077", "CVE-2013-2078", "CVE-2013-2194", "CVE-2013-2195", "CVE-2013-2196", "CVE-2013-2211", "CVE-2013-4329", "CVE-2013-4355", "CVE-2013-4361", "CVE-2013-4368", "CVE-2013-4494", "CVE-2013-4553", "CVE-2014-1950", "CVE-2014-2599", "CVE-2014-3124", "CVE-2014-4021"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:xen", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3006.NASL", "href": "https://www.tenable.com/plugins/nessus/77240", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3006. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77240);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1432\", \"CVE-2013-1442\", \"CVE-2013-2076\", \"CVE-2013-2077\", \"CVE-2013-2078\", \"CVE-2013-2194\", \"CVE-2013-2195\", \"CVE-2013-2196\", \"CVE-2013-2211\", \"CVE-2013-4329\", \"CVE-2013-4355\", \"CVE-2013-4361\", \"CVE-2013-4368\", \"CVE-2013-4494\", \"CVE-2013-4553\", \"CVE-2014-1950\", \"CVE-2014-2599\", \"CVE-2014-3124\", \"CVE-2014-4021\");\n script_bugtraq_id(60277, 60278, 60282, 60701, 60702, 60703, 60721, 60799, 62307, 62630, 62708, 62710, 62935, 63494, 63933, 65529, 66407, 67113, 68070);\n script_xref(name:\"DSA\", value:\"3006\");\n\n script_name(english:\"Debian DSA-3006-1 : xen - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues have been discovered in the Xen\nvirtualisation solution which may result in information leaks or\ndenial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/xen\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-3006\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the xen packages.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 4.1.4-3+deb7u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:M/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/08/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libxen-4.1\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxen-dev\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxen-ocaml\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxen-ocaml-dev\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxenstore3.0\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-docs-4.1\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-hypervisor-4.1-amd64\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-hypervisor-4.1-i386\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-system-amd64\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-system-i386\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-utils-4.1\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-utils-common\", reference:\"4.1.4-3+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xenstore-utils\", reference:\"4.1.4-3+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.4, "vector": "AV:A/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-05-10T17:32:45", "description": "Multiple vulnerabilities has been found and corrected in the Linux kernel :\n\nkernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number (CVE-2014-3917).\n\nThe futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification (CVE-2014-3153).\n\nRace condition in the ath_tx_aggr_sleep function in drivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via a large amount of network traffic that triggers certain list deletions (CVE-2014-2672).\n\nThe (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the\n__skb_get_nlattr and __skb_get_nlattr_nest functions before the vulnerability was announced (CVE-2014-3144).\n\nThe BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced (CVE-2014-3145).\n\nInteger overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter (CVE-2014-2851).\n\nThe n_tty_write function in drivers/tty/n_tty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the LECHO !OPOST case, which allows local users to cause a denial of service (memory corruption and system crash) or gain privileges by triggering a race condition involving read and write operations with long strings (CVE-2014-0196).\n\nThe raw_cmd_copyout function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly restrict access to certain pointers during processing of an FDRAWCMD ioctl call, which allows local users to obtain sensitive information from kernel heap memory by leveraging write access to a /dev/fd device (CVE-2014-1738).\n\nThe raw_cmd_copyin function in drivers/block/floppy.c in the Linux kernel through 3.14.3 does not properly handle error conditions during processing of an FDRAWCMD ioctl call, which allows local users to trigger kfree operations and gain privileges by leveraging write access to a /dev/fd device (CVE-2014-1737).\n\nThe rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports (CVE-2014-2678).\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions (CVE-2014-0077).\n\nThe ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets (CVE-2014-2309).\n\nMultiple array index errors in drivers/hid/hid-multitouch.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate attackers to cause a denial of service (heap memory corruption, or NULL pointer dereference and OOPS) via a crafted device (CVE-2013-2897).\n\nnet/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function (CVE-2014-2523).\n\nRace condition in the mac80211 subsystem in the Linux kernel before 3.13.7 allows remote attackers to cause a denial of service (system crash) via network traffic that improperly interacts with the WLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and tx.c (CVE-2014-2706).\n\nThe sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk (CVE-2014-0101).\n\nThe cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requested number of bytes, which allows local users to obtain sensitive information from kernel memory, cause a denial of service (memory corruption and system crash), or possibly gain privileges via a writev system call with a crafted pointer (CVE-2014-0069).\n\narch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction (CVE-2014-2039).\n\nBuffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setup_routing_entry function before invoking the kvm_set_irq function (CVE-2012-2137).\n\nThe security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context (CVE-2014-1874).\n\nThe updated packages provides a solution for these security issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2137", "CVE-2013-2897", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0101", "CVE-2014-0196", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-2706", "CVE-2014-2851", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153", "CVE-2014-3917"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:cpupower", "p-cpe:/a:mandriva:linux:kernel-firmware", "p-cpe:/a:mandriva:linux:kernel-headers", "p-cpe:/a:mandriva:linux:kernel-server", "p-cpe:/a:mandriva:linux:kernel-server-devel", "p-cpe:/a:mandriva:linux:kernel-source", "p-cpe:/a:mandriva:linux:lib64cpupower-devel", "p-cpe:/a:mandriva:linux:lib64cpupower0", "p-cpe:/a:mandriva:linux:perf", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2014-124.NASL", "href": "https://www.tenable.com/plugins/nessus/74513", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2014:124. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74513);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-2137\", \"CVE-2013-2897\", \"CVE-2014-0069\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-1874\", \"CVE-2014-2039\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3144\", \"CVE-2014-3145\", \"CVE-2014-3153\", \"CVE-2014-3917\");\n script_bugtraq_id(54063, 62044, 65459, 65588, 65700, 65943, 66095, 66279, 66492, 66543, 66591, 66678, 66779, 67282, 67300, 67302, 67309, 67321, 67906);\n script_xref(name:\"MDVSA\", value:\"2014:124\");\n\n script_name(english:\"Mandriva Linux Security Advisory : kernel (MDVSA-2014:124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in the Linux\nkernel :\n\nkernel/auditsc.c in the Linux kernel through 3.14.5, when\nCONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows\nlocal users to obtain potentially sensitive single-bit values from\nkernel memory or cause a denial of service (OOPS) via a large value of\na syscall number (CVE-2014-3917).\n\nThe futex_requeue function in kernel/futex.c in the Linux kernel\nthrough 3.14.5 does not ensure that calls have two different futex\naddresses, which allows local users to gain privileges via a crafted\nFUTEX_REQUEUE command that facilitates unsafe waiter modification\n(CVE-2014-3153).\n\nRace condition in the ath_tx_aggr_sleep function in\ndrivers/net/wireless/ath/ath9k/xmit.c in the Linux kernel before\n3.13.7 allows remote attackers to cause a denial of service (system\ncrash) via a large amount of network traffic that triggers certain\nlist deletions (CVE-2014-2672).\n\nThe (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension\nimplementations in the sk_run_filter function in net/core/filter.c in\nthe Linux kernel through 3.14.3 do not check whether a certain length\nvalue is sufficiently large, which allows local users to cause a\ndenial of service (integer underflow and system crash) via crafted BPF\ninstructions. NOTE: the affected code was moved to the\n__skb_get_nlattr and __skb_get_nlattr_nest functions before the\nvulnerability was announced (CVE-2014-3144).\n\nThe BPF_S_ANC_NLATTR_NEST extension implementation in the\nsk_run_filter function in net/core/filter.c in the Linux kernel\nthrough 3.14.3 uses the reverse order in a certain subtraction, which\nallows local users to cause a denial of service (over-read and system\ncrash) via crafted BPF instructions. NOTE: the affected code was moved\nto the __skb_get_nlattr_nest function before the vulnerability was\nannounced (CVE-2014-3145).\n\nInteger overflow in the ping_init_sock function in net/ipv4/ping.c in\nthe Linux kernel through 3.14.1 allows local users to cause a denial\nof service (use-after-free and system crash) or possibly gain\nprivileges via a crafted application that leverages an improperly\nmanaged reference counter (CVE-2014-2851).\n\nThe n_tty_write function in drivers/tty/n_tty.c in the Linux kernel\nthrough 3.14.3 does not properly manage tty driver access in the LECHO\n!OPOST case, which allows local users to cause a denial of service\n(memory corruption and system crash) or gain privileges by triggering\na race condition involving read and write operations with long strings\n(CVE-2014-0196).\n\nThe raw_cmd_copyout function in drivers/block/floppy.c in the Linux\nkernel through 3.14.3 does not properly restrict access to certain\npointers during processing of an FDRAWCMD ioctl call, which allows\nlocal users to obtain sensitive information from kernel heap memory by\nleveraging write access to a /dev/fd device (CVE-2014-1738).\n\nThe raw_cmd_copyin function in drivers/block/floppy.c in the Linux\nkernel through 3.14.3 does not properly handle error conditions during\nprocessing of an FDRAWCMD ioctl call, which allows local users to\ntrigger kfree operations and gain privileges by leveraging write\naccess to a /dev/fd device (CVE-2014-1737).\n\nThe rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel\nthrough 3.14 allows local users to cause a denial of service (NULL\npointer dereference and system crash) or possibly have unspecified\nother impact via a bind system call for an RDS socket on a system that\nlacks RDS transports (CVE-2014-2678).\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable\nbuffers are disabled, does not properly validate packet lengths, which\nallows guest OS users to cause a denial of service (memory corruption\nand host OS crash) or possibly gain privileges on the host OS via\ncrafted packets, related to the handle_rx and get_rx_bufs functions\n(CVE-2014-0077).\n\nThe ip6_route_add function in net/ipv6/route.c in the Linux kernel\nthrough 3.13.6 does not properly count the addition of routes, which\nallows remote attackers to cause a denial of service (memory\nconsumption) via a flood of ICMPv6 Router Advertisement packets\n(CVE-2014-2309).\n\nMultiple array index errors in drivers/hid/hid-multitouch.c in the\nHuman Interface Device (HID) subsystem in the Linux kernel through\n3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically\nproximate attackers to cause a denial of service (heap memory\ncorruption, or NULL pointer dereference and OOPS) via a crafted device\n(CVE-2013-2897).\n\nnet/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through\n3.13.6 uses a DCCP header pointer incorrectly, which allows remote\nattackers to cause a denial of service (system crash) or possibly\nexecute arbitrary code via a DCCP packet that triggers a call to the\n(1) dccp_new, (2) dccp_packet, or (3) dccp_error function\n(CVE-2014-2523).\n\nRace condition in the mac80211 subsystem in the Linux kernel before\n3.13.7 allows remote attackers to cause a denial of service (system\ncrash) via network traffic that improperly interacts with the\nWLAN_STA_PS_STA state (aka power-save mode), related to sta_info.c and\ntx.c (CVE-2014-2706).\n\nThe sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the\nLinux kernel through 3.13.6 does not validate certain auth_enable and\nauth_capable fields before making an sctp_sf_authenticate call, which\nallows remote attackers to cause a denial of service (NULL pointer\ndereference and system crash) via an SCTP handshake with a modified\nINIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk\n(CVE-2014-0101).\n\nThe cifs_iovec_write function in fs/cifs/file.c in the Linux kernel\nthrough 3.13.5 does not properly handle uncached write operations that\ncopy fewer than the requested number of bytes, which allows local\nusers to obtain sensitive information from kernel memory, cause a\ndenial of service (memory corruption and system crash), or possibly\ngain privileges via a writev system call with a crafted pointer\n(CVE-2014-0069).\n\narch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the\ns390 platform does not properly handle attempted use of the linkage\nstack, which allows local users to cause a denial of service (system\ncrash) by executing a crafted instruction (CVE-2014-2039).\n\nBuffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the\nLinux kernel before 3.2.24 allows local users to cause a denial of\nservice (crash) and possibly execute arbitrary code via vectors\nrelated to Message Signaled Interrupts (MSI), irq routing entries, and\nan incorrect check by the setup_routing_entry function before invoking\nthe kvm_set_irq function (CVE-2012-2137).\n\nThe security_context_to_sid_core function in\nsecurity/selinux/ss/services.c in the Linux kernel before 3.13.4\nallows local users to cause a denial of service (system crash) by\nleveraging the CAP_MAC_ADMIN capability to set a zero-length security\ncontext (CVE-2014-1874).\n\nThe updated packages provides a solution for these security issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Android \"Towelroot\" Futex Requeue Kernel Exploit');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cpupower\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-server-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cpupower-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64cpupower0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"cpupower-3.4.93-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"kernel-firmware-3.4.93-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"kernel-headers-3.4.93-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"kernel-server-3.4.93-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"kernel-server-devel-3.4.93-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"kernel-source-3.4.93-1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64cpupower-devel-3.4.93-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"lib64cpupower0-3.4.93-1.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"perf-3.4.93-1.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-02-19T13:49:51", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - In the Linux kernel, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data. This allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly have unspecified other impacts.(CVE-2017-18222i1/4%0\n\n - A flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.(CVE-2015-5366i1/4%0\n\n - A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within\n __sys_recvmmsg() function.(CVE-2016-7117i1/4%0\n\n - arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode.(CVE-2016-4440i1/4%0\n\n - In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.(CVE-2018-18690i1/4%0\n\n - A flaw was found in the Linux kernel's ext4 filesystem.\n A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.(CVE-2018-10878i1/4%0\n\n - Xen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.(CVE-2015-2150i1/4%0\n\n - The assoc_array_insert_into_terminal_node() function in 'lib/assoc_array.c' in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures.(CVE-2016-7914i1/4%0\n\n - It was found that the x86 ISA (Instruction Set Architecture) is prone to a denial of service attack inside a virtualized environment in the form of an infinite loop in the microcode due to the way (sequential) delivering of benign exceptions such as #AC (alignment check exception) is handled. A privileged user inside a guest could use this flaw to create denial of service conditions on the host kernel.(CVE-2015-5307i1/4%0\n\n - An issue was discovered in fs/f2fs/super.c in the Linux kernel, which does not properly validate secs_per_zone in a corrupted f2fs image. This may lead to a divide-by-zero error and a system crash.(CVE-2018-13100i1/4%0\n\n - The mISDN_sock_recvmsg function in drivers/isdn/mISDN/socket.c in the Linux kernel before 3.12.4 does not ensure that a certain length value is consistent with the size of an associated data structure, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.(CVE-2013-7266i1/4%0\n\n - A NULL pointer dereference flaw was found in the rds_iw_laddr_check() function in the Linux kernel's implementation of Reliable Datagram Sockets (RDS). A local, unprivileged user could use this flaw to crash the system.(CVE-2014-2678i1/4%0\n\n - A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely.(CVE-2017-6214i1/4%0\n\n - The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.(CVE-2018-10087i1/4%0\n\n - Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafted application that establishes a packet filter.(CVE-2015-0569i1/4%0\n\n - A race condition flaw was found in the Linux kernel's ext4 file system implementation that allowed a local, unprivileged user to crash the system by simultaneously writing to a file and toggling the O_DIRECT flag using fcntl(F_SETFL) on that file.(CVE-2014-8086i1/4%0\n\n - The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the -i1/4zexe_file member of a new process's mm_struct, allowing a local attacker to achieve a use-after-free condition and to induce a kernel memory corruption on the system, leading to a crash or possibly have unspecified other impact by running a specially crafted program. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we feel it is unlikely.(CVE-2017-17052i1/4%0\n\n - A buffer overflow flaw was found in the way the Linux kernel's Intel AES-NI instructions optimized version of the RFC4106 GCM mode decryption functionality handled fragmented packets. A remote attacker could use this flaw to crash, or potentially escalate their privileges on, a system over a connection with an active AES-GCM mode IPSec security association.(CVE-2015-3331i1/4%0\n\n - A flaw was found in the processing of incoming L2CAP bluetooth commands. Uninitialized stack variables can be sent to an attacker leaking data in kernel address space.(CVE-2017-1000410i1/4%0\n\n - It was found that a remote attacker could use a race condition flaw in the ath_tx_aggr_sleep() function to crash the system by creating large network traffic on the system's Atheros 9k wireless network adapter.(CVE-2014-2672i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1484)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7266", "CVE-2014-2672", "CVE-2014-2678", "CVE-2014-8086", "CVE-2015-0569", "CVE-2015-2150", "CVE-2015-3331", "CVE-2015-5307", "CVE-2015-5366", "CVE-2016-4440", "CVE-2016-7117", "CVE-2016-7914", "CVE-2017-1000410", "CVE-2017-17052", "CVE-2017-18222", "CVE-2017-6214", "CVE-2018-10087", "CVE-2018-10878", "CVE-2018-13100", "CVE-2018-18690"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1484.NASL", "href": "https://www.tenable.com/plugins/nessus/124808", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124808);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-7266\",\n \"CVE-2014-2672\",\n \"CVE-2014-2678\",\n \"CVE-2014-8086\",\n \"CVE-2015-0569\",\n \"CVE-2015-2150\",\n \"CVE-2015-3331\",\n \"CVE-2015-5307\",\n \"CVE-2015-5366\",\n \"CVE-2016-4440\",\n \"CVE-2016-7117\",\n \"CVE-2016-7914\",\n \"CVE-2017-1000410\",\n \"CVE-2017-17052\",\n \"CVE-2017-18222\",\n \"CVE-2017-6214\",\n \"CVE-2018-10087\",\n \"CVE-2018-10878\",\n \"CVE-2018-13100\",\n \"CVE-2018-18690\"\n );\n script_bugtraq_id(\n 64743,\n 66492,\n 66543,\n 70376,\n 73014,\n 74235,\n 75510\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1484)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - In the Linux kernel, Hisilicon Network Subsystem (HNS)\n does not consider the ETH_SS_PRIV_FLAGS case when\n retrieving sset_count data. This allows local users to\n cause a denial of service (buffer overflow and memory\n corruption) or possibly have unspecified other\n impacts.(CVE-2017-18222i1/4%0\n\n - A flaw was found in the way the Linux kernel's\n networking implementation handled UDP packets with\n incorrect checksum values. A remote attacker could\n potentially use this flaw to trigger an infinite loop\n in the kernel, resulting in a denial of service on the\n system, or cause a denial of service in applications\n using the edge triggered epoll\n functionality.(CVE-2015-5366i1/4%0\n\n - A use-after-free vulnerability was found in the\n kernel's socket recvmmsg subsystem. This may allow\n remote attackers to corrupt memory and may allow\n execution of arbitrary code. This corruption takes\n place during the error handling routines within\n __sys_recvmmsg() function.(CVE-2016-7117i1/4%0\n\n - arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3\n mishandles the APICv on/off state, which allows guest\n OS users to obtain direct APIC MSR access on the host\n OS, and consequently cause a denial of service (host OS\n crash) or possibly execute arbitrary code on the host\n OS, via x2APIC mode.(CVE-2016-4440i1/4%0\n\n - In the Linux kernel before 4.17, a local attacker able\n to set attributes on an xfs filesystem could make this\n filesystem non-operational until the next mount by\n triggering an unchecked error condition during an xfs\n attribute change, because xfs_attr_shortform_addname in\n fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE\n operations with conversion of an attr from short to\n long form.(CVE-2018-18690i1/4%0\n\n - A flaw was found in the Linux kernel's ext4 filesystem.\n A local user can cause an out-of-bounds write and a\n denial of service or unspecified other impact is\n possible by mounting and operating a crafted ext4\n filesystem image.(CVE-2018-10878i1/4%0\n\n - Xen 3.3.x through 4.5.x and the Linux kernel through\n 3.19.1 do not properly restrict access to PCI command\n registers, which might allow local guest OS users to\n cause a denial of service (non-maskable interrupt and\n host crash) by disabling the (1) memory or (2) I/O\n decoding for a PCI Express device and then accessing\n the device, which triggers an Unsupported Request (UR)\n response.(CVE-2015-2150i1/4%0\n\n - The assoc_array_insert_into_terminal_node() function in\n 'lib/assoc_array.c' in the Linux kernel before 4.5.3\n does not check whether a slot is a leaf, which allows\n local users to obtain sensitive information from kernel\n memory or cause a denial of service (invalid pointer\n dereference and out-of-bounds read) via an application\n that uses associative-array data\n structures.(CVE-2016-7914i1/4%0\n\n - It was found that the x86 ISA (Instruction Set\n Architecture) is prone to a denial of service attack\n inside a virtualized environment in the form of an\n infinite loop in the microcode due to the way\n (sequential) delivering of benign exceptions such as\n #AC (alignment check exception) is handled. A\n privileged user inside a guest could use this flaw to\n create denial of service conditions on the host\n kernel.