ID UBUNTU_USN-1041-1.NASL Type nessus Reporter Tenable Modified 2016-10-26T00:00:00
Description
Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. (CVE-2010-3301)
Dan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. (CVE-2010-2537, CVE-2010-2538)
Dave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy.
(CVE-2010-2943)
Kees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. (CVE-2010-2962)
Robert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3079)
Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, CVE-2010-3298)
It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698)
Brad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858)
Kees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. (CVE-2010-3861)
Kees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy.
(CVE-2010-4072)
Dan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)
James Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)
Alan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)
Kees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. (CVE-2010-4655).
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1041-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(51453);
script_version("$Revision: 1.12 $");
script_cvs_date("$Date: 2016/10/26 14:05:56 $");
script_cve_id("CVE-2010-2537", "CVE-2010-2538", "CVE-2010-2943", "CVE-2010-2962", "CVE-2010-3079", "CVE-2010-3296", "CVE-2010-3297", "CVE-2010-3298", "CVE-2010-3301", "CVE-2010-3698", "CVE-2010-3858", "CVE-2010-3861", "CVE-2010-4072", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4157", "CVE-2010-4242", "CVE-2010-4655");
script_bugtraq_id(41847, 41854, 42527, 43221, 43226, 43229, 43355, 43684, 44067, 44301, 44427, 45054);
script_osvdb_id(68303, 68306, 69551);
script_xref(name:"USN", value:"1041-1");
script_name(english:"Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"Ben Hawkes discovered that the Linux kernel did not correctly filter
registers on 64bit kernels when performing 32bit system calls. On a
64bit system, a local attacker could manipulate 32bit system calls to
gain root privileges. (CVE-2010-3301)
Dan Rosenberg discovered that the btrfs filesystem did not correctly
validate permissions when using the clone function. A local attacker
could overwrite the contents of file handles that were opened for
append-only, or potentially read arbitrary contents, leading to a loss
of privacy. (CVE-2010-2537, CVE-2010-2538)
Dave Chinner discovered that the XFS filesystem did not correctly
order inode lookups when exported by NFS. A remote attacker could
exploit this to read or write disk blocks that had changed file
assignment or had become unlinked, leading to a loss of privacy.
(CVE-2010-2943)
Kees Cook discovered that the Intel i915 graphics driver did not
correctly validate memory regions. A local attacker with access to the
video card could read and write arbitrary kernel memory to gain root
privileges. (CVE-2010-2962)
Robert Swiecki discovered that ftrace did not correctly handle
mutexes. A local attacker could exploit this to crash the kernel,
leading to a denial of service. (CVE-2010-3079)
Dan Rosenberg discovered that several network ioctls did not clear
kernel memory correctly. A local user could exploit this to read
kernel stack memory, leading to a loss of privacy. (CVE-2010-3296,
CVE-2010-3297, CVE-2010-3298)
It was discovered that KVM did not correctly initialize certain CPU
registers. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2010-3698)
Brad Spengler discovered that stack memory for new a process was not
correctly calculated. A local attacker could exploit this to crash the
system, leading to a denial of service. (CVE-2010-3858)
Kees Cook discovered that the ethtool interface did not correctly
clear kernel memory. A local attacker could read kernel heap memory,
leading to a loss of privacy. (CVE-2010-3861)
Kees Cook and Vasiliy Kulikov discovered that the shm interface did
not clear kernel memory correctly. A local attacker could exploit this
to read kernel stack memory, leading to a loss of privacy.
(CVE-2010-4072)
Dan Rosenberg discovered that the RME Hammerfall DSP audio interface
driver did not correctly clear kernel memory. A local attacker could
exploit this to read kernel stack memory, leading to a loss of
privacy. (CVE-2010-4080, CVE-2010-4081)
James Bottomley discovered that the ICP vortex storage array
controller driver did not validate certain sizes. A local attacker on
a 64bit system could exploit this to crash the kernel, leading to a
denial of service. (CVE-2010-4157)
Alan Cox discovered that the HCI UART driver did not correctly check
if a write operation was available. If the mmap_min-addr sysctl was
changed from the Ubuntu default to a value of 0, a local attacker
could exploit this flaw to gain root privileges. (CVE-2010-4242)
Kees Cook discovered that some ethtool functions did not correctly
clear heap memory. A local attacker with CAP_NET_ADMIN privileges
could exploit this to read portions of kernel heap memory, leading to
a loss of privacy. (CVE-2010-4655).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:N");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"exploit_framework_core", value:"true");
script_set_attribute(attribute:"exploited_by_malware", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.32");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-preempt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.32");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.35");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-2.6");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.10");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.10");
script_set_attribute(attribute:"patch_publication_date", value:"2011/01/10");
script_set_attribute(attribute:"plugin_publication_date", value:"2011/01/11");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2011-2016 Canonical, Inc. / NASL script (C) 2011-2016 Tenable Network Security, Inc.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(9\.10|10\.04|10\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 9.10 / 10.04 / 10.10", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"9.10", pkgname:"linux-doc", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-ec2-doc", pkgver:"2.6.31-307.23")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-ec2-source-2.6.31", pkgver:"2.6.31-307.23")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-headers-2.6.31-22", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-headers-2.6.31-22-386", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-headers-2.6.31-22-generic", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-headers-2.6.31-22-generic-pae", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-headers-2.6.31-22-server", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-headers-2.6.31-307", pkgver:"2.6.31-307.23")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-headers-2.6.31-307-ec2", pkgver:"2.6.31-307.23")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-image-2.6.31-22-386", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-image-2.6.31-22-generic", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-image-2.6.31-22-generic-pae", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-image-2.6.31-22-lpia", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-image-2.6.31-22-server", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-image-2.6.31-22-virtual", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-image-2.6.31-307-ec2", pkgver:"2.6.31-307.23")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-libc-dev", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"9.10", pkgname:"linux-source-2.6.31", pkgver:"2.6.31-22.70")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-doc", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-ec2-doc", pkgver:"2.6.32-311.23")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-ec2-source-2.6.32", pkgver:"2.6.32-311.23")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-headers-2.6.32-27", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-headers-2.6.32-27-386", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-headers-2.6.32-27-generic", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-headers-2.6.32-27-generic-pae", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-headers-2.6.32-27-preempt", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