The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to version 3.0.101 and also includes various other bug and security fixes.
The following features have been added :
Drivers: hv: Support handling multiple VMBUS versions (FATE#314665).
Drivers: hv: Save and export negotiated vmbus version (FATE#314665).
Drivers: hv: Move vmbus version definitions to hyperv.h (FATE#314665). The following security issue has been fixed :
The sctp_sf_do_5_2_4_dupcook function in net/sctp/sm_statefuns.c in the SCTP implementation in the Linux kernel did not properly handle associations during the processing of a duplicate COOKIE ECHO chunk, which allowed remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via crafted SCTP traffic. (bnc#826102). (CVE-2013-2206)
The following non-security bugs have been fixed :
kernel: sclp console hangs (bnc#841498, LTC#95711).
intel-iommu: Fix leaks in pagetable freeing.
(bnc#841402)
iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets. (bnc#844513)
x86/iommu/vt-d: Expand interrupt remapping quirk to cover x58 chipset. (bnc#844513)
iommu/vt-d: Only warn about broken interrupt remapping.
(bnc#844513)
iommu: Remove stack trace from broken irq remapping warning. (bnc#844513)
softirq: reduce latencies. (bnc#797526)
Fix lockup related to stop_machine being stuck in
__do_softirq. (bnc#797526)
splice: fix racy pipe->buffers uses. (bnc#827246)
blktrace: fix race with open trace files and directory removal. (bnc#832292)
mm: Do not walk all of system memory during show_mem (Reduce tasklist_lock hold times (bnc#821259)).
mm: Bounce memory pool initialisation. (bnc#836347)
mm, memcg: introduce own oom handler to iterate only over its own threads.
mm, memcg: move all oom handling to memcontrol.c.
mm, oom: avoid looping when chosen thread detaches its mm.
mm, oom: fold oom_kill_task() into oom_kill_process().
mm, oom: introduce helper function to process threads during scan.
mm, oom: reduce dependency on tasklist_lock.
ipv6: do not call fib6_run_gc() until routing is ready.
(bnc#836218)
ipv6: prevent fib6_run_gc() contention. (bnc#797526)
ipv6: update ip6_rt_last_gc every time GC is run.
(bnc#797526)
net/mlx4_en: Fix BlueFlame race. (bnc#835684)
netfilter: nf_conntrack: use RCU safe kfree for conntrack extensions (bnc#827416 bko#60853).
netfilter: prevent race condition breaking net reference counting. (bnc#835094)
net: remove skb_orphan_try(). (bnc#834600)
bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().
(bnc#834905)
sctp: deal with multiple COOKIE_ECHO chunks.
(bnc#826102)
SUNRPC: close a rare race in xs_tcp_setup_socket.
(bnc#794824)
NFS: make nfs_flush_incompatible more generous.
(bnc#816099)
NFS: do not try to use lock state when we hold a delegation. (bnc#831029)
nfs_lookup_revalidate(): fix a leak. (bnc#828894)
xfs: growfs: use uncached buffers for new headers.
(bnc#842604)
xfs: Check the return value of xfs_buf_get().
(bnc#842604)
xfs: avoid double-free in xfs_attr_node_addname.
do_add_mount()/umount -l races. (bnc#836801)
cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields.
(bnc#804950)
cifs: Fix EREMOTE errors encountered on DFS links.
(bnc#831143)
reiserfs: fix race with flush_used_journal_lists and flush_journal_list. (bnc#837803)
reiserfs: remove useless flush_old_journal_lists.
fs: writeback: Do not sync data dirtied after sync start. (bnc#833820)
rcu: Do not trigger false positive RCU stall detection.
(bnc#834204)
lib/radix-tree.c: make radix_tree_node_alloc() work correctly within interrupt. (bnc#763463)
bnx2x: Change to D3hot only on removal. (bnc#838448)
vmxnet3: prevent div-by-zero panic when ring resizing uninitialized dev. (bnc#833321)
Drivers: hv: Support handling multiple VMBUS versions (fate#314665).
Drivers: hv: Save and export negotiated vmbus version (fate#314665).
Drivers: hv: Move vmbus version definitions to hyperv.h (fate#314665).