(CVE-2015-5307i1/4%0\n\n - An issue was discovered in fs/f2fs/super.c in the Linux\n kernel, which does not properly validate secs_per_zone\n in a corrupted f2fs image. This may lead to a\n divide-by-zero error and a system\n crash.(CVE-2018-13100i1/4%0\n\n - The mISDN_sock_recvmsg function in\n drivers/isdn/mISDN/socket.c in the Linux kernel before\n 3.12.4 does not ensure that a certain length value is\n consistent with the size of an associated data\n structure, which allows local users to obtain sensitive\n information from kernel memory via a (1) recvfrom, (2)\n recvmmsg, or (3) recvmsg system call.(CVE-2013-7266i1/4%0\n\n - A NULL pointer dereference flaw was found in the\n rds_iw_laddr_check() function in the Linux kernel's\n implementation of Reliable Datagram Sockets (RDS). A\n local, unprivileged user could use this flaw to crash\n the system.(CVE-2014-2678i1/4%0\n\n - A flaw was found in the Linux kernel's handling of\n packets with the URG flag. Applications using the\n splice() and tcp_splice_read() functionality could\n allow a remote attacker to force the kernel to enter a\n condition in which it could loop\n indefinitely.(CVE-2017-6214i1/4%0\n\n - The kernel_wait4 function in kernel/exit.c in the Linux\n kernel before 4.13, when an unspecified architecture\n and compiler is used, might allow local users to cause\n a denial of service by triggering an attempted use of\n the -INT_MIN value.(CVE-2018-10087i1/4%0\n\n - Heap-based buffer overflow in the private wireless\n extensions IOCTL implementation in wlan_hdd_wext.c in\n the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x\n and 4.x, as used in Qualcomm Innovation Center (QuIC)\n Android contributions for MSM devices and other\n products, allows attackers to gain privileges via a\n crafted application that establishes a packet\n filter.(CVE-2015-0569i1/4%0\n\n - A race condition flaw was found in the Linux kernel's\n ext4 file system implementation that allowed a local,\n unprivileged user to crash the system by simultaneously\n writing to a file and toggling the O_DIRECT flag using\n fcntl(F_SETFL) on that file.(CVE-2014-8086i1/4%0\n\n - The mm_init function in kernel/fork.c in the Linux\n kernel before 4.12.10 does not clear the -i1/4zexe_file\n member of a new process's mm_struct, allowing a local\n attacker to achieve a use-after-free condition and to\n induce a kernel memory corruption on the system,\n leading to a crash or possibly have unspecified other\n impact by running a specially crafted program. Due to\n the nature of the flaw, privilege escalation cannot be\n fully ruled out, although we feel it is\n unlikely.(CVE-2017-17052i1/4%0\n\n - A buffer overflow flaw was found in the way the Linux\n kernel's Intel AES-NI instructions optimized version of\n the RFC4106 GCM mode decryption functionality handled\n fragmented packets. A remote attacker could use this\n flaw to crash, or potentially escalate their privileges\n on, a system over a connection with an active AES-GCM\n mode IPSec security association.(CVE-2015-3331i1/4%0\n\n - A flaw was found in the processing of incoming L2CAP\n bluetooth commands. Uninitialized stack variables can\n be sent to an attacker leaking data in kernel address\n space.(CVE-2017-1000410i1/4%0\n\n - It was found that a remote attacker could use a race\n condition flaw in the ath_tx_aggr_sleep() function to\n crash the system by creating large network traffic on\n the system's Atheros 9k wireless network\n adapter.(CVE-2014-2672i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1484\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?afeb6657\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.28-1.2.117\",\n \"kernel-devel-4.19.28-1.2.117\",\n \"kernel-headers-4.19.28-1.2.117\",\n \"kernel-tools-4.19.28-1.2.117\",\n \"kernel-tools-libs-4.19.28-1.2.117\",\n \"kernel-tools-libs-devel-4.19.28-1.2.117\",\n \"perf-4.19.28-1.2.117\",\n \"python-perf-4.19.28-1.2.117\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:49:15", "description": "The remote host is affected by the vulnerability described in GLSA-201407-03 (Xen: Multiple Vunlerabilities)\n\n Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker can utilize multiple vectors to execute arbitrary code, cause Denial of Service, or gain access to data on the host.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-07-17T00:00:00", "type": "nessus", "title": "GLSA-201407-03 : Xen: Multiple Vunlerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1442", "CVE-2013-4329", "CVE-2013-4355", "CVE-2013-4356", "CVE-2013-4361", "CVE-2013-4368", "CVE-2013-4369", "CVE-2013-4370", "CVE-2013-4371", "CVE-2013-4375", "CVE-2013-4416", "CVE-2013-4494", "CVE-2013-4551", "CVE-2013-4553", "CVE-2013-4554", "CVE-2013-6375", "CVE-2013-6400", "CVE-2013-6885", "CVE-2014-1642", "CVE-2014-1666", "CVE-2014-1891", "CVE-2014-1892", "CVE-2014-1893", "CVE-2014-1894", "CVE-2014-1895", "CVE-2014-1896", "CVE-2014-2599", "CVE-2014-3124", "CVE-2014-4021"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:xen", "p-cpe:/a:gentoo:linux:xen-pvgrub", "p-cpe:/a:gentoo:linux:xen-tools", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201407-03.NASL", "href": "https://www.tenable.com/plugins/nessus/76544", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201407-03.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76544);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-1442\", \"CVE-2013-4329\", \"CVE-2013-4355\", \"CVE-2013-4356\", \"CVE-2013-4361\", \"CVE-2013-4368\", \"CVE-2013-4369\", \"CVE-2013-4370\", \"CVE-2013-4371\", \"CVE-2013-4375\", \"CVE-2013-4416\", \"CVE-2013-4494\", \"CVE-2013-4551\", \"CVE-2013-4553\", \"CVE-2013-4554\", \"CVE-2013-6375\", \"CVE-2013-6400\", \"CVE-2013-6885\", \"CVE-2014-1642\", \"CVE-2014-1666\", \"CVE-2014-1891\", \"CVE-2014-1892\", \"CVE-2014-1893\", \"CVE-2014-1894\", \"CVE-2014-1895\", \"CVE-2014-1896\", \"CVE-2014-2599\", \"CVE-2014-3124\", \"CVE-2014-4021\");\n script_bugtraq_id(62307, 62630, 62708, 62709, 62710, 62930, 62931, 62932, 62934, 62935, 63404, 63494, 63625, 63830, 63931, 63933, 63983, 64195, 65097, 65125, 65414, 65419, 65424, 66407, 67113, 68070);\n script_xref(name:\"GLSA\", value:\"201407-03\");\n\n script_name(english:\"GLSA-201407-03 : Xen: Multiple Vunlerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201407-03\n(Xen: Multiple Vunlerabilities)\n\n Multiple vulnerabilities have been discovered in Xen. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker can utilize multiple vectors to execute arbitrary\n code, cause Denial of Service, or gain access to data on the host.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201407-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Xen 4.3 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulations/xen-4.3.2-r2'\n All Xen 4.2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulations/xen-4.2.4-r2'\n All xen-tools 4.3 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-emulations/xen-tools-4.3.2-r2'\n All xen-tools 4.2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-emulations/xen-tools-4.2.4-r2'\n All Xen PVGRUB 4.3 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulations/xen-pvgrub-4.3.2'\n All Xen PVGRUB 4.2 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulations/xen-pvgrub-4.2.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xen-pvgrub\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/09/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulations/xen-pvgrub\", unaffected:make_list(\"rge 4.3.2\", \"rge 4.2.4\"), vulnerable:make_list(\"lt 4.3.2\"))) flag++;\nif (qpkg_check(package:\"app-emulations/xen-tools\", unaffected:make_list(\"ge 4.3.2-r5\", \"rge 4.2.4-r6\"), vulnerable:make_list(\"lt 4.3.2-r5\"))) flag++;\nif (qpkg_check(package:\"app-emulations/xen\", unaffected:make_list(\"ge 4.3.2-r4\", \"rge 4.2.4-r4\"), vulnerable:make_list(\"lt 4.3.2-r4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Xen\");\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:49:00", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to fix various bugs and security issues.\n\nThe following security bugs have been fixed :\n\n - The rds_ib_xmit function in net/rds/ib_send.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to cause a denial of service (BUG_ON and kernel panic) by establishing an RDS connection with the source IP address equal to the IPoIB interfaces own IP address, as demonstrated by rds-ping. (bnc#767610). (CVE-2012-2372)\n\n - The Linux kernel before 3.12.2 does not properly use the get_dumpable function, which allows local users to bypass intended ptrace restrictions or obtain sensitive information from IA64 scratch registers via a crafted application, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h. (bnc#847652).\n (CVE-2013-2929)\n\n - Interpretation conflict in drivers/md/dm-snap-persistent.c in the Linux kernel through 3.11.6 allows remote authenticated users to obtain sensitive information or modify data via a crafted mapping to a snapshot block device.\n (bnc#846404). (CVE-2013-4299)\n\n - The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations. (bnc#851426). (CVE-2013-4579)\n\n - Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value, related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c. (bnc#852553). (CVE-2013-6382)\n\n - The rds_ib_laddr_check function in net/rds/ib.c in the Linux kernel before 3.12.8 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. (bnc#869563). (CVE-2013-7339)\n\n - The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which allows guest OS users to cause a denial of service (host OS crash) via unspecified vectors. (bnc#870173).\n (CVE-2014-0055)\n\n - drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable buffers are disabled, does not properly validate packet lengths, which allows guest OS users to cause a denial of service (memory corruption and host OS crash) or possibly gain privileges on the host OS via crafted packets, related to the handle_rx and get_rx_bufs functions. (bnc#870576). (CVE-2014-0077)\n\n - The sctp_sf_do_5_1D_ce function in net/sctp/sm_statefuns.c in the Linux kernel through 3.13.6 does not validate certain auth_enable and auth_capable fields before making an sctp_sf_authenticate call, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via an SCTP handshake with a modified INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO chunk. (bnc#866102). (CVE-2014-0101)\n\n - Use-after-free vulnerability in the skb_segment function in net/core/skbuff.c in the Linux kernel through 3.13.6 allows attackers to obtain sensitive information from kernel memory by leveraging the absence of a certain orphaning operation. (bnc#867723). (CVE-2014-0131)\n\n - The ioapic_deliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvm_irq_delivery_to_apic return value, which allows guest OS users to cause a denial of service (host OS crash) via a crafted entry in the redirection table of an I/O APIC. NOTE: the affected code was moved to the ioapic_service function before the vulnerability was announced. (bnc#872540). (CVE-2014-0155)\n\n - The fst_get_iface function in drivers/net/wan/farsync.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCWANDEV ioctl call. (bnc#858869). (CVE-2014-1444)\n\n - The wanxl_ioctl function in drivers/net/wan/wanxl.c in the Linux kernel before 3.11.7 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via an ioctl call. (bnc#858870). (CVE-2014-1445)\n\n - The yam_ioctl function in drivers/net/hamradio/yam.c in the Linux kernel before 3.12.8 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_NET_ADMIN capability for an SIOCYAMGCFG ioctl call. (bnc#858872). (CVE-2014-1446)\n\n - The security_context_to_sid_core function in security/selinux/ss/services.c in the Linux kernel before 3.13.4 allows local users to cause a denial of service (system crash) by leveraging the CAP_MAC_ADMIN capability to set a zero-length security context.\n (bnc#863335). (CVE-2014-1874)\n\n - The ip6_route_add function in net/ipv6/route.c in the Linux kernel through 3.13.6 does not properly count the addition of routes, which allows remote attackers to cause a denial of service (memory consumption) via a flood of ICMPv6 Router Advertisement packets.\n (bnc#867531). (CVE-2014-2309)\n\n - net/netfilter/nf_conntrack_proto_dccp.c in the Linux kernel through 3.13.6 uses a DCCP header pointer incorrectly, which allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a DCCP packet that triggers a call to the (1) dccp_new, (2) dccp_packet, or (3) dccp_error function. (bnc#868653). (CVE-2014-2523)\n\n - The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports. (bnc#871561). (CVE-2014-2678)\n\n - Integer overflow in the ping_init_sock function in net/ipv4/ping.c in the Linux kernel through 3.14.1 allows local users to cause a denial of service (use-after-free and system crash) or possibly gain privileges via a crafted application that leverages an improperly managed reference counter. (bnc#873374).\n (CVE-2014-2851)\n\n - The try_to_unmap_cluster function in mm/rmap.c in the Linux kernel before 3.14.3 does not properly consider which pages must be locked, which allows local users to cause a denial of service (system crash) by triggering a memory-usage pattern that requires removal of page-table mappings. (bnc#876102). (CVE-2014-3122)\n\n - The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST extension implementations in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 do not check whether a certain length value is sufficiently large, which allows local users to cause a denial of service (integer underflow and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr and\n __skb_get_nlattr_nest functions before the vulnerability was announced. (bnc#877257). (CVE-2014-3144)\n\n - The BPF_S_ANC_NLATTR_NEST extension implementation in the sk_run_filter function in net/core/filter.c in the Linux kernel through 3.14.3 uses the reverse order in a certain subtraction, which allows local users to cause a denial of service (over-read and system crash) via crafted BPF instructions. NOTE: the affected code was moved to the __skb_get_nlattr_nest function before the vulnerability was announced. (bnc#877257).\n (CVE-2014-3145)\n\n - kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. (bnc#880484). (CVE-2014-3917)\n\n - arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number. (CVE-2014-4508)\n\n -. (bnc#883724)\n\n - Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. (bnc#883795). (CVE-2014-4652)\n\n - sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX access. (bnc#883795).\n (CVE-2014-4653)\n\n - The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and cause a denial of service (use-after-free and system crash) by leveraging /dev/snd/controlCX access for an ioctl call.\n (bnc#883795). (CVE-2014-4654)\n\n - The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.\n (bnc#883795). (CVE-2014-4655)\n\n - Multiple integer overflows in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allow local users to cause a denial of service by leveraging /dev/snd/controlCX access, related to (1) index values in the snd_ctl_add function and (2) numid values in the snd_ctl_remove_numid_conflict function. (bnc#883795). (CVE-2014-4656)\n\n - The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain privileges, or cause a denial of service (double fault), via a crafted application that makes ptrace and fork system calls. (bnc#885725).\n (CVE-2014-4699)\n\nAlso the following non-security bugs have been fixed :\n\n - kernel: avoid page table walk on user space access (bnc#878407, LTC#110316).\n\n - spinlock: fix system hang with spin_retry <= 0 (bnc#874145, LTC#110189).\n\n - x86/UV: Set n_lshift based on GAM_GR_CONFIG MMR for UV3.\n (bnc#876176)\n\n - x86: Enable multiple CPUs in crash kernel. (bnc#846690)\n\n - x86/mce: Fix CMCI preemption bugs. (bnc#786450)\n\n - x86, CMCI: Add proper detection of end of CMCI storms.\n (bnc#786450)\n\n - futex: revert back to the explicit waiter counting code.\n (bnc#851603)\n\n - futex: avoid race between requeue and wake. (bnc#851603)\n\n - intel-iommu: fix off-by-one in pagetable freeing.\n (bnc#874577)\n\n - ia64: Change default PSR.ac from '1' to '0' (Fix erratum #237). (bnc#874108)\n\n - drivers/rtc/interface.c: fix infinite loop in initializing the alarm. (bnc#871676)\n\n - drm/ast: Fix double lock at PM resume. (bnc#883380)\n\n - drm/ast: add widescreen + rb modes from X.org driver (v2). (bnc#883380)\n\n - drm/ast: deal with bo reserve fail in dirty update path.\n (bnc#883380)\n\n - drm/ast: do not attempt to acquire a reservation while in an interrupt handler. (bnc#883380)\n\n - drm/ast: fix the ast open key function. (bnc#883380)\n\n - drm/ast: fix value check in cbr_scan2. (bnc#883380)\n\n - drm/ast: inline reservations. (bnc#883380)\n\n - drm/ast: invalidate page tables when pinning a BO.\n (bnc#883380)\n\n - drm/ast: rename the mindwm/moutdwm and deinline them.\n (bnc#883380)\n\n - drm/ast: resync the dram post code with upstream.\n (bnc#883380)\n\n - drm: ast: use drm_can_sleep. (bnc#883380)\n\n - drm/ast: use drm_modeset_lock_all. (bnc#883380)\n\n - drm/: Unified handling of unimplemented fb->create_handle. (bnc#883380)\n\n - drm/mgag200,ast,cirrus: fix regression with drm_can_sleep conversion. (bnc#883380)\n\n - drm/mgag200: Consolidate depth/bpp handling.\n (bnc#882324)\n\n - drm/ast: Initialized data needed to map fbdev memory.\n (bnc#880007)\n\n - drm/ast: add AST 2400 support. (bnc#880007)\n\n - drm/ast: Initialized data needed to map fbdev memory.\n (bnc#880007)\n\n - drm/mgag200: on cards with < 2MB VRAM default to 16-bit.\n (bnc#882324)\n\n - drm/mgag200: fix typo causing bw limits to be ignored on some chips. (bnc#882324)\n\n - drm/ttm: do not oops if no invalidate_caches().\n (bnc#869414)\n\n - drm/i915: Break encoder->crtc link separately in intel_sanitize_crtc(). (bnc#855126)\n\n - dlm: keep listening connection alive with sctp mode.\n (bnc#881939)\n\n - series.conf: Clarify comment about Xen kabi adjustments (bnc#876114#c25)\n\n - btrfs: fix a crash when running balance and defrag concurrently.\n\n - btrfs: unset DCACHE_DISCONNECTED when mounting default subvol. (bnc#866615)\n\n - btrfs: free delayed node outside of root->inode_lock.\n (bnc#866864)\n\n - btrfs: return EPERM when deleting a default subvolume.\n (bnc#869934)\n\n - btrfs: do not loop on large offsets in readdir.\n (bnc#863300)\n\n - sched: Consider pi boosting in setscheduler.\n\n - sched: Queue RT tasks to head when prio drops.\n\n - sched: Adjust sched_reset_on_fork when nothing else changes.\n\n - sched: Fix clock_gettime(CLOCK__CPUTIME_ID) monotonicity. (bnc#880357)\n\n - sched: Do not allow scheduler time to go backwards.\n (bnc#880357)\n\n - sched: Make scale_rt_power() deal with backward clocks.\n (bnc#865310)\n\n - sched: Use CPUPRI_NR_PRIORITIES instead of MAX_RT_PRIO in cpupri check. (bnc#871861)\n\n - sched: update_rq_clock() must skip ONE update.\n (bnc#869033, bnc#868528)\n\n - tcp: allow to disable cwnd moderation in TCP_CA_Loss state. (bnc#879921)\n\n - tcp: clear xmit timers in tcp_v4_syn_recv_sock().\n (bnc#862429)\n\n - net: add missing bh_unlock_sock() calls. (bnc#862429)\n\n - bonding: fix vlan_features computing. (bnc#872634)\n\n - vlan: more careful checksum features handling.\n (bnc#872634)\n\n - xfrm: fix race between netns cleanup and state expire notification. (bnc#879957)\n\n - xfrm: check peer pointer for null before calling inet_putpeer(). (bnc#877775)\n\n - ipv6: do not overwrite inetpeer metrics prematurely.\n (bnc#867362)\n\n - pagecachelimit: reduce lru_lock contention for heavy parallel kabi fixup:. (bnc#878509, bnc#864464)\n\n - pagecachelimit: reduce lru_lock contention for heavy parallel reclaim. (bnc#878509, bnc#864464)\n\n - TTY: serial, cleanup include file. (bnc#881571)\n\n - TTY: serial, fix includes in some drivers. (bnc#881571)\n\n - serial_core: Fix race in uart_handle_dcd_change.\n (bnc#881571)\n\n - powerpc/perf: Power8 PMU support. (bnc#832710)\n\n - powerpc/perf: Add support for SIER. (bnc#832710)\n\n - powerpc/perf: Add regs_no_sipr(). (bnc#832710)\n\n - powerpc/perf: Add an accessor for regs->result.\n (bnc#832710)\n\n - powerpc/perf: Convert mmcra_sipr/sihv() to regs_sipr/sihv(). (bnc#832710)\n\n - powerpc/perf: Add an explict flag indicating presence of SLOT field. (bnc#832710)\n\n - swiotlb: do not assume PA 0 is invalid. (bnc#865882)\n\n - lockref: implement lockless reference count updates using cmpxchg() (FATE#317271).\n\n - af_iucv: wrong mapping of sent and confirmed skbs (bnc#878407, LTC#110452).\n\n - af_iucv: recvmsg problem for SOCK_STREAM sockets (bnc#878407, LTC#110452).\n\n - af_iucv: fix recvmsg by replacing skb_pull() function (bnc#878407, LTC#110452).\n\n - qla2xxx: Poll during initialization for ISP25xx and ISP83xx. (bnc#837563)\n\n - qla2xxx: Fix request queue null dereference.\n (bnc#859840)\n\n - lpfc 8.3.41: Fixed SLI3 failing FCP write on check-condition no-sense with residual zero.\n (bnc#850915)\n\n - reiserfs: call truncate_setsize under tailpack mutex.\n (bnc#878115)\n\n - reiserfs: drop vmtruncate. (bnc#878115)\n\n - ipvs: handle IPv6 fragments with one-packet scheduling.\n (bnc#861980)\n\n - kabi: hide modifications of struct sk_buff done by bnc#861980 fix. (bnc#861980)\n\n - loop: remove the incorrect write_begin/write_end shortcut. (bnc#878123)\n\n - watchdog: hpwdt patch to display informative string.\n (bnc#862934)\n\n - watchdog: hpwdt: Patch to ignore auxilary iLO devices.\n (bnc#862934)\n\n - watchdog: hpwdt: Add check for UEFI bits. (bnc#862934)\n\n - watchdog: hpwdt.c: Increase version string. (bnc#862934)\n\n - hpilo: Correct panic when an AUX iLO is detected.\n (bnc#837563)\n\n - locking/mutexes: Introduce cancelable MCS lock for adaptive spinning (FATE#317271).\n\n - locking/mutexes: Modify the way optimistic spinners are queued (FATE#317271).\n\n - locking/mutexes: Return false if task need_resched() in mutex_can_spin_on_owner() (FATE#317271).\n\n - mutex: Enable the queuing of mutex spinners with MCS lock (FATE#317271). config: disabled on all flavors\n\n - mutex: Queue mutex spinners with MCS lock to reduce cacheline contention (FATE#317271).\n\n - memcg: deprecate memory.force_empty knob. (bnc#878274)\n\n - kabi: protect struct net from bnc#877013 changes.\n (bnc#877013)\n\n - netfilter: nfnetlink_queue: add net namespace support for nfnetlink_queue. (bnc#877013)\n\n - netfilter: make /proc/net/netfilter pernet. (bnc#877013)\n\n - netfilter: xt_hashlimit: fix proc entry leak in netns destroy path. (bnc#871634)\n\n - netfilter: xt_hashlimit: fix namespace destroy path.\n (bnc#871634)\n\n - netfilter: nf_queue: reject NF_STOLEN verdicts from userspace. (bnc#870877)\n\n - netfilter: avoid double free in nf_reinject.\n (bnc#870877)\n\n - netfilter: ctnetlink: fix race between delete and timeout expiration. (bnc#863410)\n\n - netfilter: reuse skb->nfct_reasm for ipvs conn reference. (bnc#861980)\n\n - mm: per-thread vma caching (FATE#317271). config: enable CONFIG_VMA_CACHE for x86_64/bigsmp\n\n - mm, hugetlb: improve page-fault scalability (FATE#317271).\n\n - mm: vmscan: Do not throttle based on pfmemalloc reserves if node has no ZONE_NORMAL. (bnc#870496)\n\n - mm: fix off-by-one bug in print_nodes_state().\n (bnc#792271)\n\n - hugetlb: ensure hugepage access is denied if hugepages are not supported (PowerKVM crash when mounting hugetlbfs without hugepage support (bnc#870498)).\n\n - SELinux: Increase ebitmap_node size for 64-bit configuration (FATE#317271).\n\n - SELinux: Reduce overhead of mls_level_isvalid() function call (FATE#317271).\n\n - mutex: Fix debug_mutexes (FATE#317271).\n\n - mutex: Fix debug checks (FATE#317271).\n\n - locking/mutexes: Unlock the mutex without the wait_lock (FATE#317271).\n\n - epoll: do not take the nested ep->mtx on EPOLL_CTL_DEL (FATE#317271).\n\n - epoll: do not take global 'epmutex' for simple topologies (FATE#317271).\n\n - epoll: optimize EPOLL_CTL_DEL using rcu (FATE#317271).\n\n - vfs: Fix missing unlock of vfsmount_lock in unlazy_walk.\n (bnc#880437)\n\n - dcache: kABI fixes for lockref dentries (FATE#317271).\n\n - vfs: make sure we do not have a stale root path if unlazy_walk() fails (FATE#317271).\n\n - vfs: fix dentry RCU to refcounting possibly sleeping dput() (FATE#317271).\n\n - vfs: use lockref 'dead' flag to mark unrecoverably dead dentries (FATE#317271).\n\n - vfs: reimplement d_rcu_to_refcount() using lockref_get_or_lock() (FATE#317271).\n\n - vfs: Remove second variable named error in __dentry_path (FATE#317271).