-headers-2.6.32-27-server", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-headers-2.6.32-311", pkgver:"2.6.32-311.23")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-headers-2.6.32-311-ec2", pkgver:"2.6.32-311.23")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-27-386", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-27-generic", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-27-generic-pae", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-27-lpia", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-27-preempt", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-27-server", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-27-versatile", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-27-virtual", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-311-ec2", pkgver:"2.6.32-311.23")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-libc-dev", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-source-2.6.32", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-tools-2.6.32-27", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-tools-common", pkgver:"2.6.32-27.49")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-doc", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-headers-2.6.35-24", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-headers-2.6.35-24-generic", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-headers-2.6.35-24-generic-pae", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-headers-2.6.35-24-server", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-headers-2.6.35-24-virtual", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-image-2.6.35-24-generic", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-image-2.6.35-24-generic-pae", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-image-2.6.35-24-server", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-image-2.6.35-24-versatile", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-image-2.6.35-24-virtual", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-libc-dev", pkgver:"2.6.35-1024.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-source-2.6.35", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-tools-2.6.35-24", pkgver:"2.6.35-24.42")) flag++;
if (ubuntu_check(osver:"10.10", pkgname:"linux-tools-common", pkgver:"2.6.35-24.42")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-doc / linux-ec2-doc / linux-ec2-source-2.6.31 / etc");
}
{"id": "UBUNTU_USN-1041-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)", "description": "Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. (CVE-2010-4655).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-01-11T00:00:00", "modified": "2016-10-26T00:00:00", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=51453", "reporter": "Tenable", "references": [], "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-2943", "CVE-2010-4080", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4157", "CVE-2010-3858", "CVE-2010-2537", "CVE-2010-2962", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-3861", "CVE-2010-3301", "CVE-2010-4655"], "type": "nessus", "lastseen": "2017-10-29T13:33:11", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-2943", "CVE-2010-4080", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4157", "CVE-2010-3858", "CVE-2010-2537", "CVE-2010-2962", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-3861", "CVE-2010-3301", "CVE-2010-4655"], "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "description": "Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. (CVE-2010-4655).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {}, "hash": "c4264e29b8ac03013d7540205c539a6c02cd241fcf2bf4510378738b0a15b3d8", "hashmap": [{"hash": "e93a16b794dc46648f8bb57b49e026fc", "key": "sourceData"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "04d35884e2c90ef319dca1ac502254a2", "key": "description"}, {"hash": "208b0b2d323f64dcab88e275da0656cb", "key": "published"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "a306fd99d4bdc428e2e590df13f25b4a", "key": "cvelist"}, {"hash": "d949b340a31fcb7e599181592e07ce70", "key": "href"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "67a4db1549167c3db99d8d2befb949b2", "key": "title"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "7f6c27d30c683d9d559c9d4cd022e396", "key": "pluginID"}, {"hash": "2728177233e65adad5c18f55a37f479a", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=51453", "id": "UBUNTU_USN-1041-1.NASL", "lastseen": "2016-10-26T21:23:16", "modified": "2016-10-26T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "51453", "published": "2011-01-11T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1041-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51453);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/10/26 14:05:56 $\");\n\n script_cve_id(\"CVE-2010-2537\", \"CVE-2010-2538\", \"CVE-2010-2943\", \"CVE-2010-2962\", \"CVE-2010-3079\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3698\", \"CVE-2010-3858\", \"CVE-2010-3861\", \"CVE-2010-4072\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4157\", \"CVE-2010-4242\", \"CVE-2010-4655\");\n script_bugtraq_id(41847, 41854, 42527, 43221, 43226, 43229, 43355, 43684, 44067, 44301, 44427, 45054);\n script_osvdb_id(68303, 68306, 69551);\n script_xref(name:\"USN\", value:\"1041-1\");\n\n script_name(english:\"Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux kernel did not correctly filter\nregisters on 64bit kernels when performing 32bit system calls. On a\n64bit system, a local attacker could manipulate 32bit system calls to\ngain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly\nvalidate permissions when using the clone function. A local attacker\ncould overwrite the contents of file handles that were opened for\nappend-only, or potentially read arbitrary contents, leading to a loss\nof privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not\ncorrectly validate memory regions. A local attacker with access to the\nvideo card could read and write arbitrary kernel memory to gain root\nprivileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle\nmutexes. A local attacker could exploit this to crash the kernel,\nleading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3296,\nCVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not\ncorrectly calculated. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly\nclear kernel memory. A local attacker could read kernel heap memory,\nleading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check\nif a write operation was available. If the mmap_min-addr sysctl was\nchanged from the Ubuntu default to a value of 0, a local attacker\ncould exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly\nclear heap memory. A local attacker with CAP_NET_ADMIN privileges\ncould exploit this to read portions of kernel heap memory, leading to\na loss of privacy. (CVE-2010-4655).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2016 Canonical, Inc. / NASL script (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-doc\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-source-2.6.31\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-386\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-server\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307-ec2\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-386\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-lpia\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-server\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-virtual\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-307-ec2\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-source-2.6.31\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-doc\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-ec2-source-2.6.32\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-386\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-generic\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-generic-pae\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-preempt\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-server\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-311\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-311-ec2\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-386\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-generic\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