Drivers: hv: util: Fix a bug in version negotiation code for util services. (bnc#828714)
Drivers: hv: util: Correctly support ws2008R2 and earlier. (bnc#838346)
Drivers: hv: util: Fix a bug in util version negotiation code. (bnc#838346)
iscsi: do not hang in endless loop if no targets present. (bnc#841094)
ata: Set proper SK when CK_COND is set. (bnc#833588)
md: Throttle number of pending write requests in md/raid10. (bnc#833858)
dm: ignore merge_bvec for snapshots when safe.
(bnc#820848)
elousb: some systems cannot stomach work around.
(bnc#840830)
bio-integrity: track owner of integrity payload.
(bnc#831380)
quirks: add touchscreen that is dazzeled by remote wakeup. (bnc#835930)
Fixed Xen guest freezes. (bnc#829682, bnc#842063)
config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.
(bnc#837372)
series.conf: disable XHCI ring expansion patches because on machines with large memory they cause a starvation problem. (bnc#833635)
rpm/old-flavors, rpm/mkspec: Add version information to obsolete flavors. (bnc#821465)
rpm/kernel-binary.spec.in: Move the xenpae obsolete to the old-flavors file.
rpm/old-flavors: Convert the old-packages.conf file to a flat list.
rpm/old-packages.conf: Drop bogus obsoletes for ‘smp’.
(bnc#821465)
rpm/kernel-binary.spec.in: Make sure that all KMP obsoletes are versioned. (bnc#821465)
rpm/kernel-binary.spec.in: Remove unversioned provides/obsoletes for packages that were only seen in openSUSE releases up to 11.0. . (bnc#821465)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#
if (NASL_LEVEL < 3000) exit(0);
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(71033);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");
script_cve_id("CVE-2013-2206");
script_name(english:"SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 8509 / 8516 / 8518)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote SuSE 11 host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"The SUSE Linux Enterprise 11 Service Pack 2 kernel was updated to
version 3.0.101 and also includes various other bug and security
fixes.
The following features have been added :
- Drivers: hv: Support handling multiple VMBUS versions
(FATE#314665).
- Drivers: hv: Save and export negotiated vmbus version
(FATE#314665).
- Drivers: hv: Move vmbus version definitions to hyperv.h
(FATE#314665). The following security issue has been
fixed :
- The sctp_sf_do_5_2_4_dupcook function in
net/sctp/sm_statefuns.c in the SCTP implementation in
the Linux kernel did not properly handle associations
during the processing of a duplicate COOKIE ECHO chunk,
which allowed remote attackers to cause a denial of
service (NULL pointer dereference and system crash) or
possibly have unspecified other impact via crafted SCTP
traffic. (bnc#826102). (CVE-2013-2206)
The following non-security bugs have been fixed :
- kernel: sclp console hangs (bnc#841498, LTC#95711).
- intel-iommu: Fix leaks in pagetable freeing.
(bnc#841402)
- iommu/vt-d: add quirk for broken interrupt remapping on
55XX chipsets. (bnc#844513)
- x86/iommu/vt-d: Expand interrupt remapping quirk to
cover x58 chipset. (bnc#844513)
- iommu/vt-d: Only warn about broken interrupt remapping.
(bnc#844513)
- iommu: Remove stack trace from broken irq remapping
warning. (bnc#844513)
- softirq: reduce latencies. (bnc#797526)
- Fix lockup related to stop_machine being stuck in
__do_softirq. (bnc#797526)
- splice: fix racy pipe->buffers uses. (bnc#827246)
- blktrace: fix race with open trace files and directory
removal. (bnc#832292)
- mm: Do not walk all of system memory during show_mem
(Reduce tasklist_lock hold times (bnc#821259)).
- mm: Bounce memory pool initialisation. (bnc#836347)
- mm, memcg: introduce own oom handler to iterate only
over its own threads.
- mm, memcg: move all oom handling to memcontrol.c.
- mm, oom: avoid looping when chosen thread detaches its
mm.
- mm, oom: fold oom_kill_task() into oom_kill_process().
- mm, oom: introduce helper function to process threads
during scan.
- mm, oom: reduce dependency on tasklist_lock.
- ipv6: do not call fib6_run_gc() until routing is ready.
(bnc#836218)
- ipv6: prevent fib6_run_gc() contention. (bnc#797526)
- ipv6: update ip6_rt_last_gc every time GC is run.
(bnc#797526)
- net/mlx4_en: Fix BlueFlame race. (bnc#835684)
- netfilter: nf_conntrack: use RCU safe kfree for
conntrack extensions (bnc#827416 bko#60853).