\n\n - make prepend_name() work correctly when called with negative *buflen (FATE#317271).\n\n - prepend_path() needs to reinitialize dentry/vfsmount on restarts (FATE#317271).\n\n - dcache: get/release read lock in read_seqbegin_or_lock() &amp; friend (FATE#317271).\n\n - seqlock: Add a new locking reader type (FATE#317271).\n\n - dcache: Translating dentry into pathname without taking rename_lock (FATE#317271).\n\n - vfs: make the dentry cache use the lockref infrastructure (FATE#317271).\n\n - vfs: Remove dentry->d_lock locking from shrink_dcache_for_umount_subtree() (FATE#317271).\n\n - vfs: use lockref_get_not_zero() for optimistic lockless dget_parent() (FATE#317271).\n\n - vfs: constify dentry parameter in d_count() (FATE#317271).\n\n - helper for reading ->d_count (FATE#317271).\n\n - lockref: use arch_mutex_cpu_relax() in CMPXCHG_LOOP() (FATE#317271).\n\n - lockref: allow relaxed cmpxchg64 variant for lockless updates (FATE#317271).\n\n - lockref: use cmpxchg64 explicitly for lockless updates (FATE#317271).\n\n - lockref: add ability to mark lockrefs 'dead' (FATE#317271).\n\n - lockref: fix docbook argument names (FATE#317271).\n\n - lockref: Relax in cmpxchg loop (FATE#317271).\n\n - lockref: implement lockless reference count updates using cmpxchg() (FATE#317271).\n\n - lockref: uninline lockref helper functions (FATE#317271).\n\n - lockref: add lockref_get_or_lock() helper (FATE#317271).\n\n - Add new lockref infrastructure reference implementation (FATE#317271).\n\n - vfs: make lremovexattr retry once on ESTALE error.\n (bnc#876463)\n\n - vfs: make removexattr retry once on ESTALE. (bnc#876463)\n\n - vfs: make llistxattr retry once on ESTALE error.\n (bnc#876463)\n\n - vfs: make listxattr retry once on ESTALE error.\n (bnc#876463)\n\n - vfs: make lgetxattr retry once on ESTALE. (bnc#876463)\n\n - vfs: make getxattr retry once on an ESTALE error.\n (bnc#876463)\n\n - vfs: allow lsetxattr() to retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: allow setxattr to retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: allow utimensat() calls to retry once on an ESTALE error. (bnc#876463)\n\n - vfs: fix user_statfs to retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: make fchownat retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: make fchmodat retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: have chroot retry once on ESTALE error.\n (bnc#876463)\n\n - vfs: have chdir retry lookup and call once on ESTALE error. (bnc#876463)\n\n - vfs: have faccessat retry once on an ESTALE error.\n (bnc#876463)\n\n - vfs: have do_sys_truncate retry once on an ESTALE error.\n (bnc#876463)\n\n - vfs: fix renameat to retry on ESTALE errors.\n (bnc#876463)\n\n - vfs: make do_unlinkat retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: make do_rmdir retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: fix linkat to retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: fix symlinkat to retry on ESTALE errors.\n (bnc#876463)\n\n - vfs: fix mkdirat to retry once on an ESTALE error.\n (bnc#876463)\n\n - vfs: fix mknodat to retry on ESTALE errors. (bnc#876463)\n\n - vfs: add a flags argument to user_path_parent.\n (bnc#876463)\n\n - vfs: fix readlinkat to retry on ESTALE. (bnc#876463)\n\n - vfs: make fstatat retry on ESTALE errors from getattr call. (bnc#876463)\n\n - vfs: add a retry_estale helper function to handle retries on ESTALE. (bnc#876463)\n\n - crypto: s390 - fix aes,des ctr mode concurrency finding (bnc#874145, LTC#110078).\n\n - s390/cio: fix unlocked access of global bitmap (bnc#874145, LTC#109378).\n\n - s390/css: stop stsch loop after cc 3 (bnc#874145, LTC#109378).\n\n - s390/pci: add kmsg man page (bnc#874145, LTC#109224).\n\n - s390/pci/dma: use correct segment boundary size (bnc#866081, LTC#104566).\n\n - cio: Fix missing subchannels after CHPID configure on (bnc#866081, LTC#104808).\n\n - cio: Fix process hangs during subchannel scan (bnc#866081, LTC#104805).\n\n - cio: fix unusable device (bnc#866081, LTC#104168).\n\n - qeth: postpone freeing of qdio memory (bnc#874145, LTC#107873).\n\n - Fix race between starved list and device removal.\n (bnc#861636)\n\n - namei.h: include errno.h. (bnc#876463)\n\n - ALSA: hda - Implement bind mixer ctls for Conexant.\n (bnc#872188)\n\n - ALSA: hda - Fix invalid Auto-Mute Mode enum from cxt codecs. (bnc#872188)\n\n - ALSA: hda - Fix conflicting Capture Source on cxt codecs. (bnc#872188)\n\n - ALSA: usb-audio: Fix NULL dereference while quick replugging. (bnc#870335)\n\n - powerpc: Bring all threads online prior to migration/hibernation. (bnc#870591)\n\n - powerpc/pseries: Update dynamic cache nodes for suspend/resume operation. (bnc#873463)\n\n - powerpc/pseries: Device tree should only be updated once after suspend/migrate. (bnc#873463)\n\n - powerpc/pseries: Expose in kernel device tree update to drmgr. (bnc#873463)\n\n - powerpc: Add second POWER8 PVR entry. (bnc#874440)\n\n - libata/ahci: accommodate tag ordered controllers.\n (bnc#871728)\n\n - md: try to remove cause of a spinning md thread.\n (bnc#875386)\n\n - md: fix up plugging (again). (bnc#866800)\n\n - NFSv4: Fix a reboot recovery race when opening a file.\n (bnc#864404)\n\n - NFSv4: Ensure delegation recall and byte range lock removal do not conflict. (bnc#864404)\n\n - NFSv4: Fix up the return values of nfs4_open_delegation_recall. (bnc#864404)\n\n - NFSv4.1: Do not lose locks when a server reboots during delegation return. (bnc#864404)\n\n - NFSv4.1: Prevent deadlocks between state recovery and file locking. (bnc#864404)\n\n - NFSv4: Allow the state manager to mark an open_owner as being recovered. (bnc#864404)\n\n - NFS: nfs_inode_return_delegation() should always flush dirty data. (bnc#864404)\n\n - NFSv4: nfs_client_return_marked_delegations cannot flush data. (bnc#864404)\n\n - NFS: avoid excessive GETATTR request when attributes expired but cached directory is valid. (bnc#857926)\n\n - seqlock: add 'raw_seqcount_begin()' function.\n (bnc#864404)\n\n - Allow nfsdv4 to work when fips=1. (bnc#868488)\n\n - NFSv4: Add ACCESS operation to OPEN compound.\n (bnc#870958)\n\n - NFSv4: Fix unnecessary delegation returns in nfs4_do_open. (bnc#870958)\n\n - NFSv4: The NFSv4.0 client must send RENEW calls if it holds a delegation. (bnc#863873)\n\n - NFSv4: nfs4_proc_renew should be declared static.\n (bnc#863873)\n\n - NFSv4: do not put ACCESS in OPEN compound if O_EXCL.\n (bnc#870958)\n\n - NFS: revalidate on open if dcache is negative.\n (bnc#876463)\n\n - NFSD add module parameter to disable delegations.\n (bnc#876463)\n\n - Do not lose sockets when nfsd shutdown races with connection timeout. (bnc#871854)\n\n - timer: Prevent overflow in apply_slack. (bnc#873061)\n\n - mei: me: do not load the driver if the FW does not support MEI interface. (bnc#821619)\n\n - ipmi: Reset the KCS timeout when starting error recovery. (bnc#870618)\n\n - ipmi: Fix a race restarting the timer. (bnc#870618)\n\n - ipmi: increase KCS timeouts. (bnc#870618)\n\n - bnx2x: Fix kernel crash and data miscompare after EEH recovery. (bnc#881761)\n\n - bnx2x: Adapter not recovery from EEH error injection.\n (bnc#881761)\n\n - kabi: hide modifications of struct inet_peer done by bnc#867953 fix. (bnc#867953)\n\n - inetpeer: prevent unlinking from unused list twice.\n (bnc#867953)\n\n - Ignore selected taints for tracepoint modules (bnc#870450, FATE#317134).\n\n - Use 'E' instead of 'X' for unsigned module taint flag (bnc#870450,FATE#317134).\n\n - Fix: module signature vs tracepoints: add new TAINT_UNSIGNED_MODULE (bnc#870450,FATE#317134).\n\n - xhci: extend quirk for Renesas cards. (bnc#877497)\n\n - scsi: return target failure on EMC inactive snapshot.\n (bnc#840524)\n\n - virtio_balloon: do not softlockup on huge balloon changes. (bnc#871899)\n\n - ch: add refcounting. (bnc#867517)\n\n - storvsc: NULL pointer dereference fix. (bnc#865330)\n\n - Unlock the rename_lock in dentry_path() in the case when path is too long. (bnc#868748)", "cvss3": {"score": null, "vector": null}, "published": "2014-07-17T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9488 / 9491 / 9493)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2372", "CVE-2013-2929", "CVE-2013-4299", "CVE-2013-4579", "CVE-2013-6382", "CVE-2013-7339", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-0101", "CVE-2014-0131", "CVE-2014-0155", "CVE-2014-1444", "CVE-2014-1445", "CVE-2014-1446", "CVE-2014-1874", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2678", "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3917", "CVE-2014-4508", "CVE-2014-4652", "CVE-2014-4653", "CVE-2014-4654", "CVE-2014-4655", "CVE-2014-4656", "CVE-2014-4699"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "p-cpe:/a:novell:suse_linux:11:xen-kmp-default", "p-cpe:/a:novell:suse_linux:11:xen-kmp-pae", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_KERNEL-140709.NASL", "href": "https://www.tenable.com/plugins/nessus/76557", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76557);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-2372\", \"CVE-2013-2929\", \"CVE-2013-4299\", \"CVE-2013-4579\", \"CVE-2013-6382\", \"CVE-2013-7339\", \"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-0131\", \"CVE-2014-0155\", \"CVE-2014-1444\", \"CVE-2014-1445\", \"CVE-2014-1446\", \"CVE-2014-1874\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2678\", \"CVE-2014-2851\", \"CVE-2014-3122\", \"CVE-2014-3144\", \"CVE-2014-3145\", \"CVE-2014-3917\", \"CVE-2014-4508\", \"CVE-2014-4652\", \"CVE-2014-4653\", \"CVE-2014-4654\", \"CVE-2014-4655\", \"CVE-2014-4656\", \"CVE-2014-4699\");\n\n script_name(english:\"SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 9488 / 9491 / 9493)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to\nfix various bugs and security issues.\n\nThe following security bugs have been fixed :\n\n - The rds_ib_xmit function in net/rds/ib_send.c in the\n Reliable Datagram Sockets (RDS) protocol implementation\n in the Linux kernel 3.7.4 and earlier allows local users\n to cause a denial of service (BUG_ON and kernel panic)\n by establishing an RDS connection with the source IP\n address equal to the IPoIB interfaces own IP address, as\n demonstrated by rds-ping. (bnc#767610). (CVE-2012-2372)\n\n - The Linux kernel before 3.12.2 does not properly use the\n get_dumpable function, which allows local users to\n bypass intended ptrace restrictions or obtain sensitive\n information from IA64 scratch registers via a crafted\n application, related to kernel/ptrace.c and\n arch/ia64/include/asm/processor.h. (bnc#847652).\n (CVE-2013-2929)\n\n - Interpretation conflict in\n drivers/md/dm-snap-persistent.c in the Linux kernel\n through 3.11.6 allows remote authenticated users to\n obtain sensitive information or modify data via a\n crafted mapping to a snapshot block device.\n (bnc#846404). (CVE-2013-4299)\n\n - The ath9k_htc_set_bssid_mask function in\n drivers/net/wireless/ath/ath9k/htc_drv_main.c in the\n Linux kernel through 3.12 uses a BSSID masking approach\n to determine the set of MAC addresses on which a Wi-Fi\n device is listening, which allows remote attackers to\n discover the original MAC address after spoofing by\n sending a series of packets to MAC addresses with\n certain bit manipulations. (bnc#851426). (CVE-2013-4579)\n\n - Multiple buffer underflows in the XFS implementation in\n the Linux kernel through 3.12.1 allow local users to\n cause a denial of service (memory corruption) or\n possibly have unspecified other impact by leveraging the\n CAP_SYS_ADMIN capability for a (1)\n XFS_IOC_ATTRLIST_BY_HANDLE or (2)\n XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted\n length value, related to the xfs_attrlist_by_handle\n function in fs/xfs/xfs_ioctl.c and the\n xfs_compat_attrlist_by_handle function in\n fs/xfs/xfs_ioctl32.c. (bnc#852553). (CVE-2013-6382)\n\n - The rds_ib_laddr_check function in net/rds/ib.c in the\n Linux kernel before 3.12.8 allows local users to cause a\n denial of service (NULL pointer dereference and system\n crash) or possibly have unspecified other impact via a\n bind system call for an RDS socket on a system that\n lacks RDS transports. (bnc#869563). (CVE-2013-7339)\n\n - The get_rx_bufs function in drivers/vhost/net.c in the\n vhost-net subsystem in the Linux kernel package before\n 2.6.32-431.11.2 on Red Hat Enterprise Linux (RHEL) 6\n does not properly handle vhost_get_vq_desc errors, which\n allows guest OS users to cause a denial of service (host\n OS crash) via unspecified vectors. (bnc#870173).\n (CVE-2014-0055)\n\n - drivers/vhost/net.c in the Linux kernel before 3.13.10,\n when mergeable buffers are disabled, does not properly\n validate packet lengths, which allows guest OS users to\n cause a denial of service (memory corruption and host OS\n crash) or possibly gain privileges on the host OS via\n crafted packets, related to the handle_rx and\n get_rx_bufs functions. (bnc#870576). (CVE-2014-0077)\n\n - The sctp_sf_do_5_1D_ce function in\n net/sctp/sm_statefuns.c in the Linux kernel through\n 3.13.6 does not validate certain auth_enable and\n auth_capable fields before making an\n sctp_sf_authenticate call, which allows remote attackers\n to cause a denial of service (NULL pointer dereference\n and system crash) via an SCTP handshake with a modified\n INIT chunk and a crafted AUTH chunk before a COOKIE_ECHO\n chunk. (bnc#866102). (CVE-2014-0101)\n\n - Use-after-free vulnerability in the skb_segment function\n in net/core/skbuff.c in the Linux kernel through 3.13.6\n allows attackers to obtain sensitive information from\n kernel memory by leveraging the absence of a certain\n orphaning operation. (bnc#867723). (CVE-2014-0131)\n\n - The ioapic_deliver function in virt/kvm/ioapic.c in the\n Linux kernel through 3.14.1 does not properly validate\n the kvm_irq_delivery_to_apic return value, which allows\n guest OS users to cause a denial of service (host OS\n crash) via a crafted entry in the redirection table of\n an I/O APIC. NOTE: the affected code was moved to the\n ioapic_service function before the vulnerability was\n announced. (bnc#872540). (CVE-2014-0155)\n\n - The fst_get_iface function in drivers/net/wan/farsync.c\n in the Linux kernel before 3.11.7 does not properly\n initialize a certain data structure, which allows local\n users to obtain sensitive information from kernel memory\n by leveraging the CAP_NET_ADMIN capability for an\n SIOCWANDEV ioctl call. (bnc#858869). (CVE-2014-1444)\n\n - The wanxl_ioctl function in drivers/net/wan/wanxl.c in\n the Linux kernel before 3.11.7 does not properly\n initialize a certain data structure, which allows local\n users to obtain sensitive information from kernel memory\n via an ioctl call. (bnc#858870). (CVE-2014-1445)\n\n - The yam_ioctl function in drivers/net/hamradio/yam.c in\n the Linux kernel before 3.12.8 does not initialize a\n certain structure member, which allows local users to\n obtain sensitive information from kernel memory by\n leveraging the CAP_NET_ADMIN capability for an\n SIOCYAMGCFG ioctl call. (bnc#858872). (CVE-2014-1446)\n\n - The security_context_to_sid_core function in\n security/selinux/ss/services.c in the Linux kernel\n before 3.13.4 allows local users to cause a denial of\n service (system crash) by leveraging the CAP_MAC_ADMIN\n capability to set a zero-length security context.\n (bnc#863335). (CVE-2014-1874)\n\n - The ip6_route_add function in net/ipv6/route.c in the\n Linux kernel through 3.13.6 does not properly count the\n addition of routes, which allows remote attackers to\n cause a denial of service (memory consumption) via a\n flood of ICMPv6 Router Advertisement packets.\n (bnc#867531). (CVE-2014-2309)\n\n - net/netfilter/nf_conntrack_proto_dccp.c in the Linux\n kernel through 3.13.6 uses a DCCP header pointer\n incorrectly, which allows remote attackers to cause a\n denial of service (system crash) or possibly execute\n arbitrary code via a DCCP packet that triggers a call to\n the (1) dccp_new, (2) dccp_packet, or (3) dccp_error\n function. (bnc#868653). (CVE-2014-2523)\n\n - The rds_iw_laddr_check function in net/rds/iw.c in the\n Linux kernel through 3.14 allows local users to cause a\n denial of service (NULL pointer dereference and system\n crash) or possibly have unspecified other impact via a\n bind system call for an RDS socket on a system that\n lacks RDS transports. (bnc#871561). (CVE-2014-2678)\n\n - Integer overflow in the ping_init_sock function in\n net/ipv4/ping.c in the Linux kernel through 3.14.1\n allows local users to cause a denial of service\n (use-after-free and system crash) or possibly gain\n privileges via a crafted application that leverages an\n improperly managed reference counter. (bnc#873374).\n (CVE-2014-2851)\n\n - The try_to_unmap_cluster function in mm/rmap.c in the\n Linux kernel before 3.14.3 does not properly consider\n which pages must be locked, which allows local users to\n cause a denial of service (system crash) by triggering a\n memory-usage pattern that requires removal of page-table\n mappings. (bnc#876102). (CVE-2014-3122)\n\n - The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST\n extension implementations in the sk_run_filter function\n in net/core/filter.c in the Linux kernel through 3.14.3\n do not check whether a certain length value is\n sufficiently large, which allows local users to cause a\n denial of service (integer underflow and system crash)\n via crafted BPF instructions. NOTE: the affected code\n was moved to the __skb_get_nlattr and\n __skb_get_nlattr_nest functions before the vulnerability\n was announced. (bnc#877257). (CVE-2014-3144)\n\n - The BPF_S_ANC_NLATTR_NEST extension implementation in\n the sk_run_filter function in net/core/filter.c in the\n Linux kernel through 3.14.3 uses the reverse order in a\n certain subtraction, which allows local users to cause a\n denial of service (over-read and system crash) via\n crafted BPF instructions. NOTE: the affected code was\n moved to the __skb_get_nlattr_nest function before the\n vulnerability was announced. (bnc#877257).\n (CVE-2014-3145)\n\n - kernel/auditsc.c in the Linux kernel through 3.14.5,\n when CONFIG_AUDITSYSCALL is enabled with certain syscall\n rules, allows local users to obtain potentially\n sensitive single-bit values from kernel memory or cause\n a denial of service (OOPS) via a large value of a\n syscall number. (bnc#880484). (CVE-2014-3917)\n\n - arch/x86/kernel/entry_32.S in the Linux kernel through\n 3.15.1 on 32-bit x86 platforms, when syscall auditing is\n enabled and the sep CPU feature flag is set, allows\n local users to cause a denial of service (OOPS and\n system crash) via an invalid syscall number, as\n demonstrated by number. (CVE-2014-4508)\n\n -. (bnc#883724)\n\n - Race condition in the tlv handler functionality in the\n snd_ctl_elem_user_tlv function in sound/core/control.c\n in the ALSA control implementation in the Linux kernel\n before 3.15.2 allows local users to obtain sensitive\n information from kernel memory by leveraging\n /dev/snd/controlCX access. (bnc#883795). (CVE-2014-4652)\n\n - sound/core/control.c in the ALSA control implementation\n in the Linux kernel before 3.15.2 does not ensure\n possession of a read/write lock, which allows local\n users to cause a denial of service (use-after-free) and\n obtain sensitive information from kernel memory by\n leveraging /dev/snd/controlCX access. (bnc#883795).\n (CVE-2014-4653)\n\n - The snd_ctl_elem_add function in sound/core/control.c in\n the ALSA control implementation in the Linux kernel\n before 3.15.2 does not check authorization for\n SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows\n local users to remove kernel controls and cause a denial\n of service (use-after-free and system crash) by\n leveraging /dev/snd/controlCX access for an ioctl call.\n (bnc#883795). (CVE-2014-4654)\n\n - The snd_ctl_elem_add function in sound/core/control.c in\n the ALSA control implementation in the Linux kernel\n before 3.15.2 does not properly maintain the\n user_ctl_count value, which allows local users to cause\n a denial of service (integer overflow and limit bypass)\n by leveraging /dev/snd/controlCX access for a large\n number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.\n (bnc#883795). (CVE-2014-4655)\n\n - Multiple integer overflows in sound/core/control.c in\n the ALSA control implementation in the Linux kernel\n before 3.15.2 allow local users to cause a denial of\n service by leveraging /dev/snd/controlCX access, related\n to (1) index values in the snd_ctl_add function and (2)\n numid values in the snd_ctl_remove_numid_conflict\n function. (bnc#883795). (CVE-2014-4656)\n\n - The Linux kernel before 3.15.4 on Intel processors does\n not properly restrict use of a non-canonical value for\n the saved RIP address in the case of a system call that\n does not use IRET, which allows local users to leverage\n a race condition and gain privileges, or cause a denial\n of service (double fault), via a crafted application\n that makes ptrace and fork system calls. (bnc#885725).\n (CVE-2014-4699)\n\nAlso the following non-security bugs have been fixed :\n\n - kernel: avoid page table walk on user space access\n (bnc#878407, LTC#110316).\n\n - spinlock: fix system hang with spin_retry <= 0\n (bnc#874145, LTC#110189).\n\n - x86/UV: Set n_lshift based on GAM_GR_CONFIG MMR for UV3.\n (bnc#876176)\n\n - x86: Enable multiple CPUs in crash kernel. (bnc#846690)\n\n - x86/mce: Fix CMCI preemption bugs. (bnc#786450)\n\n - x86, CMCI: Add proper detection of end of CMCI storms.\n (bnc#786450)\n\n - futex: revert back to the explicit waiter counting code.\n (bnc#851603)\n\n - futex: avoid race between requeue and wake. (bnc#851603)\n\n - intel-iommu: fix off-by-one in pagetable freeing.\n (bnc#874577)\n\n - ia64: Change default PSR.ac from '1' to '0' (Fix erratum\n #237). (bnc#874108)\n\n - drivers/rtc/interface.c: fix infinite loop in\n initializing the alarm. (bnc#871676)\n\n - drm/ast: Fix double lock at PM resume. (bnc#883380)\n\n - drm/ast: add widescreen + rb modes from X.org driver\n (v2). (bnc#883380)\n\n - drm/ast: deal with bo reserve fail in dirty update path.\n (bnc#883380)\n\n - drm/ast: do not attempt to acquire a reservation while\n in an interrupt handler. (bnc#883380)\n\n - drm/ast: fix the ast open key function. (bnc#883380)\n\n - drm/ast: fix value check in cbr_scan2. (bnc#883380)\n\n - drm/ast: inline reservations. (bnc#883380)\n\n - drm/ast: invalidate page tables when pinning a BO.\n (bnc#883380)\n\n - drm/ast: rename the mindwm/moutdwm and deinline them.\n (bnc#883380)\n\n - drm/ast: resync the dram post code with upstream.\n (bnc#883380)\n\n - drm: ast: use drm_can_sleep. (bnc#883380)\n\n - drm/ast: use drm_modeset_lock_all. (bnc#883380)\n\n - drm/: Unified handling of unimplemented\n fb->create_handle. (bnc#883380)\n\n - drm/mgag200,ast,cirrus: fix regression with\n drm_can_sleep conversion. (bnc#883380)\n\n - drm/mgag200: Consolidate depth/bpp handling.\n (bnc#882324)\n\n - drm/ast: Initialized data needed to map fbdev memory.\n (bnc#880007)\n\n - drm/ast: add AST 2400 support. (bnc#880007)\n\n - drm/ast: Initialized data needed to map fbdev memory.\n (bnc#880007)\n\n - drm/mgag200: on cards with < 2MB VRAM default to 16-bit.\n (bnc#882324)\n\n - drm/mgag200: fix typo causing bw limits to be ignored on\n some chips. (bnc#882324)\n\n - drm/ttm: do not oops if no invalidate_caches().\n (bnc#869414)\n\n - drm/i915: Break encoder->crtc link separately in\n intel_sanitize_crtc(). (bnc#855126)\n\n - dlm: keep listening connection alive with sctp mode.\n (bnc#881939)\n\n - series.conf: Clarify comment about Xen kabi adjustments\n (bnc#876114#c25)\n\n - btrfs: fix a crash when running balance and defrag\n concurrently.\n\n - btrfs: unset DCACHE_DISCONNECTED when mounting default\n subvol. (bnc#866615)\n\n - btrfs: free delayed node outside of root->inode_lock.\n (bnc#866864)\n\n - btrfs: return EPERM when deleting a default subvolume.\n (bnc#869934)\n\n - btrfs: do not loop on large offsets in readdir.\n (bnc#863300)\n\n - sched: Consider pi boosting in setscheduler.\n\n - sched: Queue RT tasks to head when prio drops.\n\n - sched: Adjust sched_reset_on_fork when nothing else\n changes.\n\n - sched: Fix clock_gettime(CLOCK__CPUTIME_ID)\n monotonicity. (bnc#880357)\n\n - sched: Do not allow scheduler time to go backwards.\n (bnc#880357)\n\n - sched: Make scale_rt_power() deal with backward clocks.