-generic-pae\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-lpia\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-preempt\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-server\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-versatile\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-virtual\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-311-ec2\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-source-2.6.32\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-tools-2.6.32-27\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-tools-common\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-doc\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-generic\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-generic-pae\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-server\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-virtual\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-generic\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-generic-pae\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-server\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-versatile\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-virtual\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.35-1024.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-source-2.6.35\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-tools-2.6.35-24\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-tools-common\", pkgver:\"2.6.35-24.42\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc / linux-ec2-doc / linux-ec2-source-2.6.31 / etc\");\n}\n", "title": "Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2016-10-26T21:23:16"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-2943", "CVE-2010-4080", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4157", "CVE-2010-3858", "CVE-2010-2537", "CVE-2010-2962", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-3861", "CVE-2010-3301", "CVE-2010-4655"], "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "description": "Ben Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. (CVE-2010-4655).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "hash": "bc259890899a0625a72810a77aec5211eec4c11380101984fa0e5d33d9fa8334", "hashmap": [{"hash": "79e8285e682fcf22163b1ac470e473d0", "key": "cvss"}, {"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "04d35884e2c90ef319dca1ac502254a2", "key": "description"}, {"hash": "208b0b2d323f64dcab88e275da0656cb", "key": "published"}, {"hash": "a306fd99d4bdc428e2e590df13f25b4a", "key": "cvelist"}, {"hash": "d949b340a31fcb7e599181592e07ce70", "key": "href"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "67a4db1549167c3db99d8d2befb949b2", "key": "title"}, {"hash": "f5f9e526f94b59bbc9026f5b07b6ef78", "key": "modified"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "7f6c27d30c683d9d559c9d4cd022e396", "key": "pluginID"}, {"hash": "24e08ac05e10d29e6cd6845310bcbdb9", "key": "sourceData"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=51453", "id": "UBUNTU_USN-1041-1.NASL", "lastseen": "2016-09-26T17:23:07", "modified": "2016-05-27T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "51453", "published": "2011-01-11T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1041-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51453);\n script_version(\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2016/05/27 14:13:22 $\");\n\n script_cve_id(\"CVE-2010-2537\", \"CVE-2010-2538\", \"CVE-2010-2943\", \"CVE-2010-2962\", \"CVE-2010-3079\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3698\", \"CVE-2010-3858\", \"CVE-2010-3861\", \"CVE-2010-4072\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4157\", \"CVE-2010-4242\", \"CVE-2010-4655\");\n script_bugtraq_id(41847, 41854, 42527, 43221, 43226, 43229, 43355, 43684, 44067, 44301, 44427, 45054);\n script_osvdb_id(68303, 68306, 69551);\n script_xref(name:\"USN\", value:\"1041-1\");\n\n script_name(english:\"Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux kernel did not correctly filter\nregisters on 64bit kernels when performing 32bit system calls. On a\n64bit system, a local attacker could manipulate 32bit system calls to\ngain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly\nvalidate permissions when using the clone function. A local attacker\ncould overwrite the contents of file handles that were opened for\nappend-only, or potentially read arbitrary contents, leading to a loss\nof privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not\ncorrectly validate memory regions. A local attacker with access to the\nvideo card could read and write arbitrary kernel memory to gain root\nprivileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle\nmutexes. A local attacker could exploit this to crash the kernel,\nleading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3296,\nCVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not\ncorrectly calculated. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly\nclear kernel memory. A local attacker could read kernel heap memory,\nleading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check\nif a write operation was available. If the mmap_min-addr sysctl was\nchanged from the Ubuntu default to a value of 0, a local attacker\ncould exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly\nclear heap memory. A local attacker with CAP_NET_ADMIN privileges\ncould exploit this to read portions of kernel heap memory, leading to\na loss of privacy. (CVE-2010-4655).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.31-22\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.31-22-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.31-22-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.31-22-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.31-22-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.31-307\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.31-307-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.32-27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.32-27-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.32-27-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.32-27-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.32-27-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.32-27-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.32-311\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.32-311-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.35-24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.35-24-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.35-24-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.35-24-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6.35-24-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.31-22-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.31-22-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.31-22-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.31-22-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.31-22-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.31-22-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.31-307-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-27-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-27-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-27-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-27-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-27-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-27-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-27-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-27-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-311-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.35-24-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.35-24-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.35-24-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.35-24-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.35-24-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-2.6.32-27\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-2.6.35-24\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2016 Canonical, Inc. / NASL script (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-doc\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-source-2.6.31\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-386\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-server\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307-ec2\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-386\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-lpia\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-server\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-virtual\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-307-ec2\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-source-2.6.31\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-doc\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-ec2-source-2.6.32\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-386\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-generic\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-generic-pae\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-preempt\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-server\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-311\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-311-ec2\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-386\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-generic\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-generic-pae\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-lpia\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-preempt\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-server\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-versatile\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-virtual\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-311-ec2\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-source-2.6.32\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-tools-2.6.32-27\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-tools-common\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-doc\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-generic\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-generic-pae\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-server\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-virtual\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-generic\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-generic-pae\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-server\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-versatile\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-virtual\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.35-1024.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-source-2.6.35\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-tools-2.6.35-24\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-tools-common\", pkgver:\"2.6.35-24.42\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc / linux-ec2-doc / linux-ec2-source-2.6.31 / etc\");\n}\n", "title": "Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:23:07"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "4a5110323f9343b5b6ce2bbdb54b4c67"}, {"key": "cvelist", "hash": "a306fd99d4bdc428e2e590df13f25b4a"}, {"key": "cvss", "hash": "2728177233e65adad5c18f55a37f479a"}, {"key": "description", "hash": "04d35884e2c90ef319dca1ac502254a2"}, {"key": "href", "hash": "d949b340a31fcb7e599181592e07ce70"}, {"key": "modified", "hash": "1d731490b777bc15c5d9375993128995"}, {"key": "naslFamily", "hash": "c9b7d00377a789a14c9bb9dab6c7168c"}, {"key": "pluginID", "hash": "7f6c27d30c683d9d559c9d4cd022e396"}, {"key": "published", "hash": "208b0b2d323f64dcab88e275da0656cb"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "e93a16b794dc46648f8bb57b49e026fc"}, {"key": "title", "hash": "67a4db1549167c3db99d8d2befb949b2"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "57346b506948266a0f058d9ab29d6b21829b02ce6af39bddb095e4d7e8115658", "viewCount": 0, "enchantments": {"vulnersScore": 4.7}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1041-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(51453);\n script_version(\"$Revision: 1.12 $\");\n script_cvs_date(\"$Date: 2016/10/26 14:05:56 $\");\n\n script_cve_id(\"CVE-2010-2537\", \"CVE-2010-2538\", \"CVE-2010-2943\", \"CVE-2010-2962\", \"CVE-2010-3079\", \"CVE-2010-3296\", \"CVE-2010-3297\", \"CVE-2010-3298\", \"CVE-2010-3301\", \"CVE-2010-3698\", \"CVE-2010-3858\", \"CVE-2010-3861\", \"CVE-2010-4072\", \"CVE-2010-4080\", \"CVE-2010-4081\", \"CVE-2010-4157\", \"CVE-2010-4242\", \"CVE-2010-4655\");\n script_bugtraq_id(41847, 41854, 42527, 43221, 43226, 43229, 43355, 43684, 44067, 44301, 44427, 45054);\n script_osvdb_id(68303, 68306, 69551);\n script_xref(name:\"USN\", value:\"1041-1\");\n\n script_name(english:\"Ubuntu 9.10 / 10.04 LTS / 10.10 : linux, linux-ec2 vulnerabilities (USN-1041-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux kernel did not correctly filter\nregisters on 64bit kernels when performing 32bit system calls. On a\n64bit system, a local attacker could manipulate 32bit system calls to\ngain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly\nvalidate permissions when using the clone function. A local attacker\ncould overwrite the contents of file handles that were opened for\nappend-only, or potentially read arbitrary contents, leading to a loss\nof privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly\norder inode lookups when exported by NFS. A remote attacker could\nexploit this to read or write disk blocks that had changed file\nassignment or had become unlinked, leading to a loss of privacy.\n(CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not\ncorrectly validate memory regions. A local attacker with access to the\nvideo card could read and write arbitrary kernel memory to gain root\nprivileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle\nmutexes. A local attacker could exploit this to crash the kernel,\nleading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear\nkernel memory correctly. A local user could exploit this to read\nkernel stack memory, leading to a loss of privacy. (CVE-2010-3296,\nCVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU\nregisters. A local attacker could exploit this to crash the system,\nleading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not\ncorrectly calculated. A local attacker could exploit this to crash the\nsystem, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly\nclear kernel memory. A local attacker could read kernel heap memory,\nleading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did\nnot clear kernel memory correctly. A local attacker could exploit this\nto read kernel stack memory, leading to a loss of privacy.\n(CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface\ndriver did not correctly clear kernel memory. A local attacker could\nexploit this to read kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array\ncontroller driver did not validate certain sizes. A local attacker on\na 64bit system could exploit this to crash the kernel, leading to a\ndenial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check\nif a write operation was available. If the mmap_min-addr sysctl was\nchanged from the Ubuntu default to a value of 0, a local attacker\ncould exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly\nclear heap memory. A local attacker with CAP_NET_ADMIN privileges\ncould exploit this to read portions of kernel heap memory, leading to\na loss of privacy. (CVE-2010-4655).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-2.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-tools-common\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:9.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2016 Canonical, Inc. / NASL script (C) 2011-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(9\\.10|10\\.04|10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 9.10 / 10.04 / 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-doc\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-ec2-source-2.6.31\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-386\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-22-server\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-headers-2.6.31-307-ec2\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-386\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-generic-pae\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-lpia\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-server\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-22-virtual\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-image-2.6.31-307-ec2\", pkgver:\"2.6.31-307.23\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"9.10\", pkgname:\"linux-source-2.6.31\", pkgver:\"2.6.31-22.