- netfilter: prevent race condition breaking net reference
counting. (bnc#835094)
- net: remove skb_orphan_try(). (bnc#834600)
- bonding: check bond->vlgrp in bond_vlan_rx_kill_vid().
(bnc#834905)
- sctp: deal with multiple COOKIE_ECHO chunks.
(bnc#826102)
- SUNRPC: close a rare race in xs_tcp_setup_socket.
(bnc#794824)
- NFS: make nfs_flush_incompatible more generous.
(bnc#816099)
- NFS: do not try to use lock state when we hold a
delegation. (bnc#831029)
- nfs_lookup_revalidate(): fix a leak. (bnc#828894)
- xfs: growfs: use uncached buffers for new headers.
(bnc#842604)
- xfs: Check the return value of xfs_buf_get().
(bnc#842604)
- xfs: avoid double-free in xfs_attr_node_addname.
- do_add_mount()/umount -l races. (bnc#836801)
- cifs: Fix TRANS2_QUERY_FILE_INFO ByteCount fields.
(bnc#804950)
- cifs: Fix EREMOTE errors encountered on DFS links.
(bnc#831143)
- reiserfs: fix race with flush_used_journal_lists and
flush_journal_list. (bnc#837803)
- reiserfs: remove useless flush_old_journal_lists.
- fs: writeback: Do not sync data dirtied after sync
start. (bnc#833820)
- rcu: Do not trigger false positive RCU stall detection.
(bnc#834204)
- lib/radix-tree.c: make radix_tree_node_alloc() work
correctly within interrupt. (bnc#763463)
- bnx2x: Change to D3hot only on removal. (bnc#838448)
- vmxnet3: prevent div-by-zero panic when ring resizing
uninitialized dev. (bnc#833321)
- Drivers: hv: Support handling multiple VMBUS versions
(fate#314665).
- Drivers: hv: Save and export negotiated vmbus version
(fate#314665).
- Drivers: hv: Move vmbus version definitions to hyperv.h
(fate#314665).
- Drivers: hv: util: Fix a bug in version negotiation code
for util services. (bnc#828714)
- Drivers: hv: util: Correctly support ws2008R2 and
earlier. (bnc#838346)
- Drivers: hv: util: Fix a bug in util version negotiation
code. (bnc#838346)
- iscsi: do not hang in endless loop if no targets
present. (bnc#841094)
- ata: Set proper SK when CK_COND is set. (bnc#833588)
- md: Throttle number of pending write requests in
md/raid10. (bnc#833858)
- dm: ignore merge_bvec for snapshots when safe.
(bnc#820848)
- elousb: some systems cannot stomach work around.
(bnc#840830)
- bio-integrity: track owner of integrity payload.
(bnc#831380)
- quirks: add touchscreen that is dazzeled by remote
wakeup. (bnc#835930)
- Fixed Xen guest freezes. (bnc#829682, bnc#842063)
- config/debug: Enable FSCACHE_DEBUG and CACHEFILES_DEBUG.
(bnc#837372)
- series.conf: disable XHCI ring expansion patches because
on machines with large memory they cause a starvation
problem. (bnc#833635)
- rpm/old-flavors, rpm/mkspec: Add version information to
obsolete flavors. (bnc#821465)
- rpm/kernel-binary.spec.in: Move the xenpae obsolete to
the old-flavors file.
- rpm/old-flavors: Convert the old-packages.conf file to a
flat list.
- rpm/old-packages.conf: Drop bogus obsoletes for 'smp'.