\n (bnc#865310)\n\n - sched: Use CPUPRI_NR_PRIORITIES instead of MAX_RT_PRIO\n in cpupri check. (bnc#871861)\n\n - sched: update_rq_clock() must skip ONE update.\n (bnc#869033, bnc#868528)\n\n - tcp: allow to disable cwnd moderation in TCP_CA_Loss\n state. (bnc#879921)\n\n - tcp: clear xmit timers in tcp_v4_syn_recv_sock().\n (bnc#862429)\n\n - net: add missing bh_unlock_sock() calls. (bnc#862429)\n\n - bonding: fix vlan_features computing. (bnc#872634)\n\n - vlan: more careful checksum features handling.\n (bnc#872634)\n\n - xfrm: fix race between netns cleanup and state expire\n notification. (bnc#879957)\n\n - xfrm: check peer pointer for null before calling\n inet_putpeer(). (bnc#877775)\n\n - ipv6: do not overwrite inetpeer metrics prematurely.\n (bnc#867362)\n\n - pagecachelimit: reduce lru_lock contention for heavy\n parallel kabi fixup:. (bnc#878509, bnc#864464)\n\n - pagecachelimit: reduce lru_lock contention for heavy\n parallel reclaim. (bnc#878509, bnc#864464)\n\n - TTY: serial, cleanup include file. (bnc#881571)\n\n - TTY: serial, fix includes in some drivers. (bnc#881571)\n\n - serial_core: Fix race in uart_handle_dcd_change.\n (bnc#881571)\n\n - powerpc/perf: Power8 PMU support. (bnc#832710)\n\n - powerpc/perf: Add support for SIER. (bnc#832710)\n\n - powerpc/perf: Add regs_no_sipr(). (bnc#832710)\n\n - powerpc/perf: Add an accessor for regs->result.\n (bnc#832710)\n\n - powerpc/perf: Convert mmcra_sipr/sihv() to\n regs_sipr/sihv(). (bnc#832710)\n\n - powerpc/perf: Add an explict flag indicating presence of\n SLOT field. (bnc#832710)\n\n - swiotlb: do not assume PA 0 is invalid. (bnc#865882)\n\n - lockref: implement lockless reference count updates\n using cmpxchg() (FATE#317271).\n\n - af_iucv: wrong mapping of sent and confirmed skbs\n (bnc#878407, LTC#110452).\n\n - af_iucv: recvmsg problem for SOCK_STREAM sockets\n (bnc#878407, LTC#110452).\n\n - af_iucv: fix recvmsg by replacing skb_pull() function\n (bnc#878407, LTC#110452).\n\n - qla2xxx: Poll during initialization for ISP25xx and\n ISP83xx. (bnc#837563)\n\n - qla2xxx: Fix request queue null dereference.\n (bnc#859840)\n\n - lpfc 8.3.41: Fixed SLI3 failing FCP write on\n check-condition no-sense with residual zero.\n (bnc#850915)\n\n - reiserfs: call truncate_setsize under tailpack mutex.\n (bnc#878115)\n\n - reiserfs: drop vmtruncate. (bnc#878115)\n\n - ipvs: handle IPv6 fragments with one-packet scheduling.\n (bnc#861980)\n\n - kabi: hide modifications of struct sk_buff done by\n bnc#861980 fix. (bnc#861980)\n\n - loop: remove the incorrect write_begin/write_end\n shortcut. (bnc#878123)\n\n - watchdog: hpwdt patch to display informative string.\n (bnc#862934)\n\n - watchdog: hpwdt: Patch to ignore auxilary iLO devices.\n (bnc#862934)\n\n - watchdog: hpwdt: Add check for UEFI bits. (bnc#862934)\n\n - watchdog: hpwdt.c: Increase version string. (bnc#862934)\n\n - hpilo: Correct panic when an AUX iLO is detected.\n (bnc#837563)\n\n - locking/mutexes: Introduce cancelable MCS lock for\n adaptive spinning (FATE#317271).\n\n - locking/mutexes: Modify the way optimistic spinners are\n queued (FATE#317271).\n\n - locking/mutexes: Return false if task need_resched() in\n mutex_can_spin_on_owner() (FATE#317271).\n\n - mutex: Enable the queuing of mutex spinners with MCS\n lock (FATE#317271). config: disabled on all flavors\n\n - mutex: Queue mutex spinners with MCS lock to reduce\n cacheline contention (FATE#317271).\n\n - memcg: deprecate memory.force_empty knob. (bnc#878274)\n\n - kabi: protect struct net from bnc#877013 changes.\n (bnc#877013)\n\n - netfilter: nfnetlink_queue: add net namespace support\n for nfnetlink_queue. (bnc#877013)\n\n - netfilter: make /proc/net/netfilter pernet. (bnc#877013)\n\n - netfilter: xt_hashlimit: fix proc entry leak in netns\n destroy path. (bnc#871634)\n\n - netfilter: xt_hashlimit: fix namespace destroy path.\n (bnc#871634)\n\n - netfilter: nf_queue: reject NF_STOLEN verdicts from\n userspace. (bnc#870877)\n\n - netfilter: avoid double free in nf_reinject.\n (bnc#870877)\n\n - netfilter: ctnetlink: fix race between delete and\n timeout expiration. (bnc#863410)\n\n - netfilter: reuse skb->nfct_reasm for ipvs conn\n reference. (bnc#861980)\n\n - mm: per-thread vma caching (FATE#317271). config: enable\n CONFIG_VMA_CACHE for x86_64/bigsmp\n\n - mm, hugetlb: improve page-fault scalability\n (FATE#317271).\n\n - mm: vmscan: Do not throttle based on pfmemalloc reserves\n if node has no ZONE_NORMAL. (bnc#870496)\n\n - mm: fix off-by-one bug in print_nodes_state().\n (bnc#792271)\n\n - hugetlb: ensure hugepage access is denied if hugepages\n are not supported (PowerKVM crash when mounting\n hugetlbfs without hugepage support (bnc#870498)).\n\n - SELinux: Increase ebitmap_node size for 64-bit\n configuration (FATE#317271).\n\n - SELinux: Reduce overhead of mls_level_isvalid() function\n call (FATE#317271).\n\n - mutex: Fix debug_mutexes (FATE#317271).\n\n - mutex: Fix debug checks (FATE#317271).\n\n - locking/mutexes: Unlock the mutex without the wait_lock\n (FATE#317271).\n\n - epoll: do not take the nested ep->mtx on EPOLL_CTL_DEL\n (FATE#317271).\n\n - epoll: do not take global 'epmutex' for simple\n topologies (FATE#317271).\n\n - epoll: optimize EPOLL_CTL_DEL using rcu (FATE#317271).\n\n - vfs: Fix missing unlock of vfsmount_lock in unlazy_walk.\n (bnc#880437)\n\n - dcache: kABI fixes for lockref dentries (FATE#317271).\n\n - vfs: make sure we do not have a stale root path if\n unlazy_walk() fails (FATE#317271).\n\n - vfs: fix dentry RCU to refcounting possibly sleeping\n dput() (FATE#317271).\n\n - vfs: use lockref 'dead' flag to mark unrecoverably dead\n dentries (FATE#317271).\n\n - vfs: reimplement d_rcu_to_refcount() using\n lockref_get_or_lock() (FATE#317271).\n\n - vfs: Remove second variable named error in __dentry_path\n (FATE#317271).\n\n - make prepend_name() work correctly when called with\n negative *buflen (FATE#317271).\n\n - prepend_path() needs to reinitialize dentry/vfsmount on\n restarts (FATE#317271).\n\n - dcache: get/release read lock in read_seqbegin_or_lock()\n &amp; friend (FATE#317271).\n\n - seqlock: Add a new locking reader type (FATE#317271).\n\n - dcache: Translating dentry into pathname without taking\n rename_lock (FATE#317271).\n\n - vfs: make the dentry cache use the lockref\n infrastructure (FATE#317271).\n\n - vfs: Remove dentry->d_lock locking from\n shrink_dcache_for_umount_subtree() (FATE#317271).\n\n - vfs: use lockref_get_not_zero() for optimistic lockless\n dget_parent() (FATE#317271).\n\n - vfs: constify dentry parameter in d_count()\n (FATE#317271).\n\n - helper for reading ->d_count (FATE#317271).\n\n - lockref: use arch_mutex_cpu_relax() in CMPXCHG_LOOP()\n (FATE#317271).\n\n - lockref: allow relaxed cmpxchg64 variant for lockless\n updates (FATE#317271).\n\n - lockref: use cmpxchg64 explicitly for lockless updates\n (FATE#317271).\n\n - lockref: add ability to mark lockrefs 'dead'\n (FATE#317271).\n\n - lockref: fix docbook argument names (FATE#317271).\n\n - lockref: Relax in cmpxchg loop (FATE#317271).\n\n - lockref: implement lockless reference count updates\n using cmpxchg() (FATE#317271).\n\n - lockref: uninline lockref helper functions\n (FATE#317271).\n\n - lockref: add lockref_get_or_lock() helper (FATE#317271).\n\n - Add new lockref infrastructure reference implementation\n (FATE#317271).\n\n - vfs: make lremovexattr retry once on ESTALE error.\n (bnc#876463)\n\n - vfs: make removexattr retry once on ESTALE. (bnc#876463)\n\n - vfs: make llistxattr retry once on ESTALE error.\n (bnc#876463)\n\n - vfs: make listxattr retry once on ESTALE error.\n (bnc#876463)\n\n - vfs: make lgetxattr retry once on ESTALE. (bnc#876463)\n\n - vfs: make getxattr retry once on an ESTALE error.\n (bnc#876463)\n\n - vfs: allow lsetxattr() to retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: allow setxattr to retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: allow utimensat() calls to retry once on an ESTALE\n error. (bnc#876463)\n\n - vfs: fix user_statfs to retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: make fchownat retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: make fchmodat retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: have chroot retry once on ESTALE error.\n (bnc#876463)\n\n - vfs: have chdir retry lookup and call once on ESTALE\n error. (bnc#876463)\n\n - vfs: have faccessat retry once on an ESTALE error.\n (bnc#876463)\n\n - vfs: have do_sys_truncate retry once on an ESTALE error.\n (bnc#876463)\n\n - vfs: fix renameat to retry on ESTALE errors.\n (bnc#876463)\n\n - vfs: make do_unlinkat retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: make do_rmdir retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: fix linkat to retry once on ESTALE errors.\n (bnc#876463)\n\n - vfs: fix symlinkat to retry on ESTALE errors.\n (bnc#876463)\n\n - vfs: fix mkdirat to retry once on an ESTALE error.\n (bnc#876463)\n\n - vfs: fix mknodat to retry on ESTALE errors. (bnc#876463)\n\n - vfs: add a flags argument to user_path_parent.\n (bnc#876463)\n\n - vfs: fix readlinkat to retry on ESTALE. (bnc#876463)\n\n - vfs: make fstatat retry on ESTALE errors from getattr\n call. (bnc#876463)\n\n - vfs: add a retry_estale helper function to handle\n retries on ESTALE. (bnc#876463)\n\n - crypto: s390 - fix aes,des ctr mode concurrency finding\n (bnc#874145, LTC#110078).\n\n - s390/cio: fix unlocked access of global bitmap\n (bnc#874145, LTC#109378).\n\n - s390/css: stop stsch loop after cc 3 (bnc#874145,\n LTC#109378).\n\n - s390/pci: add kmsg man page (bnc#874145, LTC#109224).\n\n - s390/pci/dma: use correct segment boundary size\n (bnc#866081, LTC#104566).\n\n - cio: Fix missing subchannels after CHPID configure on\n (bnc#866081, LTC#104808).\n\n - cio: Fix process hangs during subchannel scan\n (bnc#866081, LTC#104805).\n\n - cio: fix unusable device (bnc#866081, LTC#104168).\n\n - qeth: postpone freeing of qdio memory (bnc#874145,\n LTC#107873).\n\n - Fix race between starved list and device removal.\n (bnc#861636)\n\n - namei.h: include errno.h. (bnc#876463)\n\n - ALSA: hda - Implement bind mixer ctls for Conexant.\n (bnc#872188)\n\n - ALSA: hda - Fix invalid Auto-Mute Mode enum from cxt\n codecs. (bnc#872188)\n\n - ALSA: hda - Fix conflicting Capture Source on cxt\n codecs. (bnc#872188)\n\n - ALSA: usb-audio: Fix NULL dereference while quick\n replugging. (bnc#870335)\n\n - powerpc: Bring all threads online prior to\n migration/hibernation. (bnc#870591)\n\n - powerpc/pseries: Update dynamic cache nodes for\n suspend/resume operation. (bnc#873463)\n\n - powerpc/pseries: Device tree should only be updated once\n after suspend/migrate. (bnc#873463)\n\n - powerpc/pseries: Expose in kernel device tree update to\n drmgr. (bnc#873463)\n\n - powerpc: Add second POWER8 PVR entry. (bnc#874440)\n\n - libata/ahci: accommodate tag ordered controllers.\n (bnc#871728)\n\n - md: try to remove cause of a spinning md thread.\n (bnc#875386)\n\n - md: fix up plugging (again). (bnc#866800)\n\n - NFSv4: Fix a reboot recovery race when opening a file.\n (bnc#864404)\n\n - NFSv4: Ensure delegation recall and byte range lock\n removal do not conflict. (bnc#864404)\n\n - NFSv4: Fix up the return values of\n nfs4_open_delegation_recall. (bnc#864404)\n\n - NFSv4.1: Do not lose locks when a server reboots during\n delegation return. (bnc#864404)\n\n - NFSv4.1: Prevent deadlocks between state recovery and\n file locking. (bnc#864404)\n\n - NFSv4: Allow the state manager to mark an open_owner as\n being recovered. (bnc#864404)\n\n - NFS: nfs_inode_return_delegation() should always flush\n dirty data. (bnc#864404)\n\n - NFSv4: nfs_client_return_marked_delegations cannot flush\n data. (bnc#864404)\n\n - NFS: avoid excessive GETATTR request when attributes\n expired but cached directory is valid. (bnc#857926)\n\n - seqlock: add 'raw_seqcount_begin()' function.\n (bnc#864404)\n\n - Allow nfsdv4 to work when fips=1. (bnc#868488)\n\n - NFSv4: Add ACCESS operation to OPEN compound.\n (bnc#870958)\n\n - NFSv4: Fix unnecessary delegation returns in\n nfs4_do_open. (bnc#870958)\n\n - NFSv4: The NFSv4.0 client must send RENEW calls if it\n holds a delegation. (bnc#863873)\n\n - NFSv4: nfs4_proc_renew should be declared static.\n (bnc#863873)\n\n - NFSv4: do not put ACCESS in OPEN compound if O_EXCL.\n (bnc#870958)\n\n - NFS: revalidate on open if dcache is negative.\n (bnc#876463)\n\n - NFSD add module parameter to disable delegations.\n (bnc#876463)\n\n - Do not lose sockets when nfsd shutdown races with\n connection timeout. (bnc#871854)\n\n - timer: Prevent overflow in apply_slack. (bnc#873061)\n\n - mei: me: do not load the driver if the FW does not\n support MEI interface. (bnc#821619)\n\n - ipmi: Reset the KCS timeout when starting error\n recovery. (bnc#870618)\n\n - ipmi: Fix a race restarting the timer. (bnc#870618)\n\n - ipmi: increase KCS timeouts. (bnc#870618)\n\n - bnx2x: Fix kernel crash and data miscompare after EEH\n recovery. (bnc#881761)\n\n - bnx2x: Adapter not recovery from EEH error injection.\n (bnc#881761)\n\n - kabi: hide modifications of struct inet_peer done by\n bnc#867953 fix. (bnc#867953)\n\n - inetpeer: prevent unlinking from unused list twice.\n (bnc#867953)\n\n - Ignore selected taints for tracepoint modules\n (bnc#870450, FATE#317134).\n\n - Use 'E' instead of 'X' for unsigned module taint flag\n (bnc#870450,FATE#317134).\n\n - Fix: module signature vs tracepoints: add new\n TAINT_UNSIGNED_MODULE (bnc#870450,FATE#317134).\n\n - xhci: extend quirk for Renesas cards. (bnc#877497)\n\n - scsi: return target failure on EMC inactive snapshot.\n (bnc#840524)\n\n - virtio_balloon: do not softlockup on huge balloon\n changes. (bnc#871899)\n\n - ch: add refcounting. (bnc#867517)\n\n - storvsc: NULL pointer dereference fix. (bnc#865330)\n\n - Unlock the rename_lock in dentry_path() in the case when\n path is too long. (bnc#868748)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=767610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=786450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=792271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821619\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=832710\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=837563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=840524\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=846404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=846690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=847652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=850915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=851426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=851603\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=852553\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=855126\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=857926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=858869\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=858870\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=858872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=859840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=861636\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=861980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=862429\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=862934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=863300\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=863335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=863410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=863873\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=864404\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=864464\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=865310\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=865330\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=865882\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=866081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=866102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=866615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=866800\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=866864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867362\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867517\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867531\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=867953\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=868488\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=868528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=868653\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=868748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=869033\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=869414\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=869563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=869934\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870173\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870335\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870450\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870498\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870576\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870618\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=870958\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871676\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871854\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=871899\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=872188\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=872540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=872634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=873061\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=873374\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=873463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=874108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=874145\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=874440\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=874577\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=875386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=876102\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=876114\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=876176\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=876463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=877013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=877257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=877497\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=877775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878115\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878123\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878274\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878407\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=878509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=879921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=879957\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880357\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=880484\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=881571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=881761\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=881939\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=882324\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=883380\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=883795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=885725\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2372.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-2929.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4299.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-4579.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-6382.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-7339.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0055.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0077.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0101.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0131.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-0155.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1444.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1445.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1446.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-1874.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-2309.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-2523.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-2678.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-2851.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3122.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3144.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3145.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3917.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4508.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4652.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4653.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4654.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4655.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4656.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-4699.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 9488 / 9491 / 9493 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-extra-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-extra-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-source-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-syms-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-extra-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-default-4.2.4_02_3.0.101_0.35-0.7.45\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-pae-4.2.4_02_3.0.101_0.35-0.7.45\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.4_02_3.0.101_0.35-0.7.45\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-source-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-syms-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-default-4.2.4_02_3.0.101_0.35-0.7.45\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"xen-kmp-pae-4.2.4_02_3.0.101_0.35-0.7.45\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.4_02_3.0.101_0.35-0.7.45\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:36:30", "description": "Oracle Linux Local Security Checks ELSA-2014-0926", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0926", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-2678"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123351", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123351", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0926.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123351\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:38 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0926\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0926 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0926\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0926.html\");\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-4021\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.11.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.11.1.el5~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.11.1.el5PAE~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.11.1.el5debug~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.11.1.el5xen~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.11.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.11.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.11.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.11.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:29", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-28T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2014:0926 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-2678"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881973", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881973", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0926 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881973\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:34:55 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-4021\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0926 centos5\");\n\n script_tag(name:\"affected\", value:\"kernel on CentOS 5\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any\nLinux operating system.