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-doc\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-ec2-doc\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-ec2-source-2.6.32\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-386\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-generic\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-generic-pae\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-preempt\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-27-server\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-311\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-headers-2.6.32-311-ec2\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-386\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-generic\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-generic-pae\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-lpia\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-preempt\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-server\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-versatile\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-27-virtual\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-311-ec2\", pkgver:\"2.6.32-311.23\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-source-2.6.32\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-tools-2.6.32-27\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-tools-common\", pkgver:\"2.6.32-27.49\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-doc\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-generic\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-generic-pae\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-server\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-headers-2.6.35-24-virtual\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-generic\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-generic-pae\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-server\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-versatile\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-24-virtual\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-libc-dev\", pkgver:\"2.6.35-1024.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-source-2.6.35\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-tools-2.6.35-24\", pkgver:\"2.6.35-24.42\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-tools-common\", pkgver:\"2.6.35-24.42\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-doc / linux-ec2-doc / linux-ec2-source-2.6.31 / etc\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "51453", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-libc-dev", "p-cpe:/a:canonical:ubuntu_linux:linux-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-2.6", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.32", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-ec2", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-generic", "cpe:/o:canonical:ubuntu_linux:10.10", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.35", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "cpe:/o:canonical:ubuntu_linux:9.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.32", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-ec2-doc", "p-cpe:/a:canonical:ubuntu_linux:linux-ec2-source-2.6.31", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-tools-common", "p-cpe:/a:canonical:ubuntu_linux:linux-source-2.6.31", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-server", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia", "p-cpe:/a:canonical:ubuntu_linux:linux-headers-2.6-386"]}
{"result": {"cve": [{"id": "CVE-2010-4242", "type": "cve", "title": "CVE-2010-4242", "description": "The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel 2.6.36, and possibly other versions, does not verify whether the tty has a write operation, which allows local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver.", "published": "2011-01-10T22:00:03", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4242", "cvelist": ["CVE-2010-4242"], "lastseen": "2017-08-17T11:14:59"}, {"id": "CVE-2010-4081", "type": "cve", "title": "CVE-2010-4081", "description": "The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call.", "published": "2010-11-30T17:14:00", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4081", "cvelist": ["CVE-2010-4081"], "lastseen": "2016-09-03T14:30:32"}, {"id": "CVE-2010-3297", "type": "cve", "title": "CVE-2010-3297", "description": "The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an EQL_GETMASTRCFG ioctl call.", "published": "2010-09-30T11:00:02", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3297", "cvelist": ["CVE-2010-3297"], "lastseen": "2016-09-03T14:18:08"}, {"id": "CVE-2010-4072", "type": "cve", "title": "CVE-2010-4072", "description": "The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the \"old shm interface.\"", "published": "2010-11-29T11:00:02", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4072", "cvelist": ["CVE-2010-4072"], "lastseen": "2016-09-03T14:30:23"}, {"id": "CVE-2010-2943", "type": "cve", "title": "CVE-2010-2943", "description": "The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.", "published": "2010-09-30T11:00:01", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2943", "cvelist": ["CVE-2010-2943"], "lastseen": "2016-09-03T14:12:34"}, {"id": "CVE-2010-4080", "type": "cve", "title": "CVE-2010-4080", "description": "The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call.", "published": "2010-11-30T17:14:00", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4080", "cvelist": ["CVE-2010-4080"], "lastseen": "2016-09-03T14:30:31"}, {"id": "CVE-2010-3296", "type": "cve", "title": "CVE-2010-3296", "description": "The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a CHELSIO_GET_QSET_NUM ioctl call.", "published": "2010-09-30T11:00:02", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3296", "cvelist": ["CVE-2010-3296"], "lastseen": "2016-09-03T14:18:08"}, {"id": "CVE-2010-3698", "type": "cve", "title": "CVE-2010-3698", "description": "The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segment registers, which allows host OS users to cause a denial of service (host OS crash) via a KVM_RUN ioctl call in conjunction with a modified Local Descriptor Table (LDT).", "published": "2010-11-26T14:00:07", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3698", "cvelist": ["CVE-2010-3698"], "lastseen": "2016-09-03T14:24:19"}, {"id": "CVE-2010-4157", "type": "cve", "title": "CVE-2010-4157", "description": "Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.36.1 on 64-bit platforms allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large argument in an ioctl call.", "published": "2010-12-10T14:00:05", "cvss": {"score": 6.0, "vector": "AV:LOCAL/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-4157", "cvelist": ["CVE-2010-4157"], "lastseen": "2016-09-03T14:31:35"}, {"id": "CVE-2010-3858", "type": "cve", "title": "CVE-2010-3858", "description": "The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit platform, which allows local users to cause a denial of service (system crash) via a crafted exec system call, a related issue to CVE-2010-2240.", "published": "2010-11-30T16:38:23", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3858", "cvelist": ["CVE-2010-3858"], "lastseen": "2016-09-03T14:26:55"}], "seebug": [{"id": "SSV:20314", "type": "seebug", "title": "Linux Kernel "hci_uart_tty_open()"\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "description": "BUGTRAQ ID: 45014\r\nCVE ID: CVE-2010-4242\r\n\r\nLinux Kernel\u662f\u5f00\u653e\u6e90\u7801\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210Kernel\u5d29\u6e83\uff0c\u62d2\u7edd\u670d\u52a1\u5408\u6cd5\u7528\u6237\u3002\r\n\r\n\u6b64\u95ee\u9898\u6e90\u4e8ehci_uart_tty_open()\u672a\u68c0\u67e5tty\u662f\u5426\u5177\u6709write op\u3002\n\nLinux kernel 2.6.0-2.6.37\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.kernel.org/", "published": "2011-01-06T00:00:00", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-20314", "cvelist": ["CVE-2010-4242"], "lastseen": "2017-11-19T18:07:15"}, {"id": "SSV:20276", "type": "seebug", "title": "Linux