(bnc#821465)
- rpm/kernel-binary.spec.in: Make sure that all KMP
obsoletes are versioned. (bnc#821465)
- rpm/kernel-binary.spec.in: Remove unversioned
provides/obsoletes for packages that were only seen in
openSUSE releases up to 11.0. . (bnc#821465)"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=763463"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=794824"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=797526"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=804950"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=816099"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=820848"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=821259"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=821465"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=826102"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=827246"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=827416"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=828714"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=828894"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=829682"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=831029"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=831143"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=831380"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=832292"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833321"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833588"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833635"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833820"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=833858"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=834204"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=834600"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=834905"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=835094"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=835684"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=835930"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=836218"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=836347"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=836801"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=837372"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=837803"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=838346"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=838448"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=840830"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=841094"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=841402"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=841498"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=842063"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=842604"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.novell.com/show_bug.cgi?id=844513"
);
script_set_attribute(
attribute:"see_also",
value:"http://support.novell.com/security/cve/CVE-2013-2206.html"
);
script_set_attribute(
attribute:"solution",
value:"Apply SAT patch number 8509 / 8516 / 8518 as appropriate."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-default-man");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-source");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-syms");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-trace-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-base");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-default");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-trace");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");
script_set_attribute(attribute:"patch_publication_date", value:"2013/11/06");
script_set_attribute(attribute:"plugin_publication_date", value:"2013/11/22");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);
pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, "SuSE 11.2");
flag = 0;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-default-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-pae-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-source-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-syms-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-trace-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"kernel-xen-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-pae-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"i586", reference:"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-default-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-source-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-syms-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-trace-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"kernel-xen-extra-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLED11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-default-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-source-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-syms-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, reference:"kernel-trace-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-ec2-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-pae-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"kernel-xen-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-pae-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"i586", reference:"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"s390x", reference:"kernel-default-man-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-ec2-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-base-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"kernel-xen-devel-3.0.101-0.5.1")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-default-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (rpm_check(release:"SLES11", sp:2, cpu:"x86_64", reference:"xen-kmp-trace-4.1.6_02_3.0.101_0.5-0.5.5")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default-base |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default-devel |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default-extra |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-default-man |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-ec2 |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-ec2-base |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-pae |
novell | suse_linux | 11 | p-cpe:/a:novell:suse_linux:11:kernel-pae-base |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2206
support.novell.com/security/cve/CVE-2013-2206.html
bugzilla.novell.com/show_bug.cgi?id=763463
bugzilla.novell.com/show_bug.cgi?id=794824
bugzilla.novell.com/show_bug.cgi?id=797526
bugzilla.novell.com/show_bug.cgi?id=804950
bugzilla.novell.com/show_bug.cgi?id=816099
bugzilla.novell.com/show_bug.cgi?id=820848
bugzilla.novell.com/show_bug.cgi?id=821259
bugzilla.novell.com/show_bug.cgi?id=821465
bugzilla.novell.com/show_bug.cgi?id=826102
bugzilla.novell.com/show_bug.cgi?id=827246
bugzilla.novell.com/show_bug.cgi?id=827416
bugzilla.novell.com/show_bug.cgi?id=828714
bugzilla.novell.com/show_bug.cgi?id=828894
bugzilla.novell.com/show_bug.cgi?id=829682
bugzilla.novell.com/show_bug.cgi?id=831029
bugzilla.novell.com/show_bug.cgi?id=831143
bugzilla.novell.com/show_bug.cgi?id=831380
bugzilla.novell.com/show_bug.cgi?id=832292
bugzilla.novell.com/show_bug.cgi?id=833321
bugzilla.novell.com/show_bug.cgi?id=833588
bugzilla.novell.com/show_bug.cgi?id=833635
bugzilla.novell.com/show_bug.cgi?id=833820
bugzilla.novell.com/show_bug.cgi?id=833858
bugzilla.novell.com/show_bug.cgi?id=834204
bugzilla.novell.com/show_bug.cgi?id=834600
bugzilla.novell.com/show_bug.cgi?id=834905
bugzilla.novell.com/show_bug.cgi?id=835094
bugzilla.novell.com/show_bug.cgi?id=835684
bugzilla.novell.com/show_bug.cgi?id=835930
bugzilla.novell.com/show_bug.cgi?id=836218
bugzilla.novell.com/show_bug.cgi?id=836347
bugzilla.novell.com/show_bug.cgi?id=836801
bugzilla.novell.com/show_bug.cgi?id=837372
bugzilla.novell.com/show_bug.cgi?id=837803
bugzilla.novell.com/show_bug.cgi?id=838346
bugzilla.novell.com/show_bug.cgi?id=838448
bugzilla.novell.com/show_bug.cgi?id=840830
bugzilla.novell.com/show_bug.cgi?id=841094
bugzilla.novell.com/show_bug.cgi?id=841402
bugzilla.novell.com/show_bug.cgi?id=841498
bugzilla.novell.com/show_bug.cgi?id=842063
bugzilla.novell.com/show_bug.cgi?id=842604
bugzilla.novell.com/show_bug.cgi?id=844513