\n\n * A NULL pointer dereference flaw was found in the rds_iw_laddr_check()\nfunction in the Linux kernel's implementation of Reliable Datagram Sockets\n(RDS). A local, unprivileged user could use this flaw to crash the system.\n(CVE-2014-2678, Moderate)\n\n * It was found that the Xen hypervisor implementation did not properly\nclean memory pages previously allocated by the hypervisor. A privileged\nguest user could potentially use this flaw to read data relating to other\nguests or the hypervisor itself. (CVE-2014-4021, Moderate)\n\nRed Hat would like to thank the Xen project for reporting CVE-2014-4021.\nUpstream acknowledges Jan Beulich as the original reporter.\n\nThis update also fixes the following bugs:\n\n * A bug in the journaling block device (jbd and jbd2) code could, under\ncertain circumstances, trigger a BUG_ON() assertion and result in a kernel\noops. This happened when an application performed an extensive number of\ncommits to the journal of the ext3 file system and there was no currently\nactive transaction while synchronizing the file's in-core state. This\nproblem has been resolved by correcting respective test conditions in the\njbd and jbd2 code. (BZ#1097528)\n\n * After a statically defined gateway became unreachable and its\ncorresponding neighbor entry entered a FAILED state, the gateway stayed in\nthe FAILED state even after it became reachable again. As a consequence,\ntraffic was not routed through that gateway. This update allows probing\nsuch a gateway automatically so that the traffic can be routed through\nthis gateway again once it becomes reachable. (BZ#1106354)\n\n * Due to an incorrect condition check in the IPv6 code, the ipv6 driver\nwas unable to correctly assemble incoming packet fragments, which resulted\nin a high IPv6 packet loss rate. This update fixes the said check for a\nfragment overlap and ensures that incoming IPv6 packet fragments are now\nprocessed as expected. (BZ#1107932)\n\n * Recent changes in the d_splice_alias() function introduced a bug that\nallowed d_splice_alias() to return a dentry from a different directory\nthan the directory being looked up. As a consequence in cluster\nenvironment, a kernel panic could be triggered when a directory was being\nremoved while a concurrent cross-directory operation was performed on this\ndirectory on another cluster node. This update avoids the kernel panic in\nthis situation by correcting the search logic in the d_splice_alias()\nfunction so that the function can no longer return a dentry from an\nincorrect directory. (BZ#1109720)\n\n * The NFSv4 server did not handle m ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0926\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-July/020443.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.11.1.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-28T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2014:0926-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-2678"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871211", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871211", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0926-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871211\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-28 16:46:25 +0530 (Mon, 28 Jul 2014)\");\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-4021\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0926-01\");\n\n\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A NULL pointer dereference flaw was found in the rds_iw_laddr_check()\nfunction in the Linux kernel's implementation of Reliable Datagram Sockets\n(RDS). A local, unprivileged user could use this flaw to crash the system.\n(CVE-2014-2678, Moderate)\n\n * It was found that the Xen hypervisor implementation did not properly\nclean memory pages previously allocated by the hypervisor. A privileged\nguest user could potentially use this flaw to read data relating to other\nguests or the hypervisor itself. (CVE-2014-4021, Moderate)\n\nRed Hat would like to thank the Xen project for reporting CVE-2014-4021.\nUpstream acknowledges Jan Beulich as the original reporter.\n\nThis update also fixes the following bugs:\n\n * A bug in the journaling block device (jbd and jbd2) code could, under\ncertain circumstances, trigger a BUG_ON() assertion and result in a kernel\noops. This happened when an application performed an extensive number of\ncommits to the journal of the ext3 file system and there was no currently\nactive transaction while synchronizing the file's in-core state. This\nproblem has been resolved by correcting respective test conditions in the\njbd and jbd2 code. (BZ#1097528)\n\n * After a statically defined gateway became unreachable and its\ncorresponding neighbor entry entered a FAILED state, the gateway stayed in\nthe FAILED state even after it became reachable again. As a consequence,\ntraffic was not routed through that gateway. This update allows probing\nsuch a gateway automatically so that the traffic can be routed through\nthis gateway again once it becomes reachable. (BZ#1106354)\n\n * Due to an incorrect condition check in the IPv6 code, the ipv6 driver\nwas unable to correctly assemble incoming packet fragments, which resulted\nin a high IPv6 packet loss rate. This update fixes the said check for a\nfragment overlap and ensures that incoming IPv6 packet fragments are now\nprocessed as expected. (BZ#1107932)\n\n * Recent changes in the d_splice_alias() function introduced a bug that\nallowed d_splice_alias() to return a dentry from a different directory\nthan the directory being looked up. As a consequence in cluster\nenvironment, a kernel panic could be triggered when a directory was being\nremoved while a concurrent cross-directory operation was performed on this\ndirectory on another cluster node. This update avoids the kernel panic in\nthis situation by correcting the search logic in the d_splice_alias()\nfunction so that the function can no longer return a dentry from an\nincorrect directory. (BZ#1109720)\n\n * The ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0926-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-July/msg00052.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.11.1.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:06", "description": "Oracle Linux Local Security Checks ELSA-2014-0926-1", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0926-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-2678"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123350", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123350", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0926-1.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123350\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:37 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0926-1\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0926-1 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0926-1\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0926-1.html\");\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-4021\");\n script_tag(name:\"cvss_base\", value:\"4.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~371.11.1.0.1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.11.1.0.1.el5~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.11.1.0.1.el5PAE~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.11.1.0.1.el5debug~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ocfs2\", rpm:\"ocfs2~2.6.18~371.11.1.0.1.el5xen~1.4.10~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.11.1.0.1.el5~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.11.1.0.1.el5PAE~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.11.1.0.1.el5debug~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"oracleasm\", rpm:\"oracleasm~2.6.18~371.11.1.0.1.el5xen~2.0.5~1.el5\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-07T18:47:43", "description": "A number of security vulnerabilities have been identified in Citrix XenServer.\n These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix\n XenServer 6.2 Service Pack 1.", "cvss3": {}, "published": "2014-12-18T00:00:00", "type": "openvas", "title": "Citrix XenServer Multiple Security Updates (CTX140984)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-4947", "CVE-2014-4948"], "modified": "2020-04-02T00:00:00", "id": "OPENVAS:1361412562310105145", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105145", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Citrix XenServer Multiple Security Updates (CTX140984)\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:citrix:xenserver\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105145\");\n script_bugtraq_id(68070, 68659, 68660);\n script_cve_id(\"CVE-2014-4021\", \"CVE-2014-4947\", \"CVE-2014-4948\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"2020-04-02T13:53:24+0000\");\n\n script_name(\"Citrix XenServer Multiple Security Updates (CTX140984)\");\n\n script_xref(name:\"URL\", value:\"http://support.citrix.com/article/CTX140984\");\n\n script_tag(name:\"vuldetect\", value:\"Check the installed hotfixes.\");\n\n script_tag(name:\"solution\", value:\"Apply the hotfix referenced in the advisory.\");\n\n script_tag(name:\"summary\", value:\"A number of security vulnerabilities have been identified in Citrix XenServer.\n These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix\n XenServer 6.2 Service Pack 1.\");\n\n script_tag(name:\"insight\", value:\"The following vulnerabilities have been addressed:\n\n - CVE-2014-4021: Citrix XenServer potential guest information leak through hypervisor page reuse\n\n - CVE-2014-4947: Buffer overflow in Citrix XenServer HVM graphics console support\n\n - CVE-2014-4948: Citrix XenServer guest denial of service and information leak through guest VHD modification\");\n\n script_tag(name:\"affected\", value:\"Citrix XenServer 6.2 Service Pack 1\n\n Citrix XenServer 6.1\n\n Citrix XenServer 6.0.2\n\n Citrix XenServer 6.0.0\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_tag(name:\"last_modification\", value:\"2020-04-02 13:53:24 +0000 (Thu, 02 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-12-18 17:37:46 +0100 (Thu, 18 Dec 2014)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Citrix Xenserver Local Security Checks\");\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_dependencies(\"gb_xenserver_version.nasl\");\n script_mandatory_keys(\"xenserver/product_version\", \"xenserver/patches\");\n\n exit(0);\n}\n\ninclude(\"citrix_version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"list_array_func.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) )\n exit( 0 );\n\nif( ! hotfixes = get_kb_item(\"xenserver/patches\") )\n exit( 0 );\n\npatches = make_array();\n\npatches['6.2.0'] = make_list( 'XS62ESP1008' );\npatches['6.1.0'] = make_list( 'XS61E041', 'XS61E040' );\npatches['6.0.2'] = make_list( 'XS602E035','XS602ECC011', 'XS602ECC010' );\npatches['6.0.0'] = make_list( 'XS60E039', 'XS60E038' );\n\ncitrix_xenserver_check_report_is_vulnerable( version:version, hotfixes:hotfixes, patches:patches );\n\nexit( 99 );\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-2220-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339", "CVE-2014-2678"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841837", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841837", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2220_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ec2 USN-2220-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841837\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 16:10:59 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2013-7339\", \"CVE-2014-2678\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ec2 USN-2220-1\");\n\n script_tag(name:\"affected\", value:\"linux-ec2 on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol\nimplementation in the Linux kernel for systems that lack RDS transports. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2220-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2220-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ec2'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-364-ec2\", ver:\"2.6.32-364.77\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2219-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1737", "CVE-2014-1738", "CVE-2013-7339", "CVE-2014-2678"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841831", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841831", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2219_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2219-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841831\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 14:24:17 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2013-7339\", \"CVE-2014-2678\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2219-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Reliable Datagram Sockets (RDS) protocol\nimplementation in the Linux kernel for systems that lack RDS transports. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (system crash). (CVE-2013-7339)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2219-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2219-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-386\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-generic\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-generic-pae\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-ia64\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-lpia\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-powerpc\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-powerpc-smp\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-powerpc64-smp\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-preempt\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-server\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-sparc64\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-sparc64-smp\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-versatile\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-60-virtual\", ver:\"2.6.32-60.122\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:39:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2014:0856-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2013-7339", "CVE-2014-2851", "CVE-2014-2678", "CVE-2014-3153", "CVE-2014-0055", "CVE-2014-0077"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850593", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850593", "sourceData": "# Copyright (C) 2014 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850593\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 20:48:43 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-2678\",\n \"CVE-2014-2851\", \"CVE-2014-3122\", \"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2014:0856-1)\");\n\n script_tag(name:\"affected\", value:\"kernel on openSUSE 12.3\");\n\n script_tag(name:\"insight\", value:\"The Linux kernel was updated to fix security issues and bugs:\n\n Security issues fixed: CVE-2014-3153: The futex_requeue function in\n kernel/futex.c in the Linux kernel did not ensure that calls have two\n different futex addresses, which allowed local users to gain privileges\n via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter\n modification.\n\n CVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable\n buffers are disabled, did not properly validate packet lengths, which\n allowed guest OS users to cause a denial of service (memory corruption and\n host OS crash) or possibly gain privileges on the host OS via crafted\n packets, related to the handle_rx and get_rx_bufs functions.\n\n CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the\n vhost-net subsystem in the Linux kernel package did not properly handle\n vhost_get_vq_desc errors, which allowed guest OS users to cause a denial\n of service (host OS crash) via unspecified vectors.\n\n CVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the\n Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other\n impact via a bind system call for an RDS socket on a system that lacks RDS\n transports.\n\n CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the\n Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other\n impact via a bind system call for an RDS socket on a system that lacks RDS\n transports.\n\n CVE-2014-2851: Integer overflow in the ping_init_sock function in\n net/ipv4/ping.c in the Linux kernel allowed local users to cause a denial\n of service (use-after-free and system crash) or possibly gain privileges\n via a crafted application that leverages an improperly managed reference\n counter.\n\n CVE-2014-3122: The try_to_unmap_cluster function in mm/rmap.c in the Linux\n kernel did not properly consider which pages must be locked, which allowed\n local users to cause a denial of service (system crash) by triggering a\n memory-usage pattern that requires removal of page-table mappings.\n\n Bugs fixed:\n\n - memcg: deprecate memory.force_empty knob (bnc#878274).\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2014:0856-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.3\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE12.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-base-debuginfo\", rpm:\"kernel-desktop-base-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-debuginfo\", rpm:\"kernel-desktop-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-debugsource\", rpm:\"kernel-desktop-debugsource~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-devel-debuginfo\", rpm:\"kernel-desktop-devel-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base-debuginfo\", rpm:\"kernel-ec2-base-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-debuginfo\", rpm:\"kernel-ec2-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-debugsource\", rpm:\"kernel-ec2-debugsource~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel-debuginfo\", rpm:\"kernel-ec2-devel-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base-debuginfo\", rpm:\"kernel-trace-base-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel-debuginfo\", rpm:\"kernel-trace-devel-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base-debuginfo\", rpm:\"kernel-xen-base-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel-debuginfo\", rpm:\"kernel-xen-devel-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~3.7.10~1.36.2\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base-debuginfo\", rpm:\"kernel-pae-base-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel-debuginfo\", rpm:\"kernel-pae-devel-debuginfo~3.7.10~1.36.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-05T00:00:00", "type": "openvas", "title": "RedHat Update for kernel RHSA-2014:0981-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2672", "CVE-2012-6647", "CVE-2014-3145", "CVE-2013-7339", "CVE-2014-2851", "CVE-2014-2678", "CVE-2014-3144", "CVE-2014-2706"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871216", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871216", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2014:0981-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871216\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-05 16:51:34 +0530 (Tue, 05 Aug 2014)\");\n script_cve_id(\"CVE-2012-6647\", \"CVE-2013-7339\", \"CVE-2014-2672\", \"CVE-2014-2678\",\n \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"RedHat Update for kernel RHSA-2014:0981-01\");\n\n\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\n * A use-after-free flaw was found in the way the ping_init_sock() function\nof the Linux kernel handled the group_info reference counter. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2014-2851, Important)\n\n * A NULL pointer dereference flaw was found in the way the\nfutex_wait_requeue_pi() function of the Linux kernel's futex subsystem\nhandled the requeuing of certain Priority Inheritance (PI) futexes.\nA local, unprivileged user could use this flaw to crash the system.\n(CVE-2012-6647, Moderate)\n\n * A NULL pointer dereference flaw was found in the rds_ib_laddr_check()\nfunction in the Linux kernel's implementation of Reliable Datagram Sockets\n(RDS). A local, unprivileged user could use this flaw to crash the system.\n(CVE-2013-7339, Moderate)\n\n * It was found that a remote attacker could use a race condition flaw in\nthe ath_tx_aggr_sleep() function to crash the system by creating large\nnetwork traffic on the system's Atheros 9k wireless network adapter.\n(CVE-2014-2672, Moderate)\n\n * A NULL pointer dereference flaw was found in the rds_iw_laddr_check()\nfunction in the Linux kernel's implementation of Reliable Datagram Sockets\n(RDS). A local, unprivileged user could use this flaw to crash the system.\n(CVE-2014-2678, Moderate)\n\n * A race condition flaw was found in the way the Linux kernel's mac80211\nsubsystem implementation handled synchronization between TX and STA wake-up\ncode paths. A remote attacker could use this flaw to crash the system.\n(CVE-2014-2706, Moderate)\n\n * An out-of-bounds memory access flaw was found in the Netlink Attribute\nextension of the Berkeley Packet Filter (BPF) interpreter functionality in\nthe Linux kernel's networking implementation. A local, unprivileged user\ncould use this flaw to crash the system or leak kernel memory to user space\nvia a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145,\nModerate)\n\nThis update also fixes several bugs and adds one enhancement.\nDocumentation for these changes will be available shortly from the\nTechnical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add this\nenhancement. The system must be rebooted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"RHSA\", value:\"2014:0981-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2014-July/msg00060.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~431.23.3.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:17", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-05T00:00:00", "type": "openvas", "title": "CentOS Update for kernel CESA-2014:0981 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2672", "CVE-2012-6647", "CVE-2014-3145", "CVE-2013-7339", "CVE-2014-2851", "CVE-2014-2678", "CVE-2014-3144", "CVE-2014-2706"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881979", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881979", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2014:0981 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881979\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-05 16:47:39 +0530 (Tue, 05 Aug 2014)\");\n script_cve_id(\"CVE-2012-6647\", \"CVE-2013-7339\", \"CVE-2014-2672\", \"CVE-2014-2678\",\n \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3144\", \"CVE-2014-3145\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_name(\"CentOS Update for kernel CESA-2014:0981 centos6\");\n\n script_tag(name:\"affected\", value:\"kernel on CentOS 6\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any\nLinux operating system.\n\n * A use-after-free flaw was found in the way the ping_init_sock() function\nof the Linux kernel handled the group_info reference counter. A local,\nunprivileged user could use this flaw to crash the system or, potentially,\nescalate their privileges on the system. (CVE-2014-2851, Important)\n\n * A NULL pointer dereference flaw was found in the way the\nfutex_wait_requeue_pi() function of the Linux kernel's futex subsystem\nhandled the requeuing of certain Priority Inheritance (PI) futexes.\nA local, unprivileged user could use this flaw to crash the system.\n(CVE-2012-6647, Moderate)\n\n * A NULL pointer dereference flaw was found in the rds_ib_laddr_check()\nfunction in the Linux kernel's implementation of Reliable Datagram Sockets\n(RDS). A local, unprivileged user could use this flaw to crash the system.\n(CVE-2013-7339, Moderate)\n\n * It was found that a remote attacker could use a race condition flaw in\nthe ath_tx_aggr_sleep() function to crash the system by creating large\nnetwork traffic on the system's Atheros 9k wireless network adapter.\n(CVE-2014-2672, Moderate)\n\n * A NULL pointer dereference flaw was found in the rds_iw_laddr_check()\nfunction in the Linux kernel's implementation of Reliable Datagram Sockets\n(RDS). A local, unprivileged user could use this flaw to crash the system.