Kernel "hdsp.c" IOCTL\u672c\u5730\u4fe1\u606f\u6cc4\u9732\u6f0f\u6d1e", "description": "BUGTRAQ ID: 45063\r\nCVE ID: CVE-2010-4081\r\n\r\nLinux Kernel\u662f\u5f00\u653e\u6e90\u7801\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u83b7\u53d6\u654f\u611f\u4fe1\u606f\uff0c\u53ef\u80fd\u6709\u5229\u4e8e\u6267\u884c\u5176\u4ed6\u653b\u51fb\u3002\r\n\r\nhdspm.c\u548chdsp.c\u4e2d\u7684SNDRV_HDSP_IOCTL_GET_CONFIG_INFO\u548c SNDRV_HDSP_IOCTL_GET_CONFIG_INFO\u5141\u8bb8\u672a\u6388\u6743\u7528\u6237\u8bfb\u53d6\u672a\u521d\u59cb\u5316\u5185\u6838\u6808\u5185\u5b58\uff0c\u56e0\u4e3a\u6808\u4e0a\u516c\u5e03\u7684 hdsp{m}_config_info\u7684\u51e0\u4e2a\u5b57\u6bb5\u5728\u590d\u5236\u7ed9\u7528\u6237\u4e4b\u524d\u672a\u6539\u53d8\u6216\u6e05\u96f6\u3002\n\nLinux kernel 2.6.0 - 2.6.37\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.kernel.org/", "published": "2010-12-01T00:00:00", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://www.seebug.org/vuldb/ssvid-20276", "cvelist": ["CVE-2010-4081"], "lastseen": "2017-11-19T18:07:01"}, {"id": "SSV:20261", "type": "seebug", "title": "Linux Kernel gdth\u5b9e\u73b0\u5185\u6838\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "description": "CVE ID: CVE-2010-4157\r\n\r\nLinux Kernel\u662f\u5f00\u653e\u6e90\u7801\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel\u7684gdth_ioctl_alloc()\u51fd\u6570\u53d6\u503c\u5927\u5c0f\u53d8\u91cf\u4e3aint\u578b\uff0c\u800ccopy_from_user()\u51fd\u6570\u53d6\u5927\u5c0f\u53d8\u91cf\u4e3a\u65e0\u7b26\u957f\u578b\u3002 gen.data_len\u548cgen.sense_len\u4e3a\u65e0\u7b26\u957f\u578b\uff0c\u5728x86_64\u7cfb\u7edf\u4e0a\u957f\u578b\u4e3a64\u4f4d\uff0cint\u578b\u4e3a32\u4f4d\u3002\u5982\u679c\u7528\u6237\u4f20\u9001\u4e86\u8d85\u957f\u503c\u7684\u8bdd\uff0c\u5206\u914d\u5c31\u4f1a\u5c06\u5927\u5c0f\u622a\u77ed\u4e3a32\u4f4d\uff0c\u5206\u914d\u8fc7\u5c0f\u7684\u7f13\u51b2\u533a\uff0c\u4e4b\u540e\u5728\u6267\u884ccopy_from_user()\u65f6\u53ef\u80fd\u5bfc\u81f4\u5185\u5b58\u7834\u574f\u3002\n\nLinux kernel 2.6.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f63ae56e4e97fb12053590e41a4fa59e7daa74a4", "published": "2010-11-17T00:00:00", "cvss": {"score": 6.0, "vector": "AV:LOCAL/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-20261", "cvelist": ["CVE-2010-4157"], "lastseen": "2017-11-19T18:07:25"}, {"id": "SSV:20293", "type": "seebug", "title": "Linux Kernel 'drivers/scsi/gdth.c' IOCTL\u672c\u5730\u7279\u6743\u63d0\u5347\u6f0f\u6d1e", "description": "Bugtraq ID: 44648\r\nCVE ID\uff1aCVE-2010-4157\r\nCNCVE ID\uff1aCNCVE-20104157\r\n\r\nLinux\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\ngdth_ioctl_alloc()\u63a5\u6536\u6574\u6570\u7c7b\u578b\u5927\u5c0f\u53d8\u91cf\uff0ccopy_from_user()\u63a5\u6536\u65e0\u7b26\u957f\u6574\u578b\u5927\u5c0f\u53d8\u91cf\u3002gen.data_len\u548cgen.sense_len\u4e3a\u7b26\u957f\u6574\u578b\uff0c\u5728x86_64\u4e0a\u957f\u578b\u4e3a64\u4f4d\uff0c\u6574\u6570\u4e3a32\u4f4d\u3002\r\n\u4f20\u9012\u8d85\u5927\u503c\uff0c\u5185\u5b58\u5206\u914d\u4f1a\u622a\u65ad\u5927\u5c0f\u4e3a32\u4f4d\u800c\u5206\u914d\u8f83\u5c0f\u7684\u7f13\u51b2\u533a\uff0c\u5728copy_from_user()\u51fd\u6570\u4e2d\u53ef\u89e6\u53d1\u5185\u5b58\u7834\u574f\u3002\n\nRedHat Enterprise MRG v1 for Red Hat Enterprise Linux version 5\r\nLinux kernel 2.6.37\r\nLinux kernel 2.6.36\r\nLinux kernel 2.6.35\r\nLinux kernel 2.6.35\r\nLinux kernel 2.6.35\r\nLinux kernel 2.6.34\r\nLinux kernel 2.6.34\r\nLinux kernel 2.6.33 .1\r\nLinux kernel 2.6.33\r\nLinux kernel 2.6.32 .9\r\nLinux kernel 2.6.32\r\nLinux kernel 2.6.31 5\r\nLinux kernel 2.6.31 13\r\nLinux kernel 2.6.31 .2\r\nLinux kernel 2.6.31 .11\r\nLinux kernel 2.6.31 -rc7\r\nLinux kernel 2.6.31 -rc6\r\nLinux kernel 2.6.31 -rc3\r\n+ Trustix Secure Enterprise Linux 2.0\r\n+ Trustix Secure Linux 2.2\r\n+ Trustix Secure Linux 2.1\r\n+ Trustix Secure Linux 2.0\r\nLinux kernel 2.6.31 -rc1\r\nLinux kernel 2.6.31\r\nLinux kernel 2.6.30 .10\r\nLinux kernel 2.6.30 .1\r\nLinux kernel 2.6.30 -rc6\r\nLinux kernel 2.6.30 -rc5\r\nLinux kernel 2.6.30 -rc3\r\nLinux kernel 2.6.30 -rc2\r\nLinux kernel 2.6.30 -rc1\r\nLinux kernel 2.6.30\r\nLinux kernel 2.6.29 .4\r\nLinux kernel 2.6.29 .1\r\nLinux kernel 2.6.29 -git8\r\nLinux kernel 2.6.29 -git14\r\nLinux kernel 2.6.29 -git1\r\nLinux kernel 2.6.29\r\nLinux kernel 2.6.28 .9\r\nLinux kernel 2.6.28 .8\r\nLinux kernel 2.6.28 .6\r\nLinux kernel 2.6.28 .5\r\nLinux kernel 2.6.28 .3\r\nLinux kernel 2.6.28 .2\r\nLinux kernel 2.6.28 .1\r\nLinux kernel 2.6.28 -rc7\r\nLinux kernel 2.6.28 -rc5\r\nLinux kernel 2.6.28 -rc1\r\nLinux kernel 2.6.28 -git7\r\nLinux kernel 2.6.28\r\nLinux kernel 2.6.27 6\r\nLinux kernel 2.6.27 3\r\nLinux kernel 2.6.27 12\r\nLinux kernel 2.6.27 .8\r\nLinux kernel 2.6.27 .5\r\nLinux kernel 2.6.27 .5\r\nLinux kernel 2.6.27 .46\r\nLinux kernel 2.6.27 .24\r\nLinux kernel 2.6.27 .14\r\nLinux kernel 2.6.27 .13\r\nLinux kernel 2.6.27 .12\r\nLinux kernel 2.6.27 -rc8-git5\r\nLinux kernel 2.6.27 -rc8\r\nLinux kernel 2.6.27 -rc6-git6\r\nLinux kernel 2.6.27 -rc6\r\nLinux kernel 2.6.27 -rc5\r\nLinux kernel 2.6.27 -rc4\r\nLinux kernel 2.6.27 -rc2\r\nLinux kernel 2.6.27 -rc1\r\nLinux kernel 2.6.27\r\nLinux kernel 2.6.26 7\r\nLinux kernel 2.6.26 .6\r\nLinux kernel 2.6.26 .4\r\nLinux kernel 2.6.26 .3\r\nLinux kernel 2.6.26 -rc6\r\nLinux kernel 2.6.26\r\nLinux kernel 2.6.25 19\r\nLinux kernel 2.6.25 .9\r\nLinux kernel 2.6.25 .8\r\nLinux kernel 2.6.25 .7\r\nLinux kernel 2.6.25 .6\r\nLinux kernel 2.6.25 .5\r\nLinux kernel 2.6.25 .15\r\nLinux kernel 2.6.25 .13\r\nLinux kernel 2.6.25 .12\r\nLinux kernel 2.6.25 .11\r\nLinux kernel 2.6.25 .10\r\nLinux kernel 2.6.25\r\nLinux kernel 2.6.24 .2\r\nLinux kernel 2.6.24 .1\r\nLinux kernel 2.6.24 -rc5\r\nLinux kernel 2.6.24 -rc4\r\nLinux kernel 2.6.24 -rc3\r\nLinux kernel 2.6.24 -git13\r\nLinux kernel 2.6.24\r\nLinux kernel 2.6.23 .7\r\nLinux kernel 2.6.23 .7\r\nLinux kernel 2.6.23 .6\r\nLinux kernel 2.6.23 .6\r\nLinux kernel 2.6.23 .5\r\nLinux kernel 2.6.23 .5\r\nLinux kernel 2.6.23 .4\r\nLinux kernel 2.6.23 .4\r\nLinux kernel 2.6.23 .3\r\nLinux kernel 2.6.23 .3\r\nLinux kernel 2.6.23 .2\r\nLinux kernel 2.6.23 .2\r\nLinux kernel 2.6.23 -rc2\r\nLinux kernel 2.6.23 -rc1\r\nLinux kernel 2.6.23\r\nLinux kernel 2.6.23\r\nLinux kernel 2.6.22 rc6\r\nLinux kernel 2.6.22 .8\r\nLinux kernel 2.6.22 .7\r\nLinux kernel 2.6.22 .7\r\nLinux kernel 2.6.22 .6\r\nLinux kernel 2.6.22 .6\r\nLinux kernel 2.6.22 .5\r\nLinux kernel 2.6.22 .5\r\nLinux kernel 2.6.22 .4\r\nLinux kernel 2.6.22 .4\r\nLinux kernel 2.6.22 .3\r\nLinux kernel 2.6.22 .3\r\nLinux kernel 2.6.22 .2\r\nLinux kernel 2.6.22 .17\r\nLinux kernel 2.6.22 .16\r\nLinux kernel 2.6.22 .15\r\nLinux kernel 2.6.22 .14\r\nLinux kernel 2.6.22 .13\r\nLinux kernel 2.6.22 .12\r\nLinux kernel 2.6.22 .11\r\nLinux kernel 2.6.22 .1\r\nLinux kernel 2.6.22\r\nLinux kernel 2.6.22\r\nLinux kernel 2.6.21 rc7\r\nLinux kernel 2.6.21 git5\r\nLinux kernel 2.6.21 git4\r\nLinux kernel 2.6.21 git3\r\nLinux kernel 2.6.21 git2\r\nLinux kernel 2.6.21 git1\r\nLinux kernel 2.6.21 git 7\r\nLinux kernel 2.6.21 git 6\r\nLinux kernel 2.6.21 4\r\nLinux kernel 2.6.21 .7\r\nLinux kernel 2.6.21 .6\r\nLinux kernel 2.6.21 .3\r\nLinux kernel 2.6.21 .2\r\nLinux kernel 2.6.21 .1\r\nLinux kernel 2.6.21 -git8\r\nLinux kernel 2.6.21\r\nLinux kernel 2.6.20 .9\r\nLinux kernel 2.6.20 .8\r\nLinux kernel 2.6.20 .7\r\nLinux kernel 2.6.20 .6\r\nLinux kernel 2.6.20 .5\r\nLinux kernel 2.6.20 .4\r\nLinux kernel 2.6.20 .15\r\nLinux kernel 2.6.20 .14\r\nLinux kernel 2.6.20 .12\r\nLinux kernel 2.6.20 .10\r\nLinux kernel 2.6.20 .1\r\nLinux kernel 2.6.20 -git5\r\nLinux kernel 2.6.20\r\nLinux kernel 2.6.19 .4\r\nLinux kernel 2.6.19 .3\r\nLinux kernel 2.6.19 .2\r\nLinux kernel 2.6.19 .1\r\nLinux kernel 2.6.19 -rc4\r\nLinux kernel 2.6.19 -rc3\r\nLinux kernel 2.6.19 -rc2\r\nLinux kernel 2.6.19 -rc1\r\nLinux kernel 2.6.19\r\nLinux kernel 2.6.18 rc7\r\nLinux kernel 2.6.18 rc6\r\nLinux kernel 2.6.18 rc5\r\nLinux kernel 2.6.18 rc4\r\nLinux kernel 2.6.18 rc3\r\nLinux kernel 2.6.18 rc2\r\nLinux kernel 2.6.18 rc1\r\nLinux kernel 2.6.18 .8\r\nLinux kernel 2.6.18 .7\r\nLinux kernel 2.6.18 .6\r\nLinux kernel 2.6.18 .5\r\nLinux kernel 2.6.18 .4\r\nLinux kernel 2.6.18 .4\r\nLinux kernel 2.6.18 .3\r\nLinux kernel 2.6.18 .3\r\nLinux kernel 2.6.18 .2\r\nLinux kernel 2.6.18 .1\r\nLinux kernel 2.6.17 rc6\r\nLinux kernel 2.6.17 rc4\r\nLinux kernel 2.6.17 