\n(CVE-2014-2678, Moderate)\n\n * A race condition flaw was found in the way the Linux kernel's mac80211\nsubsystem implementation handled synchronization between TX and STA wake-up\ncode paths. A remote attacker could use this flaw to crash the system.\n(CVE-2014-2706, Moderate)\n\n * An out-of-bounds memory access flaw was found in the Netlink Attribute\nextension of the Berkeley Packet Filter (BPF) interpreter functionality in\nthe Linux kernel's networking implementation. A local, unprivileged user\ncould use this flaw to crash the system or leak kernel memory to user space\nvia a specially crafted socket filter. (CVE-2014-3144, CVE-2014-3145,\nModerate)\n\nThis update also fixes several bugs and adds one enhancement.\nDocumentation for these changes will be available shortly from the\nTechnical Notes document linked to in the References section.\n\nAll kernel users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues and add this\nenhancement. The system must be rebooted for this update to take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"CESA\", value:\"2014:0981\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2014-July/020458.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.23.3.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:11", "description": "Oracle Linux Local Security Checks ELSA-2014-0981", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2014-0981", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2672", "CVE-2012-6647", "CVE-2014-3145", "CVE-2013-7339", "CVE-2014-2851", "CVE-2014-2678", "CVE-2014-3144", "CVE-2014-2706"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123347", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123347", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2014-0981.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123347\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:02:35 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2014-0981\");\n script_tag(name:\"insight\", value:\"ELSA-2014-0981 - kernel security, bug fix, and enhancement update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2014-0981\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2014-0981.html\");\n script_cve_id(\"CVE-2014-2851\", \"CVE-2013-7339\", \"CVE-2014-3144\", \"CVE-2014-3145\", \"CVE-2014-2678\", \"CVE-2012-6647\", \"CVE-2014-2672\", \"CVE-2014-2706\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~431.23.3.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-14T19:01:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-01T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for kernel (openSUSE-SU-2014:0840-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2014-3145", "CVE-2013-7339", "CVE-2014-2851", "CVE-2014-2678", "CVE-2014-3144", "CVE-2014-3153", "CVE-2014-0055", "CVE-2014-0077"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850594", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850594", "sourceData": "# Copyright (C) 2014 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850594\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-07-01 21:04:32 +0530 (Tue, 01 Jul 2014)\");\n script_cve_id(\"CVE-2013-7339\", \"CVE-2014-0055\", \"CVE-2014-0077\", \"CVE-2014-2678\",\n \"CVE-2014-2851\", \"CVE-2014-3122\", \"CVE-2014-3144\", \"CVE-2014-3145\",\n \"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for kernel (openSUSE-SU-2014:0840-1)\");\n\n script_tag(name:\"affected\", value:\"kernel on openSUSE 13.1\");\n\n script_tag(name:\"insight\", value:\"The Linux kernel was updated to fix security issues and bugs.\n\n Security issues fixed: CVE-2014-3153: The futex_requeue function in\n kernel/futex.c in the Linux kernel did not ensure that calls have two\n different futex addresses, which allowed local users to gain privileges\n via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter\n modification.\n\n CVE-2014-3144: The (1) BPF_S_ANC_NLATTR and (2) BPF_S_ANC_NLATTR_NEST\n extension implementations in the sk_run_filter function in\n net/core/filter.c in the Linux kernel did not check whether a certain\n length value is sufficiently large, which allowed local users to cause a\n denial of service (integer underflow and system crash) via crafted BPF\n instructions. NOTE: the affected code was moved to the __skb_get_nlattr\n and __skb_get_nlattr_nest functions before the vulnerability was announced.\n\n CVE-2014-3145: The BPF_S_ANC_NLATTR_NEST extension implementation in the\n sk_run_filter function in net/core/filter.c in the Linux kernel used the\n reverse order in a certain subtraction, which allowed local users to cause\n a denial of service (over-read and system crash) via crafted BPF\n instructions. NOTE: the affected code was moved to the\n __skb_get_nlattr_nest function before the vulnerability was announced.\n\n CVE-2014-0077: drivers/vhost/net.c in the Linux kernel, when mergeable\n buffers are disabled, did not properly validate packet lengths, which\n allowed guest OS users to cause a denial of service (memory corruption and\n host OS crash) or possibly gain privileges on the host OS via crafted\n packets, related to the handle_rx and get_rx_bufs functions.\n\n CVE-2014-0055: The get_rx_bufs function in drivers/vhost/net.c in the\n vhost-net subsystem in the Linux kernel package did not properly handle\n vhost_get_vq_desc errors, which allowed guest OS users to cause a denial\n of service (host OS crash) via unspecified vectors.\n\n CVE-2014-2678: The rds_iw_laddr_check function in net/rds/iw.c in the\n Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other\n impact via a bind system call for an RDS socket on a system that lacks RDS\n transports.\n\n CVE-2013-7339: The rds_ib_laddr_check function in net/rds/ib.c in the\n Linux kernel allowed local users to cause a denial of service (NULL\n pointer dereference and system crash) or possibly have unspecified other\n impact via a bind system call for an RDS socket on a system that lacks RDS\n transports.\n\n CVE-2014-2851: Integer overflow in the ping_init_sock function in\n net/ipv4/ping.c in ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2014:0840-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop\", rpm:\"kernel-desktop~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-base\", rpm:\"kernel-desktop-base~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-base-debuginfo\", rpm:\"kernel-desktop-base-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-debuginfo\", rpm:\"kernel-desktop-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-debugsource\", rpm:\"kernel-desktop-debugsource~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-devel\", rpm:\"kernel-desktop-devel~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-desktop-devel-debuginfo\", rpm:\"kernel-desktop-devel-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.11.10~17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.11.10~17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base-debuginfo\", rpm:\"kernel-ec2-base-debuginfo~3.11.10~17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-debuginfo\", rpm:\"kernel-ec2-debuginfo~3.11.10~17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-debugsource\", rpm:\"kernel-ec2-debugsource~3.11.10~17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.11.10~17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel-debuginfo\", rpm:\"kernel-ec2-devel-debuginfo~3.11.10~17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base-debuginfo\", rpm:\"kernel-trace-base-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-debuginfo\", rpm:\"kernel-trace-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-debugsource\", rpm:\"kernel-trace-debugsource~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel-debuginfo\", rpm:\"kernel-trace-devel-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-vanilla-devel-debuginfo\", rpm:\"kernel-vanilla-devel-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base-debuginfo\", rpm:\"kernel-xen-base-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel-debuginfo\", rpm:\"kernel-xen-devel-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop\", rpm:\"cloop~2.639~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-debuginfo\", rpm:\"cloop-debuginfo~2.639~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-debugsource\", rpm:\"cloop-debugsource~2.639~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-kmp-default\", rpm:\"cloop-kmp-default~2.639_k3.11.10_17~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-kmp-default-debuginfo\", rpm:\"cloop-kmp-default-debuginfo~2.639_k3.11.10_17~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-kmp-desktop\", rpm:\"cloop-kmp-desktop~2.639_k3.11.10_17~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-kmp-desktop-debuginfo\", rpm:\"cloop-kmp-desktop-debuginfo~2.639_k3.11.10_17~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-kmp-xen\", rpm:\"cloop-kmp-xen~2.639_k3.11.10_17~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-kmp-xen-debuginfo\", rpm:\"cloop-kmp-xen-debuginfo~2.639_k3.11.10_17~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash\", rpm:\"crash~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-debuginfo\", rpm:\"crash-debuginfo~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-debugsource\", rpm:\"crash-debugsource~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-devel\", rpm:\"crash-devel~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-doc\", rpm:\"crash-doc~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-eppic\", rpm:\"crash-eppic~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-eppic-debuginfo\", rpm:\"crash-eppic-debuginfo~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-gcore\", rpm:\"crash-gcore~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-gcore-debuginfo\", rpm:\"crash-gcore-debuginfo~7.0.2~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-kmp-default\", rpm:\"crash-kmp-default~7.0.2_k3.11.10_17~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-kmp-default-debuginfo\", rpm:\"crash-kmp-default-debuginfo~7.0.2_k3.11.10_17~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-kmp-desktop\", rpm:\"crash-kmp-desktop~7.0.2_k3.11.10_17~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-kmp-desktop-debuginfo\", rpm:\"crash-kmp-desktop-debuginfo~7.0.2_k3.11.10_17~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-kmp-xen\", rpm:\"crash-kmp-xen~7.0.2_k3.11.10_17~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-kmp-xen-debuginfo\", rpm:\"crash-kmp-xen-debuginfo~7.0.2_k3.11.10_17~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-debugsource\", rpm:\"hdjmod-debugsource~1.28~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-kmp-default\", rpm:\"hdjmod-kmp-default~1.28_k3.11.10_17~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-kmp-default-debuginfo\", rpm:\"hdjmod-kmp-default-debuginfo~1.28_k3.11.10_17~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-kmp-desktop\", rpm:\"hdjmod-kmp-desktop~1.28_k3.11.10_17~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-kmp-desktop-debuginfo\", rpm:\"hdjmod-kmp-desktop-debuginfo~1.28_k3.11.10_17~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-kmp-xen\", rpm:\"hdjmod-kmp-xen~1.28_k3.11.10_17~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-kmp-xen-debuginfo\", rpm:\"hdjmod-kmp-xen-debuginfo~1.28_k3.11.10_17~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset\", rpm:\"ipset~6.21.1~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-debuginfo\", rpm:\"ipset-debuginfo~6.21.1~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-debugsource\", rpm:\"ipset-debugsource~6.21.1~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-devel\", rpm:\"ipset-devel~6.21.1~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-kmp-default\", rpm:\"ipset-kmp-default~6.21.1_k3.11.10_17~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-kmp-default-debuginfo\", rpm:\"ipset-kmp-default-debuginfo~6.21.1_k3.11.10_17~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-kmp-desktop\", rpm:\"ipset-kmp-desktop~6.21.1_k3.11.10_17~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-kmp-desktop-debuginfo\", rpm:\"ipset-kmp-desktop-debuginfo~6.21.1_k3.11.10_17~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-kmp-xen\", rpm:\"ipset-kmp-xen~6.21.1_k3.11.10_17~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-kmp-xen-debuginfo\", rpm:\"ipset-kmp-xen-debuginfo~6.21.1_k3.11.10_17~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget\", rpm:\"iscsitarget~1.4.20.3~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-debuginfo\", rpm:\"iscsitarget-debuginfo~1.4.20.3~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-debugsource\", rpm:\"iscsitarget-debugsource~1.4.20.3~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-kmp-default\", rpm:\"iscsitarget-kmp-default~1.4.20.3_k3.11.10_17~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-kmp-default-debuginfo\", rpm:\"iscsitarget-kmp-default-debuginfo~1.4.20.3_k3.11.10_17~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-kmp-desktop\", rpm:\"iscsitarget-kmp-desktop~1.4.20.3_k3.11.10_17~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-kmp-desktop-debuginfo\", rpm:\"iscsitarget-kmp-desktop-debuginfo~1.4.20.3_k3.11.10_17~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-kmp-xen\", rpm:\"iscsitarget-kmp-xen~1.4.20.3_k3.11.10_17~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-kmp-xen-debuginfo\", rpm:\"iscsitarget-kmp-xen-debuginfo~1.4.20.3_k3.11.10_17~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel-debuginfo\", rpm:\"kernel-default-devel-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.11.10~17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libipset3\", rpm:\"libipset3~6.21.1~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libipset3-debuginfo\", rpm:\"libipset3-debuginfo~6.21.1~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper\", rpm:\"ndiswrapper~1.58~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper-debuginfo\", rpm:\"ndiswrapper-debuginfo~1.58~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper-debugsource\", rpm:\"ndiswrapper-debugsource~1.58~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper-kmp-default\", rpm:\"ndiswrapper-kmp-default~1.58_k3.11.10_17~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper-kmp-default-debuginfo\", rpm:\"ndiswrapper-kmp-default-debuginfo~1.58_k3.11.10_17~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper-kmp-desktop\", rpm:\"ndiswrapper-kmp-desktop~1.58_k3.11.10_17~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper-kmp-desktop-debuginfo\", rpm:\"ndiswrapper-kmp-desktop-debuginfo~1.58_k3.11.10_17~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock\", rpm:\"pcfclock~0.44~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock-debuginfo\", rpm:\"pcfclock-debuginfo~0.44~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock-debugsource\", rpm:\"pcfclock-debugsource~0.44~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock-kmp-default\", rpm:\"pcfclock-kmp-default~0.44_k3.11.10_17~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock-kmp-default-debuginfo\", rpm:\"pcfclock-kmp-default-debuginfo~0.44_k3.11.10_17~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock-kmp-desktop\", rpm:\"pcfclock-kmp-desktop~0.44_k3.11.10_17~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock-kmp-desktop-debuginfo\", rpm:\"pcfclock-kmp-desktop-debuginfo~0.44_k3.11.10_17~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-virtualbox\", rpm:\"python-virtualbox~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-virtualbox-debuginfo\", rpm:\"python-virtualbox-debuginfo~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-debugsource\", rpm:\"vhba-kmp-debugsource~20130607~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-default\", rpm:\"vhba-kmp-default~20130607_k3.11.10_17~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-default-debuginfo\", rpm:\"vhba-kmp-default-debuginfo~20130607_k3.11.10_17~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-desktop\", rpm:\"vhba-kmp-desktop~20130607_k3.11.10_17~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-desktop-debuginfo\", rpm:\"vhba-kmp-desktop-debuginfo~20130607_k3.11.10_17~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-xen\", rpm:\"vhba-kmp-xen~20130607_k3.11.10_17~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-xen-debuginfo\", rpm:\"vhba-kmp-xen-debuginfo~20130607_k3.11.10_17~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox\", rpm:\"virtualbox~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-debuginfo\", rpm:\"virtualbox-debuginfo~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-debugsource\", rpm:\"virtualbox-debugsource~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-devel\", rpm:\"virtualbox-devel~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-default\", rpm:\"virtualbox-guest-kmp-default~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-default-debuginfo\", rpm:\"virtualbox-guest-kmp-default-debuginfo~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-desktop\", rpm:\"virtualbox-guest-kmp-desktop~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-desktop-debuginfo\", rpm:\"virtualbox-guest-kmp-desktop-debuginfo~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-tools\", rpm:\"virtualbox-guest-tools~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-tools-debuginfo\", rpm:\"virtualbox-guest-tools-debuginfo~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-x11\", rpm:\"virtualbox-guest-x11~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-x11-debuginfo\", rpm:\"virtualbox-guest-x11-debuginfo~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-default\", rpm:\"virtualbox-host-kmp-default~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-default-debuginfo\", rpm:\"virtualbox-host-kmp-default-debuginfo~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-desktop\", rpm:\"virtualbox-host-kmp-desktop~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-desktop-debuginfo\", rpm:\"virtualbox-host-kmp-desktop-debuginfo~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-qt\", rpm:\"virtualbox-qt~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-qt-debuginfo\", rpm:\"virtualbox-qt-debuginfo~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-websrv\", rpm:\"virtualbox-websrv~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-websrv-debuginfo\", rpm:\"virtualbox-websrv-debuginfo~4.2.18~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.3.2_01_k3.11.10_17~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default-debuginfo\", rpm:\"xen-kmp-default-debuginfo~4.3.2_01_k3.11.10_17~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-desktop\", rpm:\"xen-kmp-desktop~4.3.2_01_k3.11.10_17~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-desktop-debuginfo\", rpm:\"xen-kmp-desktop-debuginfo~4.3.2_01_k3.11.10_17~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons\", rpm:\"xtables-addons~2.3~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-debuginfo\", rpm:\"xtables-addons-debuginfo~2.3~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-debugsource\", rpm:\"xtables-addons-debugsource~2.3~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-kmp-default\", rpm:\"xtables-addons-kmp-default~2.3_k3.11.10_17~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-kmp-default-debuginfo\", rpm:\"xtables-addons-kmp-default-debuginfo~2.3_k3.11.10_17~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-kmp-desktop\", rpm:\"xtables-addons-kmp-desktop~2.3_k3.11.10_17~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-kmp-desktop-debuginfo\", rpm:\"xtables-addons-kmp-desktop-debuginfo~2.3_k3.11.10_17~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-kmp-xen\", rpm:\"xtables-addons-kmp-xen~2.3_k3.11.10_17~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-kmp-xen-debuginfo\", rpm:\"xtables-addons-kmp-xen-debuginfo~2.3_k3.11.10_17~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~3.11.10~17.6\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-32bit\", rpm:\"xen-libs-32bit~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo-32bit\", rpm:\"xen-libs-debuginfo-32bit~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-xend-tools\", rpm:\"xen-xend-tools~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-xend-tools-debuginfo\", rpm:\"xen-xend-tools-debuginfo~4.3.2_01~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base-debuginfo\", rpm:\"kernel-pae-base-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel-debuginfo\", rpm:\"kernel-pae-devel-debuginfo~3.11.10~17.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-kmp-pae\", rpm:\"cloop-kmp-pae~2.639_k3.11.10_17~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cloop-kmp-pae-debuginfo\", rpm:\"cloop-kmp-pae-debuginfo~2.639_k3.11.10_17~11.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-kmp-pae\", rpm:\"crash-kmp-pae~7.0.2_k3.11.10_17~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"crash-kmp-pae-debuginfo\", rpm:\"crash-kmp-pae-debuginfo~7.0.2_k3.11.10_17~2.10.9\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-kmp-pae\", rpm:\"hdjmod-kmp-pae~1.28_k3.11.10_17~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hdjmod-kmp-pae-debuginfo\", rpm:\"hdjmod-kmp-pae-debuginfo~1.28_k3.11.10_17~16.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-kmp-pae\", rpm:\"ipset-kmp-pae~6.21.1_k3.11.10_17~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ipset-kmp-pae-debuginfo\", rpm:\"ipset-kmp-pae-debuginfo~6.21.1_k3.11.10_17~2.14.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-kmp-pae\", rpm:\"iscsitarget-kmp-pae~1.4.20.3_k3.11.10_17~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"iscsitarget-kmp-pae-debuginfo\", rpm:\"iscsitarget-kmp-pae-debuginfo~1.4.20.3_k3.11.10_17~13.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper-kmp-pae\", rpm:\"ndiswrapper-kmp-pae~1.58_k3.11.10_17~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ndiswrapper-kmp-pae-debuginfo\", rpm:\"ndiswrapper-kmp-pae-debuginfo~1.58_k3.11.10_17~10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock-kmp-pae\", rpm:\"pcfclock-kmp-pae~0.44_k3.11.10_17~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"pcfclock-kmp-pae-debuginfo\", rpm:\"pcfclock-kmp-pae-debuginfo~0.44_k3.11.10_17~258.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-pae\", rpm:\"vhba-kmp-pae~20130607_k3.11.10_17~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"vhba-kmp-pae-debuginfo\", rpm:\"vhba-kmp-pae-debuginfo~20130607_k3.11.10_17~2.11.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-pae\", rpm:\"virtualbox-guest-kmp-pae~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-pae-debuginfo\", rpm:\"virtualbox-guest-kmp-pae-debuginfo~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-pae\", rpm:\"virtualbox-host-kmp-pae~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-pae-debuginfo\", rpm:\"virtualbox-host-kmp-pae-debuginfo~4.2.18_k3.11.10_17~2.15.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae\", rpm:\"xen-kmp-pae~4.3.2_01_k3.11.10_17~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae-debuginfo\", rpm:\"xen-kmp-pae-debuginfo~4.3.2_01_k3.11.10_17~18.2\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-kmp-pae\", rpm:\"xtables-addons-kmp-pae~2.3_k3.11.10_17~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xtables-addons-kmp-pae-debuginfo\", rpm:\"xtables-addons-kmp-pae-debuginfo~2.3_k3.11.10_17~2.10.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:39:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for xen (openSUSE-SU-2014:1281-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-3967", "CVE-2014-7188", "CVE-2014-3968", "CVE-2014-3124", "CVE-2014-7156", "CVE-2014-7155", "CVE-2014-7154", "CVE-2013-4540", "CVE-2013-4344"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850620", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850620", "sourceData": "# Copyright (C) 2014 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850620\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-10-10 06:08:22 +0200 (Fri, 10 Oct 2014)\");\n script_cve_id(\"CVE-2013-4344\", \"CVE-2013-4540\", \"CVE-2014-3124\", \"CVE-2014-3967\", \"CVE-2014-3968\", \"CVE-2014-4021\", \"CVE-2014-7154\", \"CVE-2014-7155\", \"CVE-2014-7156\", \"CVE-2014-7188\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for xen (openSUSE-SU-2014:1281-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"XEN was updated to fix security issues and bugs.