rc3\r\nLinux kernel 2.6.17 rc2\r\nLinux kernel 2.6.17 rc1\r\nLinux kernel 2.6.17 .9\r\nLinux kernel 2.6.17 .9\r\nLinux kernel 2.6.17 .8\r\nLinux kernel 2.6.17 .8\r\nLinux kernel 2.6.17 .7\r\nLinux kernel 2.6.17 .7\r\nLinux kernel 2.6.17 .6\r\nLinux kernel 2.6.17 .6\r\nLinux kernel 2.6.17 .5\r\nLinux kernel 2.6.17 .5\r\nLinux kernel 2.6.17 .4\r\nLinux kernel 2.6.17 .4\r\nLinux kernel 2.6.17 .3\r\nLinux kernel 2.6.17 .3\r\nLinux kernel 2.6.17 .2\r\nLinux kernel 2.6.17 .2\r\nLinux kernel 2.6.17 .14\r\nLinux kernel 2.6.17 .14\r\nLinux kernel 2.6.17 .13\r\nLinux kernel 2.6.17 .13\r\nLinux kernel 2.6.17 .12\r\nLinux kernel 2.6.17 .12\r\nLinux kernel 2.6.17 .11\r\nLinux kernel 2.6.17 .11\r\nLinux kernel 2.6.17 .10\r\nLinux kernel 2.6.17 .10\r\nLinux kernel 2.6.17 .1\r\nLinux kernel 2.6.17 .1\r\nLinux kernel 2.6.17 -rc5\r\nLinux kernel 2.6.17\r\nLinux kernel 2.6.17\r\nLinux kernel 2.6.16 rc6\r\nLinux kernel 2.6.16 rc5\r\nLinux kernel 2.6.16 rc4\r\nLinux kernel 2.6.16 rc3\r\nLinux kernel 2.6.16 rc2\r\nLinux kernel 2.6.16 27\r\nLinux kernel 2.6.16 13\r\nLinux kernel 2.6.16 .9\r\nLinux kernel 2.6.16 .8\r\nLinux kernel 2.6.16 .8\r\nLinux kernel 2.6.16 .7\r\nLinux kernel 2.6.16 .6\r\nLinux kernel 2.6.16 .53\r\nLinux kernel 2.6.16 .52\r\nLinux kernel 2.6.16 .51\r\nLinux kernel 2.6.16 .50\r\nLinux kernel 2.6.16 .5\r\nLinux kernel 2.6.16 .5\r\nLinux kernel 2.6.16 .49\r\nLinux kernel 2.6.16 .48\r\nLinux kernel 2.6.16 .47\r\nLinux kernel 2.6.16 .46\r\nLinux kernel 2.6.16 .45\r\nLinux kernel 2.6.16 .44\r\nLinux kernel 2.6.16 .43\r\nLinux kernel 2.6.16 .41\r\nLinux kernel 2.6.16 .40\r\nLinux kernel 2.6.16 .4\r\nLinux kernel 2.6.16 .4\r\nLinux kernel 2.6.16 .39\r\nLinux kernel 2.6.16 .38\r\nLinux kernel 2.6.16 .37\r\nLinux kernel 2.6.16 .36\r\nLinux kernel 2.6.16 .35\r\nLinux kernel 2.6.16 .34\r\nLinux kernel 2.6.16 .33\r\nLinux kernel 2.6.16 .32\r\nLinux kernel 2.6.16 .31\r\nLinux kernel 2.6.16 .30\r\nLinux kernel 2.6.16 .3\r\nLinux kernel 2.6.16 .3\r\nLinux kernel 2.6.16 .29\r\nLinux kernel 2.6.16 .28\r\nLinux kernel 2.6.16 .27\r\nLinux kernel 2.6.16 .26\r\nLinux kernel 2.6.16 .25\r\nLinux kernel 2.6.16 .24\r\nLinux kernel 2.6.16 .23\r\nLinux kernel 2.6.16 .23\r\nLinux kernel 2.6.16 .23\r\nLinux kernel 2.6.16 .22\r\nLinux kernel 2.6.16 .21\r\nLinux kernel 2.6.16 .21\r\nLinux kernel 2.6.16 .20\r\nLinux kernel 2.6.16 .2\r\nLinux kernel 2.6.16 .2\r\nLinux kernel 2.6.16 .19\r\nLinux kernel 2.6.16 .18\r\nLinux kernel 2.6.16 .18\r\nLinux kernel 2.6.16 .17\r\nLinux kernel 2.6.16 .17\r\nLinux kernel 2.6.16 .16\r\nLinux kernel 2.6.16 .16\r\nLinux kernel 2.6.16 .15\r\nLinux kernel 2.6.16 .14\r\nLinux kernel 2.6.16 .12\r\nLinux kernel 2.6.16 .11\r\nLinux kernel 2.6.16 .10\r\nLinux kernel 2.6.16 .1\r\nLinux kernel 2.6.16 -rc1\r\nLinux kernel 2.6.16\r\nLinux kernel 2.6.16\r\nLinux kernel 2.6.15 rc7\r\nLinux kernel 2.6.15 .7\r\nLinux kernel 2.6.15 .6\r\nLinux kernel 2.6.15 .6\r\nLinux kernel 2.6.15 .4\r\nLinux kernel 2.6.15 .3\r\nLinux kernel 2.6.15 .3\r\nLinux kernel 2.6.15 .2\r\nLinux kernel 2.6.15 .1\r\nLinux kernel 2.6.15 .1\r\nLinux kernel 2.6.15 -rc6\r\nLinux kernel 2.6.15 -rc5\r\nLinux kernel 2.6.15 -rc4\r\nLinux kernel 2.6.15 -rc3\r\nLinux kernel 2.6.15 -rc2\r\nLinux kernel 2.6.15 -rc1\r\nLinux kernel 2.6.15\r\nLinux kernel 2.6.15\r\nLinux kernel 2.6.14 .7\r\nLinux kernel 2.6.14 .6\r\nLinux kernel 2.6.14 .5\r\nLinux kernel 2.6.14 .5\r\nLinux kernel 2.6.14 .4\r\nLinux kernel 2.6.14 .4\r\nLinux kernel 2.6.14 .3\r\nLinux kernel 2.6.14 .2\r\nLinux kernel 2.6.14 .1\r\nLinux kernel 2.6.14 -rc5\r\nLinux kernel 2.6.14 -rc4\r\nLinux kernel 2.6.14 -rc3\r\nLinux kernel 2.6.14 -rc2\r\nLinux kernel 2.6.14 -rc1\r\nLinux kernel 2.6.14\r\nLinux kernel 2.6.14\r\nLinux kernel 2.6.13 rc5\r\nLinux kernel 2.6.13 rc3\r\nLinux kernel 2.6.13 rc2\r\nLinux kernel 2.6.13 .5\r\nLinux kernel 2.6.13 .4\r\nLinux kernel 2.6.13 .3\r\nLinux kernel 2.6.13 .2\r\nLinux kernel 2.6.13 .1\r\nLinux kernel 2.6.13 -rc7\r\nLinux kernel 2.6.13 -rc6\r\nLinux kernel 2.6.13 -rc4\r\nLinux kernel 2.6.13 -rc1\r\nLinux kernel 2.6.13\r\nLinux kernel 2.6.13\r\nLinux kernel 2.6.12 rc6\r\nLinux kernel 2.6.12 rc3\r\nLinux kernel 2.6.12 rc2\r\nLinux kernel 2.6.12 .6\r\nLinux kernel 2.6.12 .5\r\nLinux kernel 2.6.12 .4\r\nLinux kernel 2.6.12 .3\r\nLinux kernel 2.6.12 .22\r\nLinux kernel 2.6.12 .2\r\nLinux kernel 2.6.12 .12\r\nLinux kernel 2.6.12 .1\r\nLinux kernel 2.6.12 -rc5\r\nLinux kernel 2.6.12 -rc4\r\nLinux kernel 2.6.12 -rc1\r\nLinux kernel 2.6.12\r\nLinux kernel 2.6.12\r\nLinux kernel 2.6.11 rc5\r\nLinux kernel 2.6.11 rc1\r\nLinux kernel 2.6.11 .9\r\nLinux kernel 2.6.11 .8\r\nLinux kernel 2.6.11 .7\r\nLinux kernel 2.6.11 .6\r\nLinux kernel 2.6.11 .5\r\nLinux kernel 2.6.11 .4\r\nLinux kernel 2.6.11 .3\r\nLinux kernel 2.6.11 .2\r\nLinux kernel 2.6.11 .12\r\nLinux kernel 2.6.11 .11\r\nLinux kernel 2.6.11 .10\r\nLinux kernel 2.6.11 .1\r\nLinux kernel 2.6.11 -rc4\r\nLinux kernel 2.6.11 -rc3\r\nLinux kernel 2.6.11 -rc2\r\nLinux kernel 2.6.11\r\nLinux kernel 2.6.11\r\nLinux kernel 2.6.10 rc3\r\nLinux kernel 2.6.10 rc2\r\nLinux kernel 2.6.10 rc1\r\nLinux kernel 2.6.10\r\nLinux kernel 2.6.10\r\nLinux kernel 2.6.9 rc4\r\nLinux kernel 2.6.9 rc3\r\nLinux kernel 2.6.9 rc2\r\nLinux kernel 2.6.9 rc1\r\nLinux kernel 2.6.9 final\r\nLinux kernel 2.6.9\r\nLinux kernel 2.6.9\r\nLinux kernel 2.6.8 rc4\r\nLinux kernel 2.6.8 rc3\r\nLinux kernel 2.6.8 rc2\r\nLinux kernel 2.6.8 rc1\r\n+ Ubuntu Ubuntu Linux 4.1 ppc\r\n+ Ubuntu Ubuntu Linux 4.1 ia64\r\n+ Ubuntu Ubuntu Linux 4.1 ia32\r\nLinux kernel 2.6.8\r\nLinux kernel 2.6.8\r\nLinux kernel 2.6.7 rc3\r\nLinux kernel 2.6.7 rc2\r\nLinux kernel 2.6.7 rc1\r\nLinux kernel 2.6.7\r\nLinux kernel 2.6.7\r\nLinux kernel 2.6.6 rc3\r\nLinux kernel 2.6.6 rc2\r\nLinux kernel 2.6.6 rc1\r\nLinux kernel 2.6.6\r\nLinux kernel 2.6.6\r\nLinux kernel 2.6.5 rc3\r\nLinux kernel 2.6.5 rc2\r\nLinux kernel 2.6.5 rc1\r\nLinux kernel 2.6.5\r\nLinux kernel 2.6.5\r\nLinux kernel 2.6.4 rc3\r\nLinux kernel 2.6.4 rc2\r\nLinux kernel 2.6.4 rc1\r\nLinux kernel 2.6.4\r\nLinux kernel 2.6.4\r\nLinux kernel 2.6.3 rc4\r\nLinux kernel 2.6.3 rc3\r\nLinux kernel 2.6.3 rc2\r\nLinux kernel 2.6.3 rc1\r\nLinux kernel 2.6.3\r\nLinux kernel 2.6.3\r\nLinux kernel 2.6.2 rc3\r\nLinux kernel 2.6.2 rc2\r\nLinux kernel 2.6.2 rc1\r\nLinux kernel 2.6.2\r\nLinux kernel 2.6.2\r\nLinux kernel 2.6.1 rc3\r\nLinux kernel 2.6.1 0\r\nLinux kernel 2.6.1 -rc2\r\nLinux kernel 2.6.1 -rc1\r\nLinux kernel 2.6.1\r\nLinux kernel 2.6 .10\r\nLinux kernel 2.6 -test9-CVS\r\nLinux kernel 2.6 -test9\r\nLinux kernel 2.6 -test8\r\nLinux kernel 2.6 -test7\r\nLinux kernel 2.6 -test6\r\nLinux kernel 2.6 -test5\r\nLinux kernel 2.6 -test4\r\nLinux kernel 2.6 -test3\r\nLinux kernel 2.6 -test2\r\nLinux kernel 2.6 -test11\r\nLinux kernel 2.6 -test10\r\nLinux kernel 2.6 -test1\r\nLinux kernel 2.6\r\nLinux kernel 2.6.8.1\r\nLinux kernel 2.6.8.1\r\nLinux kernel 2.6.36-rc8\r\nLinux kernel 2.6.36-rc6\r\nLinux kernel 2.6.36-rc5\r\nLinux kernel 2.6.36-rc4\r\nLinux kernel 2.6.36-rc1\r\nLinux kernel 2.6.35.5\r\nLinux kernel 2.6.35.4\r\nLinux kernel 2.6.35.1\r\nLinux kernel 2.6.35.1\r\nLinux kernel 2.6.35-rc6\r\nLinux kernel 2.6.35-rc5-git5\r\nLinux kernel 2.6.35-rc5\r\nLinux kernel 2.6.35-rc4\r\nLinux kernel 2.6.35-rc1\r\nLinux kernel 2.6.34.3\r\nLinux kernel 2.6.34.2\r\nLinux kernel 2.6.34.1\r\nLinux kernel 2.6.34-rc6\r\nLinux kernel 2.6.34-rc5\r\nLinux kernel 2.6.34-rc4\r\nLinux kernel 2.6.34-rc2-git1\r\nLinux kernel 2.6.34-rc2\r\nLinux kernel 2.6.34-rc1\r\nLinux kernel 2.6.33.7\r\nLinux kernel 2.6.33-rc8\r\nLinux kernel 2.6.33-rc7\r\nLinux kernel 2.6.33-rc7\r\nLinux kernel 2.6.33-rc6-git5\r\nLinux kernel 2.6.33-rc6\r\nLinux kernel 2.6.33-rc5\r\nLinux kernel 2.6.33-rc4\r\nLinux kernel 2.6.33-rc1\r\nLinux kernel 2.6.32.8\r\nLinux kernel 2.6.32.7\r\nLinux kernel 2.6.32.6\r\nLinux kernel 2.6.32.5\r\nLinux kernel 2.6.32.4\r\nLinux kernel 2.6.32.3\r\nLinux kernel 2.6.32.22\r\nLinux kernel 2.6.32.2\r\nLinux kernel 2.6.32.18\r\nLinux kernel 2.6.32.17\r\nLinux kernel 2.6.32.16\r\nLinux kernel 2.6.32.15\r\nLinux kernel 2.6.32.14\r\nLinux kernel 2.6.32.13\r\nLinux kernel 2.6.32.12\r\nLinux kernel 2.6.32.11\r\nLinux kernel 2.6.32.10\r\nLinux kernel 2.6.32.1\r\nLinux kernel 2.6.32-rc8\r\nLinux kernel 2.6.32-rc7\r\nLinux kernel 2.6.32-rc5\r\n+ Trustix Secure Enterprise Linux 2.0\r\n+ Trustix Secure Linux 2.2\r\n+ Trustix Secure Linux 2.1\r\n+ Trustix Secure Linux 2.0\r\nLinux kernel 2.6.32-rc4\r\nLinux