\n\n Security issues fixed:\n\n - bnc#897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC\n emulation\n\n - bnc#895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in\n x86 emulation of software interrupts\n\n - bnc#895799 - CVE-2014-7155: XSA-105: Missing privilege level checks in\n x86 HLT, LGDT, LIDT, and LMSW emulation\n\n - bnc#895798 - CVE-2014-7154: XSA-104: Race condition in\n HVMOP_track_dirty_vram\n\n - bnc#864801 - CVE-2013-4540: qemu: zaurus: buffer overrun on invalid\n state load\n\n - bnc#875668 - CVE-2014-3124: XSA-92: HVMOP_set_mem_type allows invalid\n P2M entries to be created\n\n - bnc#878841 - CVE-2014-3967, CVE-2014-3968: XSA-96: Xen: Vulnerabilities\n in HVM MSI injection\n\n - bnc#880751 - CVE-2014-4021: XSA-100: Hypervisor heap contents leaked to\n guests\n\n - bnc#842006 - CVE-2013-4344: XSA-65: xen: qemu SCSI REPORT LUNS buffer\n overflow\n\n Other bugs fixed:\n\n - bnc#896023 - Adjust xentop column layout\n\n - bnc#820873 - The 'long' option doesn't work with 'xl list'\n\n - bnc#882127 - Xen kernel panics on booting SLES12 Beta 8\n\n - bnc#865682 - Local attach support for PHY backends using scripts\n\n - bnc#798770 - Improve multipath support for npiv devices\");\n\n script_tag(name:\"affected\", value:\"xen on openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2014:1281-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE13\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.3.2_02_k3.11.10_21~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default-debuginfo\", rpm:\"xen-kmp-default-debuginfo~4.3.2_02_k3.11.10_21~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-desktop\", rpm:\"xen-kmp-desktop~4.3.2_02_k3.11.10_21~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-desktop-debuginfo\", rpm:\"xen-kmp-desktop-debuginfo~4.3.2_02_k3.11.10_21~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-32bit\", rpm:\"xen-libs-32bit~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo-32bit\", rpm:\"xen-libs-debuginfo-32bit~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-xend-tools\", rpm:\"xen-xend-tools~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-xend-tools-debuginfo\", rpm:\"xen-xend-tools-debuginfo~4.3.2_02~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae\", rpm:\"xen-kmp-pae~4.3.2_02_k3.11.10_21~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae-debuginfo\", rpm:\"xen-kmp-pae-debuginfo~4.3.2_02_k3.11.10_21~27.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:39:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for xen (openSUSE-SU-2014:1279-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-4021", "CVE-2014-3967", "CVE-2014-7188", "CVE-2014-3968", "CVE-2014-7156", "CVE-2014-2599", "CVE-2014-7155", "CVE-2014-7154", "CVE-2013-4540", "CVE-2013-4344"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850619", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850619", "sourceData": "# Copyright (C) 2014 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850619\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-10-10 06:07:56 +0200 (Fri, 10 Oct 2014)\");\n script_cve_id(\"CVE-2013-4344\", \"CVE-2013-4540\", \"CVE-2014-2599\", \"CVE-2014-3967\", \"CVE-2014-3968\", \"CVE-2014-4021\", \"CVE-2014-7154\", \"CVE-2014-7155\", \"CVE-2014-7156\", \"CVE-2014-7188\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"openSUSE: Security Advisory for xen (openSUSE-SU-2014:1279-1)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"XEN was updated to fix various bugs and security issues.\n\n Security issues fixed:\n\n - bnc#897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC\n emulation\n\n - bnc#895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in\n x86 emulation of software interrupts\n\n - bnc#895799 - CVE-2014-7155: XSA-105: Missing privilege level checks in\n x86 HLT, LGDT, LIDT, and LMSW emulation\n\n - bnc#895798 - CVE-2014-7154: XSA-104: Race condition in\n HVMOP_track_dirty_vram\n\n - bnc#864801 - CVE-2013-4540: qemu: zaurus: buffer overrun on invalid\n state load\n\n - bnc#880751 - CVE-2014-4021: XSA-100: Hypervisor heap contents leaked to\n guests\n\n - bnc#878841 - CVE-2014-3967, CVE-2014-3968: XSA-96: Vulnerabilities in HVM\n MSI injection\n\n - bnc#867910 - CVE-2014-2599: XSA-89: HVMOP_set_mem_access is not\n preemptible\n\n - bnc#842006 - CVE-2013-4344: XSA-65: xen: qemu SCSI REPORT LUNS buffer\n overflow\n\n Other bugs fixed:\n\n - bnc#896023 - Adjust xentop column layout\n\n - bnc#891539 - xend: fix netif convertToDeviceNumber for running domains\n\n - bnc#820873 - The 'long' option doesn't work with 'xl list'\n\n - bnc#881900 - XEN kernel panic do_device_not_available()\n\n - bnc#833483 - Boot Failure with xen kernel in UEFI mode with error 'No\n memory for trampoline'\n\n - bnc#862608 - SLES 11 SP3 vm-install should get RHEL 7 support when\n released\n\n - bnc#858178 - [HP HPS Bug]: SLES11sp3 XEN kiso version cause softlockup\n on 8 blades npar(480 cpu)\n\n - bnc#865682 - Local attach support for PHY backends using scripts\n\n - bnc#798770 - Improve multipath support for npiv devices\");\n\n script_tag(name:\"affected\", value:\"xen on openSUSE 12.3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"openSUSE-SU\", value:\"2014:1279-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSE12\\.3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE12.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"xen-debugsource\", rpm:\"xen-debugsource~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default\", rpm:\"xen-kmp-default~4.2.4_04_k3.7.10_1.40~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-default-debuginfo\", rpm:\"xen-kmp-default-debuginfo~4.2.4_04_k3.7.10_1.40~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-desktop\", rpm:\"xen-kmp-desktop~4.2.4_04_k3.7.10_1.40~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-desktop-debuginfo\", rpm:\"xen-kmp-desktop-debuginfo~4.2.4_04_k3.7.10_1.40~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo\", rpm:\"xen-libs-debuginfo~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU\", rpm:\"xen-tools-domU~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-domU-debuginfo\", rpm:\"xen-tools-domU-debuginfo~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-doc-html\", rpm:\"xen-doc-html~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-doc-pdf\", rpm:\"xen-doc-pdf~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-32bit\", rpm:\"xen-libs-32bit~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-libs-debuginfo-32bit\", rpm:\"xen-libs-debuginfo-32bit~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools\", rpm:\"xen-tools~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-tools-debuginfo\", rpm:\"xen-tools-debuginfo~4.2.4_04~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae\", rpm:\"xen-kmp-pae~4.2.4_04_k3.7.10_1.40~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"xen-kmp-pae-debuginfo\", rpm:\"xen-kmp-pae-debuginfo~4.2.4_04_k3.7.10_1.40~1.32.1\", rls:\"openSUSE12.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-raring USN-2224-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2014-2672", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2851", "CVE-2014-2309", "CVE-2014-2678", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-2706"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841836", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841836", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2224_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-raring USN-2224-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841836\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 15:44:18 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2014-0055\", \"CVE-2014-0077\",\n \"CVE-2014-0101\", \"CVE-2014-2309\", \"CVE-2014-2523\", \"CVE-2014-2672\",\n \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\", \"CVE-2014-3122\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-raring USN-2224-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-raring on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest\nOS users could exploit this flaw to cause a denial of service (host OS\ncrash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to cause a\ndenial of service (memory consumption) via a flood of ICMPv6 router\nadvertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\nin the Linux kernel. This race could be exploited by remote attackers to\ncause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic\nIEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged\nlocal user could exploit this flaw to cause a denial of service (system\ncrash) or possibly gain privileges via a crafted application.\n(CVE-2014-2851)\n\nSasha Levin reported a bug in the Linux kernel's virtual memory management\nsubsystem. An unprivileged local user could exploit this flaw to cause a\ndenial of service (system crash). (CVE-2014-3122)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2224-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2224-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-raring'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.8.0-41-generic\", ver:\"3.8.0-41.60~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2221-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2672", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2851", "CVE-2014-2309", "CVE-2014-2678", "CVE-2013-4483", "CVE-2014-0077", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-0069", "CVE-2014-2706"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841840", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841840", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2221_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2221-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841840\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 17:17:33 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2013-4483\", \"CVE-2014-0069\",\n \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-2309\", \"CVE-2014-2523\",\n \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2221-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel's IPC reference counting. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (OOM system crash). (CVE-2013-4483)\n\nAl Viro discovered an error in how CIFS in the Linux kernel handles\nuncached write operations. An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash), obtain sensitive\ninformation from kernel memory, or possibly gain privileges.\n(CVE-2014-0069)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to cause a\ndenial of service (memory consumption) via a flood of ICMPv6 router\nadvertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\nin the Linux kernel. This race could be exploited by remote attackers to\ncause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic\nIEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged\nlocal user could exploit this flaw to cause a denial of service (system\ncrash) or possibly gain privileges via a crafted application.\n(CVE-2014-2851)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2221-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2221-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-63-generic\", ver:\"3.2.0-63.95\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-63-generic-pae\", ver:\"3.2.0-63.95\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-63-highbank\", ver:\"3.2.0-63.95\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-63-omap\", ver:\"3.2.0-63.95\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-63-powerpc-smp\", ver:\"3.2.0-63.95\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-63-powerpc64-smp\", ver:\"3.2.0-63.95\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-63-virtual\", ver:\"3.2.0-63.95\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-2228-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2672", "CVE-2014-0100", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2851", "CVE-2014-2673", "CVE-2014-2309", "CVE-2014-2678", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-2706"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841832", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841832", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2228_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux USN-2228-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841832\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 14:33:19 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2014-0055\", \"CVE-2014-0077\",\n \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-2309\", \"CVE-2014-2523\",\n \"CVE-2014-2672\", \"CVE-2014-2673\", \"CVE-2014-2678\", \"CVE-2014-2706\",\n \"CVE-2014-2851\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux USN-2228-1\");\n\n script_tag(name:\"affected\", value:\"linux on Ubuntu 13.10\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest\nOS users could exploit this flaw to cause a denial of service (host OS\ncrash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel's IPv4\nfragment handling code. Remote attackers could exploit this flaw to cause a\ndenial of service (system crash) or possibly have other unspecified impact.\n(CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to cause a\ndenial of service (memory consumption) via a flood of ICMPv6 router\nadvertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\nin the Linux kernel. This race could be exploited by remote attackers to\ncause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory\n(TM) implementation for powerpc based machine. An unprivileged local user\ncould exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic\nIEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit\nthis flaw to ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2228-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2228-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU13\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU13.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-22-generic\", ver:\"3.11.0-22.38\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-22-generic-lpae\", ver:\"3.11.0-22.38\", rls:\"UBUNTU13.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-saucy USN-2225-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2672", "CVE-2014-0100", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2851", "CVE-2014-2673", "CVE-2014-2309", "CVE-2014-2678", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-2706"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841834", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841834", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2225_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-saucy USN-2225-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841834\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 15:06:29 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2014-0055\", \"CVE-2014-0077\",\n \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-2309\", \"CVE-2014-2523\",\n \"CVE-2014-2672\", \"CVE-2014-2673\", \"CVE-2014-2678\", \"CVE-2014-2706\",\n \"CVE-2014-2851\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-saucy USN-2225-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-saucy on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest\nOS users could exploit this flaw to cause a denial of service (host OS\ncrash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nNikolay Aleksandrov discovered a race condition in Linux kernel's IPv4\nfragment handling code. Remote attackers could exploit this flaw to cause a\ndenial of service (system crash) or possibly have other unspecified impact.\n(CVE-2014-0100)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to cause a\ndenial of service (memory consumption) via a flood of ICMPv6 router\nadvertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\nin the Linux kernel. This race could be exploited by remote attackers to\ncause a denial of service (system crash). (CVE-2014-2672)\n\nAdhemerval Zanella Neto discovered a flaw the in the Transactional Memory\n(TM) implementation for powerpc based machine. An unprivileged local user\ncould exploit this flaw to cause a denial of service (system crash).\n(CVE-2014-2673)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic\nIEEE 802.11 Networking Stack (mac80211). Remote attackers could exploi ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2225-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2225-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-saucy'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-22-generic\", ver:\"3.11.0-22.38~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.11.0-22-generic-lpae\", ver:\"3.11.0-22.38~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-2227-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2672", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-0196", "CVE-2014-2851", "CVE-2014-2309", "CVE-2014-2678", "CVE-2013-4483", "CVE-2014-0077", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-0069", "CVE-2014-2706"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841839", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841839", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2227_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-2227-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841839\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 16:48:50 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-0196\", \"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2013-4483\",\n \"CVE-2014-0069\", \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-2309\",\n \"CVE-2014-2523\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\",\n \"CVE-2014-2851\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-2227-1\");\n\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"A flaw was discovered in the Linux kernel's pseudo tty (pty)\ndevice. An unprivileged user could exploit this flaw to cause a denial of\nservice (system crash) or potentially gain administrator privileges.\n(CVE-2014-0196)\n\nMatthew Daley reported an information leak in the floppy disk driver of the\nLinux kernel. An unprivileged local user could exploit this flaw to obtain\npotentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel's IPC reference counting. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (OOM system crash). (CVE-2013-4483)\n\nAl Viro discovered an error in how CIFS in the Linux kernel handles\nuncached write operations. An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash), obtain sensitive\ninformation from kernel memory, or possibly gain privileges.\n(CVE-2014-0069)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to cause a\ndenial of service (memory consumption) via a flood of ICMPv6 router\nadvertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\nin the Linux kernel. This race could be exploited by remote attackers to\ncause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic\nIEEE 802.11 Networking St ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2227-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2227-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1446-omap4\", ver:\"3.2.0-1446.65\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-06-02T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-quantal USN-2223-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2014-2672", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-2851", "CVE-2014-2309", "CVE-2014-2678", "CVE-2013-4483", "CVE-2014-0055", "CVE-2014-0077", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-2706"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841838", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841838", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_2223_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for linux-lts-quantal USN-2223-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841838\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-02 16:19:58 +0530 (Mon, 02 Jun 2014)\");\n script_cve_id(\"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2013-4483\", \"CVE-2014-0055\",\n \"CVE-2014-0077\", \"CVE-2014-0101\", \"CVE-2014-2309\", \"CVE-2014-2523\",\n \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-2706\", \"CVE-2014-2851\",\n \"CVE-2014-3122\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-lts-quantal USN-2223-1\");\n\n script_tag(name:\"affected\", value:\"linux-lts-quantal on Ubuntu 12.04 LTS\");\n script_tag(name:\"insight\", value:\"Matthew Daley reported an information leak in the floppy disk\ndriver of the Linux kernel. An unprivileged local user could exploit this flaw\nto obtain potentially sensitive information from kernel memory. (CVE-2014-1738)\n\nMatthew Daley reported a flaw in the handling of ioctl commands by the\nfloppy disk driver in the Linux kernel. An unprivileged local user could\nexploit this flaw to gain administrative privileges if the floppy disk\nmodule is loaded. (CVE-2014-1737)\n\nA flaw was discovered in the Linux kernel's IPC reference counting. An\nunprivileged local user could exploit this flaw to cause a denial of\nservice (OOM system crash). (CVE-2013-4483)\n\nA flaw was discovered in the vhost-net subsystem of the Linux kernel. Guest\nOS users could exploit this flaw to cause a denial of service (host OS\ncrash). (CVE-2014-0055)\n\nA flaw was discovered in the handling of network packets when mergeable\nbuffers are disabled for virtual machines in the Linux kernel. Guest OS\nusers may exploit this flaw to cause a denial of service (host OS crash) or\npossibly gain privilege on the host OS. (CVE-2014-0077)\n\nA flaw was discovered in the Linux kernel's handling of the SCTP handshake.\nA remote attacker could exploit this flaw to cause a denial of service\n(system crash). (CVE-2014-0101)\n\nA flaw was discovered in the handling of routing information in Linux\nkernel's IPv6 stack. A remote attacker could exploit this flaw to cause a\ndenial of service (memory consumption) via a flood of ICMPv6 router\nadvertisement packets. (CVE-2014-2309)\n\nAn error was discovered in the Linux kernel's DCCP protocol support. A\nremote attacked could exploit this flaw to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2014-2523)\n\nMax Sydorenko discovered a race condition in the Atheros 9k wireless driver\nin the Linux kernel. This race could be exploited by remote attackers to\ncause a denial of service (system crash). (CVE-2014-2672)\n\nAn error was discovered in the Reliable Datagram Sockets (RDS) protocol\nstack in the Linux kernel. A local user could exploit this flaw to cause a\ndenial of service (system crash) or possibly have unspecified other impact.\n(CVE-2014-2678)\n\nYaara Rozenblum discovered a race condition in the Linux kernel's Generic\nIEEE 802.11 Networking Stack (mac80211). Remote attackers could exploit\nthis flaw to cause a denial of service (system crash). (CVE-2014-2706)\n\nA flaw was discovered in the Linux kernel's ping sockets. An unprivileged\nlocal user could exploit this flaw to cause a denial of service (system\ncrash) or possibly gain privileges via a crafted application.\n(CVE- ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"USN\", value:\"2223-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2223-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-quantal'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-51-generic\", ver:\"3.5.0-51.76~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:38:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for Linux (SUSE-SU-2014:0807-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2013-7027", "CVE-2012-6647", "CVE-2013-7265", "CVE-2014-1737", "CVE-2014-1874", "CVE-2014-1738", "CVE-2013-7264", "CVE-2013-7339", "CVE-2014-0196", "CVE-2014-2678", "CVE-2013-6382", "CVE-2014-3153", "CVE-2013-7263", "CVE-2013-6885", "CVE-2014-2523", "CVE-2014-0101"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850881", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850881", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850881\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 13:28:57 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2012-6647\", \"CVE-2013-6382\", \"CVE-2013-6885\", \"CVE-2013-7027\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2013-7339\", \"CVE-2014-0101\", \"CVE-2014-0196\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-1874\", \"CVE-2014-2523\", \"CVE-2014-2678\", \"CVE-2014-3122\", \"CVE-2014-3153\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Linux (SUSE-SU-2014:0807-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise Server 11 SP1 LTSS kernel received a roll-up\n update to fix security and non-security issues.\n\n The following security issues have been fixed:\n\n *\n\n CVE-2014-3153: The futex acquisition code in kernel/futex.c can be\n used to gain ring0 access via the futex syscall. This could be used for\n privilege escalation for non root users. (bnc#880892)\n\n *\n\n CVE-2012-6647: The futex_wait_requeue_pi function in kernel/futex.c\n in the Linux kernel before 3.5.1 does not ensure that calls have two\n different futex addresses, which allows local users to cause a denial\n of service (NULL pointer dereference and system crash) or possibly\n have unspecified other impact via a crafted FUTEX_WAIT_REQUEUE_PI command.\n (bnc#878289)\n\n *\n\n CVE-2013-6382: Multiple buffer underflows in the XFS implementation\n in the Linux kernel through 3.12.1 allow local users to cause a denial of\n service (memory corruption) or possibly have unspecified\n other impact by leveraging the CAP_SYS_ADMIN capability for a (1)\n XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call\n with a crafted length value, related to the xfs_attrlist_by_handle\n function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle\n function in fs/xfs/xfs_ioctl32.c. (bnc#852553)\n\n *\n\n CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh processors\n does not properly handle the interaction between locked instructions and\n write-combined memory types, which allows local users to cause a denial of\n service (system hang) via a crafted application, aka the errata 793 issue.\n (bnc#852967)\n\n *\n\n CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allows local users to obtain sensitive information from\n kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\n system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\n net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\n *\n\n CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in\n the Linux kernel before 3.12.4 updates a certain length value before\n ensuring that an associated data structure has been initialized, which\n allows local users to obtain sensitive information from kernel stack\n memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call.\n (bnc#857643)\n\n *\n\n CVE-2013-7265: The pn_recvmsg function in net/phonet/datagram.c in\n the Linux kernel before 3.12.4 updates a certain length value before\n ensuring that an associated data structure has ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Linux on SUSE Linux Enterprise Server 11 SP1 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0807-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP1\") {\n if(!isnull(res = isrpmvuln(pkg:\"btrfs-kmp-default-0\", rpm:\"btrfs-kmp-default-0~2.6.32.59_0.13~0.3.163\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ext4dev-kmp-default-0\", rpm:\"ext4dev-kmp-default-0~2.6.32.59_0.13~7.9.130\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ext4dev-kmp-trace-0\", rpm:\"ext4dev-kmp-trace-0~2.6.32.59_0.13~7.9.130\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"btrfs-kmp-xen-0\", rpm:\"btrfs-kmp-xen-0~2.6.32.59_0.13~0.3.163\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ext4dev-kmp-xen-0\", rpm:\"ext4dev-kmp-xen-0~2.6.32.59_0.13~7.9.130\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hyper-v-kmp-default-0\", rpm:\"hyper-v-kmp-default-0~2.6.32.59_0.13~0.18.39\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hyper-v-kmp-trace-0\", rpm:\"hyper-v-kmp-trace-0~2.6.32.59_0.13~0.18.39\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-man\", rpm:\"kernel-default-man~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"btrfs-kmp-pae-0\", rpm:\"btrfs-kmp-pae-0~2.6.32.59_0.13~0.3.163\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ext4dev-kmp-pae-0\", rpm:\"ext4dev-kmp-pae-0~2.6.32.59_0.13~7.9.130\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"hyper-v-kmp-pae-0\", rpm:\"hyper-v-kmp-pae-0~2.6.32.59_0.13~0.18.39\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~2.6.32.59~0.13.1\", rls:\"SLES11.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-08-04T10:49:01", "description": "Multiple security issues have been discovered in the Xen virtualisation\nsolution which may result in information leaks or denial of service.", "cvss3": {}, "published": "2014-08-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3006-1 (xen - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2196", "CVE-2013-2078", "CVE-2014-4021", "CVE-2013-4368", "CVE-2013-4329", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2077", "CVE-2014-3124", "CVE-2013-2194", "CVE-2013-4553", "CVE-2014-2599", "CVE-2013-1442", "CVE-2013-2195", "CVE-2014-1950", "CVE-2013-2211", "CVE-2013-2076", "CVE-2013-4494", "CVE-2013-4355"], "modified": "2017-07-20T00:00:00", "id": "OPENVAS:703006", "href": "http://plugins.openvas.org/nasl.php?oid=703006", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3006.nasl 6769 2017-07-20 09:56:33Z teissa $\n# Auto-generated from advisory DSA 3006-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"xen on Debian Linux\";\ntag_insight = \"Xen is a hypervisor providing services that allow multiple computer operating\nsystems to execute on the same computer hardware concurrently.\";\ntag_solution = \"For the stable distribution (wheezy), these problems have been fixed in\nversion 4.1.4-3+deb7u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your xen packages.\";\ntag_summary = \"Multiple security issues have been discovered in the Xen virtualisation\nsolution which may result in information leaks or denial of service.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(703006);\n script_version(\"$Revision: 6769 $\");\n script_cve_id(\"CVE-2013-1432\", \"CVE-2013-1442\", \"CVE-2013-2076\", \"CVE-2013-2077\", \"CVE-2013-2078\", \"CVE-2013-2194\", \"CVE-2013-2195\", \"CVE-2013-2196\", \"CVE-2013-2211\", \"CVE-2013-4329\", \"CVE-2013-4355\", \"CVE-2013-4361\", \"CVE-2013-4368\", \"CVE-2013-4494\", \"CVE-2013-4553\", \"CVE-2014-1950\", \"CVE-2014-2599\", \"CVE-2014-3124\", \"CVE-2014-4021\");\n script_name(\"Debian Security Advisory DSA 3006-1 (xen - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-20 11:56:33 +0200 (Thu, 20 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-08-18 00:00:00 +0200 (Mon, 18 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-3006.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxen-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-ocaml\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-ocaml-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-docs-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-system-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-utils-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-ocaml\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-ocaml-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-docs-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-system-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-utils-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-ocaml\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-ocaml-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-docs-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-system-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-utils-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-ocaml\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxen-ocaml-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-docs-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-system-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-utils-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.4, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:12", "description": "Multiple security issues have been discovered in the Xen virtualisation\nsolution which may result in information leaks or denial of service.", "cvss3": {}, "published": "2014-08-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3006-1 (xen - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2196", "CVE-2013-2078", "CVE-2014-4021", "CVE-2013-4368", "CVE-2013-4329", "CVE-2013-1432", "CVE-2013-4361", "CVE-2013-2077", "CVE-2014-3124", "CVE-2013-2194", "CVE-2013-4553", "CVE-2014-2599", "CVE-2013-1442", "CVE-2013-2195", "CVE-2014-1950", "CVE-2013-2211", "CVE-2013-2076", "CVE-2013-4494", "CVE-2013-4355"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310703006", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703006", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3006.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 3006-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703006\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2013-1432\", \"CVE-2013-1442\", \"CVE-2013-2076\", \"CVE-2013-2077\", \"CVE-2013-2078\", \"CVE-2013-2194\", \"CVE-2013-2195\", \"CVE-2013-2196\", \"CVE-2013-2211\", \"CVE-2013-4329\", \"CVE-2013-4355\", \"CVE-2013-4361\", \"CVE-2013-4368\", \"CVE-2013-4494\", \"CVE-2013-4553\", \"CVE-2014-1950\", \"CVE-2014-2599\", \"CVE-2014-3124\", \"CVE-2014-4021\");\n script_name(\"Debian Security Advisory DSA 3006-1 (xen - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-18 00:00:00 +0200 (Mon, 18 Aug 2014)\");\n script_tag(name:\"cvss_base\", value:\"7.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:S/C:C/I:C/A:C\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-3006.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"xen on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (wheezy), these problems have been fixed in\nversion 4.1.4-3+deb7u2.\n\nFor the unstable distribution (sid), these problems will be fixed soon.\n\nWe recommend that you upgrade your xen packages.\");\n script_tag(name:\"summary\", value:\"Multiple security issues have been discovered in the Xen virtualisation\nsolution which may result in information leaks or denial of service.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libxen-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxen-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxen-ocaml\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxen-ocaml-dev\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxenstore3.0\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-docs-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-hypervisor-4.1-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-system-amd64\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-system-i386\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-utils-4.1\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xen-utils-common\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"xenstore-utils\", ver:\"4.1.4-3+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.4, "vector": "AV:A/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:15", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-07-07T00:00:00", "type": "openvas", "title": "Fedora Update for xen FEDORA-2014-7722", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-1891", "CVE-2014-4021", "CVE-2014-3967", "CVE-2014-1642", "CVE-2014-1895", "CVE-2014-1894", "CVE-2013-4554", "CVE-2014-3968", "CVE-2014-1892", "CVE-2014-3124", "CVE-2013-6400", "CVE-2014-1896", "CVE-2013-4553", "CVE-2013-6375", "CVE-2014-2599", "CVE-2014-1893", "CVE-2013-6885", "CVE-2014-1666", "CVE-2014-1950", "CVE-2013-2212"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867952", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867952", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2014-7722\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867952\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-07-07 12:51:13 +0530 (Mon, 07 Jul 2014)\");\n script_cve_id(\"CVE-2014-4021\", \"CVE-2014-3967\", \"CVE-2014-3968\", \"CVE-2014-3124\",\n \"CVE-2014-2599\", \"CVE-2013-2212\", \"CVE-2014-1950\", \"CVE-2014-1891\",\n \"CVE-2014-1892\", \"CVE-2014-1893\", \"CVE-2014-1894\", \"CVE-2014-1895\",\n \"CVE-2014-1896\", \"CVE-2014-1666\", \"CVE-2014-1642\", \"CVE-2013-6400\",\n \"CVE-2013-6885\", \"CVE-2013-4553\", \"CVE-2013-4554\", \"CVE-2013-6375\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for xen FEDORA-2014-7722\");\n script_tag(name:\"affected\", value:\"xen on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-7722\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.3.2~6.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-02-05T16:38:48", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1484)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-2672", "CVE-2017-18222", "CVE-2015-0569", "CVE-2016-7117", "CVE-2018-10878", "CVE-2018-18690", "CVE-2018-13100", "CVE-2015-3331", "CVE-2013-7266", "CVE-2015-5366", "CVE-2015-5307", "CVE-2017-6214", "CVE-2014-2678", "CVE-2017-1000410", "CVE-2016-4440", "CVE-2017-17052", "CVE-2015-2150", "CVE-2018-10087", "CVE-2014-8086", "CVE-2016-7914"], "modified": "2020-02-05T00:00:00", "id": "OPENVAS:1361412562311220191484", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191484", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1484\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-7266\", \"CVE-2014-2672\", \"CVE-2014-2678\", \"CVE-2014-8086\", \"CVE-2015-0569\", \"CVE-2015-2150\", \"CVE-2015-3331\", \"CVE-2015-5307\", \"CVE-2015-5366\", \"CVE-2016-4440\", \"CVE-2016-7117\", \"CVE-2016-7914\", \"CVE-2017-1000410\", \"CVE-2017-17052\", \"CVE-2017-18222\", \"CVE-2017-6214\", \"CVE-2018-10087\", \"CVE-2018-10878\", \"CVE-2018-13100\", \"CVE-2018-18690\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:53:18 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1484)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1484\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1484\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1484 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"In the Linux kernel, Hisilicon Network Subsystem (HNS) does not consider the ETH_SS_PRIV_FLAGS case when retrieving sset_count data. This allows local users to cause a denial of service (buffer overflow and memory corruption) or possibly have unspecified other impacts.(CVE-2017-18222)\n\nA flaw was found in the way the Linux kernel's networking implementation handled UDP packets with incorrect checksum values. A remote attacker could potentially use this flaw to trigger an infinite loop in the kernel, resulting in a denial of service on the system, or cause a denial of service in applications using the edge triggered epoll functionality.(CVE-2015-5366)\n\nA use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.(CVE-2016-7117)\n\narch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode.(CVE-2016-4440)\n\nIn the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles ATTR_REPLACE operations with conversion of an attr from short to long form.(CVE-2018-18690)\n\nA flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.(CVE-2018-10878)\n\nXen 3.3.x through 4.5.x and the Linux kernel through 3.19.1 do not properly restrict access to PCI command registers, which might allow local guest OS users to cause a denial of service (non-maskable interrupt and host crash) by disabling the (1) memory or (2) I/O decoding for a PCI Express device and then accessing the device, which triggers an Unsupported Request (UR) response.(CVE-2015-2150)\n\nThe assoc_array_insert_into_terminal_node() function in 'lib/assoc_array.c' in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an appl ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-31T18:37:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-16T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for Linux (SUSE-SU-2014:0696-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3122", "CVE-2013-7265", "CVE-2014-1737", "CVE-2014-1874", "CVE-2014-1738", "CVE-2013-7264", "CVE-2014-1446", "CVE-2013-7339", "CVE-2014-0196", "CVE-2014-2678", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4579", "CVE-2013-7263", "CVE-2014-1444", "CVE-2013-6885", "CVE-2014-1445", "CVE-2013-4470", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-0069"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310851057", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851057", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851057\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 19:07:12 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2013-4470\", \"CVE-2013-4579\", \"CVE-2013-6382\", \"CVE-2013-6885\", \"CVE-2013-7263\", \"CVE-2013-7264\", \"CVE-2013-7265\", \"CVE-2013-7339\", \"CVE-2014-0069\", \"CVE-2014-0101\", \"CVE-2014-0196\", \"CVE-2014-1444\", \"CVE-2014-1445\", \"CVE-2014-1446\", \"CVE-2014-1737\", \"CVE-2014-1738\", \"CVE-2014-1874\", \"CVE-2014-2039\", \"CVE-2014-2523\", \"CVE-2014-2678\", \"CVE-2014-3122\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for Linux (SUSE-SU-2014:0696-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The SUSE Linux Enterprise Server 11 SP2 LTSS kernel received a roll-up\n update to fix security and non-security issues.\n\n The following security bugs have been fixed:\n\n *\n\n CVE-2013-4470: The Linux kernel before 3.12, when UDP Fragmentation\n Offload (UFO) is enabled, does not properly initialize certain data\n structures, which allows local users to cause a denial of service (memory\n corruption and system crash) or possibly gain privileges via a crafted\n application that uses the UDP_CORK option in a setsockopt system call and\n sends both short and long packets, related to the ip_ufo_append_data\n function in net/ipv4/ip_output.c and the ip6_ufo_append_data function in\n net/ipv6/ip6_output.c. (bnc#847672)\n\n *\n\n CVE-2013-4579: The ath9k_htc_set_bssid_mask function in\n drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through\n 3.12 uses a BSSID masking approach to determine the set of MAC addresses\n on which a Wi-Fi device is listening, which allows remote attackers to\n discover the original MAC address after spoofing by sending a series of\n packets to MAC addresses with certain bit manipulations. (bnc#851426)\n\n *\n\n CVE-2013-6382: Multiple buffer underflows in the XFS implementation\n in the Linux kernel through 3.12.1 allow local users to cause a denial of\n service (memory corruption) or possibly have unspecified\n other impact by leveraging the CAP_SYS_ADMIN capability for a (1)\n XFS_IOC_ATTRLIST_BY_HANDLE or (2) XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call\n with a crafted length value, related to the xfs_attrlist_by_handle\n function in fs/xfs/xfs_ioctl.c and the xfs_compat_attrlist_by_handle\n function in fs/xfs/xfs_ioctl32.c. (bnc#852553)\n\n *\n\n CVE-2013-6885: The microcode on AMD 16h 00h through 0Fh processors\n does not properly handle the interaction between locked instructions and\n write-combined memory types, which allows local users to cause a denial of\n service (system hang) via a crafted application, aka the errata 793 issue.\n (bnc#852967)\n\n *\n\n CVE-2013-7263: The Linux kernel before 3.12.4 updates certain length\n values before ensuring that associated data structures have been\n initialized, which allows local users to obtain sensitive information from\n kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg\n system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c,\n net/ipv6/raw.c, and net/ipv6/udp.c. (bnc#857643)\n\n *\n\n CVE-2013-7264: The l2tp_ip_recvmsg function in net/l2tp/l2tp_ip.c in\n the Linux kernel before 3.12.4 updates a certain length value before\n ensuring that an ass ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n\n script_tag(name:\"affected\", value:\"Linux on SUSE Linux Enterprise Server 11 SP2 LTSS\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2014:0696-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP2\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace\", rpm:\"kernel-trace~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-base\", rpm:\"kernel-trace-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-trace-devel\", rpm:\"kernel-trace-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-default-man\", rpm:\"kernel-default-man~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~3.0.101~0.7.19.1\", rls:\"SLES11.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-08-24T00:00:00", "type": "openvas", "title": "Fedora Update for xen FEDORA-2014-9472", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-5146", "CVE-2014-1891", "CVE-2014-4021", "CVE-2014-3967", "CVE-2014-1642", "CVE-2014-1895", "CVE-2014-1894", "CVE-2013-4554", "CVE-2014-3968", "CVE-2014-1892", "CVE-2014-3124", "CVE-2013-6400", "CVE-2014-1896", "CVE-2013-4553", "CVE-2013-6375", "CVE-2014-5149", "CVE-2014-2599", "CVE-2014-1893", "CVE-2013-6885", "CVE-2014-1666", "CVE-2014-1950", "CVE-2013-2212"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868122", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868122", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xen FEDORA-2014-9472\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868122\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-08-24 06:04:43 +0200 (Sun, 24 Aug 2014)\");\n script_cve_id(\"CVE-2014-5146\", \"CVE-2014-4021\", \"CVE-2014-3967\", \"CVE-2014-3968\",\n \"CVE-2014-3124\", \"CVE-2014-2599\", \"CVE-2013-2212\", \"CVE-2014-1950\",\n \"CVE-2014-1891\", \"CVE-2014-1892\", \"CVE-2014-1893\", \"CVE-2014-1894\",\n \"CVE-2014-1895\", \"CVE-2014-1896\", \"CVE-2014-1666\", \"CVE-2014-1642\",\n \"CVE-2013-6400\", \"CVE-2013-6885\", \"CVE-2013-4553\", \"CVE-2013-4554\",\n \"CVE-2013-6375\", \"CVE-2014-5149\");\n script_tag(name:\"cvss_base\", value:\"8.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for xen FEDORA-2014-9472\");\n script_tag(name:\"affected\", value:\"xen on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9472\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-August/136980.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~4.3.2~7.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:48:57", "description": "Check for the Version of kernel", "cvss3": {}, "published": "2014-04-10T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-4844", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0131", "CVE-2014-0100", "CVE-2014-1874", "CVE-2014-2568", "CVE-2014-1446", "CVE-2013-6368", "CVE-2014-2309", "CVE-2014-2678", "CVE-2014-2039", "CVE-2013-4579", "CVE-2014-0102", "CVE-2014-2580", "CVE-2013-6367", "CVE-2014-0049", "CVE-2013-6376", "CVE-2014-0055", "CVE-2014-1438", "CVE-2014-0077", "CVE-2013-4587", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-0069"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:867680", "href": "http://plugins.openvas.org/nasl.php?oid=867680", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-4844\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867680);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:16:04 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-2580\", \"CVE-2014-0077\", \"CVE-2014-0055\", \"CVE-2014-2568\", \"CVE-2014-0131\", \"CVE-2014-2523\", \"CVE-2014-2309\", \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-0049\", \"CVE-2014-0102\", \"CVE-2014-2039\", \"CVE-2014-0069\", \"CVE-2014-1874\", \"CVE-2014-1446\", \"CVE-2014-1438\", \"CVE-2013-4579\", \"CVE-2013-4587\", \"CVE-2013-6376\", \"CVE-2013-6368\", \"CVE-2013-6367\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-4844\");\n\n tag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\nLinux operating system. The kernel handles the basic functions\nof the operating system: memory allocation, process allocation, device\ninput and output, etc.\n\";\n\n tag_affected = \"kernel on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4844\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131276.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.13.9~200.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-04-10T00:00:00", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-4844", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0131", "CVE-2014-0100", "CVE-2014-1874", "CVE-2014-2568", "CVE-2014-1446", "CVE-2013-6368", "CVE-2014-2309", "CVE-2014-2678", "CVE-2014-2039", "CVE-2013-4579", "CVE-2014-0102", "CVE-2014-2580", "CVE-2013-6367", "CVE-2014-0049", "CVE-2013-6376", "CVE-2014-0055", "CVE-2014-1438", "CVE-2014-0077", "CVE-2013-4587", "CVE-2014-2523", "CVE-2014-0101", "CVE-2014-0069"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867680", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867680", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-4844\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867680\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:1