kernel 2.6.32-rc3\r\nLinux kernel 2.6.32-rc2\r\nLinux kernel 2.6.32-rc1\r\nLinux kernel 2.6.31.6\r\nLinux kernel 2.6.31.4\r\nLinux kernel 2.6.31.1\r\nLinux kernel 2.6.31-rc9\r\nLinux kernel 2.6.31-rc8\r\nLinux kernel 2.6.31-rc5-git3\r\nLinux kernel 2.6.31-rc4\r\nLinux kernel 2.6.31-rc2\r\nLinux kernel 2.6.31-git11\r\n+ Trustix Secure Enterprise Linux 2.0\r\n+ Trustix Secure Linux 2.2\r\n+ Trustix Secure Linux 2.1\r\n+ Trustix Secure Linux 2.0\r\nLinux kernel 2.6.30.5\r\nLinux kernel 2.6.30.4\r\nLinux kernel 2.6.30.3\r\nLinux kernel 2.6.29-rc2-git1\r\nLinux kernel 2.6.29-rc2\r\nLinux kernel 2.6.29-rc1\r\nLinux kernel 2.6.28.4\r\nLinux kernel 2.6.28.10\r\nLinux kernel 2.6.28-rc7\r\nLinux kernel 2.6.28-rc6\r\nLinux kernel 2.6.28-rc5\r\nLinux kernel 2.6.28-rc5\r\nLinux kernel 2.6.28-rc4\r\nLinux kernel 2.6.27.54\r\nLinux kernel 2.6.27.51\r\nLinux kernel 2.6.27.49\r\nLinux kernel 2.6.27-git3\r\nLinux kernel 2.6.26.1\r\nLinux kernel 2.6.26-rc5-git1\r\nLinux kernel 2.6.25.4\r\nLinux kernel 2.6.25.3\r\nLinux kernel 2.6.25.2\r\nLinux kernel 2.6.25.1\r\nLinux kernel 2.6.25-rc1\r\nLinux kernel 2.6.24.6\r\nLinux kernel 2.6.24-rc2\r\nLinux kernel 2.6.24-rc1\r\nLinux kernel 2.6.24 Rc3\r\nLinux kernel 2.6.24 Rc2\r\nLinux kernel 2.6.23.14\r\nLinux kernel 2.6.23.10\r\nLinux kernel 2.6.23.1\r\nLinux kernel 2.6.23.1\r\nLinux kernel 2.6.23.09\r\nLinux kernel 2.6.23 Rc2\r\nLinux kernel 2.6.22-rc7\r\nLinux kernel 2.6.22-rc1\r\nLinux kernel 2.6.21-RC6\r\nLinux kernel 2.6.21-RC5\r\nLinux kernel 2.6.21-RC4\r\nLinux kernel 2.6.21-RC3\r\nLinux kernel 2.6.20.3\r\nLinux kernel 2.6.20.2\r\nLinux kernel 2.6.20.13\r\nLinux kernel 2.6.20.11\r\nLinux kernel 2.6.20-rc2\r\nLinux kernel 2.6.20-2\r\nLinux kernel 2.6.19 -rc6\r\nLinux kernel 2.6.18.1\r\nLinux kernel 2.6.18-8.1.8.el5\r\nLinux kernel 2.6.18-53\r\nLinux kernel 2.6.18\r\nLinux kernel 2.6.16.9\r\nLinux kernel 2.6.16.7\r\nLinux kernel 2.6.16.19\r\nLinux kernel 2.6.16.13\r\nLinux kernel 2.6.16.12\r\nLinux kernel 2.6.16.11\r\nLinux kernel 2.6.15.5\r\nLinux kernel 2.6.15.5\r\nLinux kernel 2.6.15.4\r\nLinux kernel 2.6.15.11\r\nLinux kernel 2.6.15-27.48\r\nLinux kernel 2.6.14.3\r\nLinux kernel 2.6.14.2\r\nLinux kernel 2.6.14.1\r\nLinux kernel 2.6.13.4\r\nLinux kernel 2.6.13.3\r\nLinux kernel 2.6.13.2\r\nLinux kernel 2.6.13.1\r\nLinux kernel 2.6.12.6\r\nLinux kernel 2.6.12.5\r\nLinux kernel 2.6.12.4\r\nLinux kernel 2.6.12.3\r\nLinux kernel 2.6.12.2\r\nLinux kernel 2.6.12.1\r\nLinux kernel 2.6.11.8\r\nLinux kernel 2.6.11.7\r\nLinux kernel 2.6.11.6\r\nLinux kernel 2.6.11.5\r\nLinux kernel 2.6.11.4\r\nLinux kernel 2.6.11.12\r\nLinux kernel 2.6.11.11\r\nLinux kernel 2.6.0\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f63ae56e4e97fb12053590e41a4fa59e7daa74a4", "published": "2010-12-17T00:00:00", "cvss": {"score": 6.0, "vector": "AV:LOCAL/AC:HIGH/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-20293", "cvelist": ["CVE-2010-4157"], "lastseen": "2017-11-19T18:07:08"}, {"id": "SSV:20278", "type": "seebug", "title": "Linux Kernel "setup_arg_pages()"\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "description": "BUGTRAQ ID: 44301\r\nCVE ID: CVE-2010-3858\r\n\r\nLinux Kernel\u662f\u5f00\u653e\u6e90\u7801\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u7cfb\u7edf\u5d29\u6e83\u3002\r\n\r\nsetup_arg_pages()\u7684CONFIG_STACK_GROWSDOWN\u53d8\u91cf\u672a\u68c0\u6d4b\u5806\u6808\u4e0aargument/environment\u533a\u57df\u7684\u5927\u5c0f\u3002\u8fc7\u5927\u65f6\uff0cshift_arg_pages()\u4f1a\u547d\u4e2d\u5176BUG_ON\u3002\u7528\u975e\u5e38\u5927\u7684RLIMIT_STACK\u9650\u5236\u65f6\u53ef\u88ab\u5229\u7528\u8f7b\u6613\u5730\u9020\u6210\u7cfb\u7edf\u5d29\u6e83\u3002\n\nLinux kernel 2.6.0 - 2.6.37\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.kernel.org/", "published": "2010-12-01T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.seebug.org/vuldb/ssvid-20278", "cvelist": ["CVE-2010-3858"], "lastseen": "2017-11-19T18:06:58"}], "ubuntu": [{"id": "USN-1092-1", "type": "ubuntu", "title": "Linux Kernel vulnerabilities", "description": "Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4077)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)", "published": "2011-03-25T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1092-1/", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4077", "CVE-2010-4075"], "lastseen": "2018-03-29T18:17:44"}, {"id": "USN-1089-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163)\n\nDan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4175)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)", "published": "2011-03-18T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1089-1/", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4175", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "lastseen": "2018-03-29T18:19:40"}, {"id": "USN-1105-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163, CVE-2010-4668)\n\nDan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4164)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nNelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. If a local attacker were able to trigger certain kinds of kernel bugs, they could create a specially crafted process to gain root privileges. (CVE-2010-4258)\n\nTavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. (CVE-2010-4346)", "published": "2011-04-05T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1105-1/", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4668", "CVE-2010-4346", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4164", "CVE-2010-4075"], "lastseen": "2018-03-29T18:21:30"}, {"id": "USN-1041-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Louis Rilling and Matthieu Fertr\u00c3\u00a9 reported a use after free error in the Linux kernel\u2019s futex_wait function. A local user could exploit this flaw to cause a denial of service (system crash) or possibly gain privileges via a specially crafted application. (CVE-2014-0205)\n\nBen Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. (CVE-2010-3301)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. (CVE-2010-2537, CVE-2010-2538)\n\nDave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. (CVE-2010-2943)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. (CVE-2010-2962)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3079)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, CVE-2010-3298)\n\nIt was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698)\n\nBrad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858)\n\nKees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. (CVE-2010-3861)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4072)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nKees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. (CVE-2010-4655)", "published": "2011-01-10T00:00:00", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "https://usn.ubuntu.com/1041-1/", "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4072", "CVE-2010-2943", "CVE-2010-4080", "CVE-2010-3296", "CVE-2010-3698", "CVE-2010-4157", "CVE-2010-3858", "CVE-2010-2537", "CVE-2014-0205", "CVE-2010-2962", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-3861", "CVE-2010-3301", "CVE-2010-4655"], "lastseen": "2018-03-29T18:20:31"}, {"id": "USN-1204-1", "type": "ubuntu", "title": "Linux kernel (i.MX51) vulnerabilities", "description": "Dan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to to crash the kernel, or possibly gain root privileges. (CVE-2010-4160)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163, CVE-2010-4668)\n\nDan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4175)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nBrad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. (CVE-2010-4243)\n\nAlex Shi and Eric Dumazet discovered that the network stack did not correctly handle packet backlogs. A remote attacker could exploit this by sending a large amount of network traffic to cause the system to run out of memory, leading to a denial of service. (CVE-2010-4251, CVE-2010-4805)\n\nIt was discovered that the ICMP stack did not correctly handle certain unreachable messages. If a remote attacker were able to acquire a socket lock, they could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-4526)\n\nDan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\n\nKees Cook reported that /proc/pid/stat did not correctly filter certain memory locations. A local attacker could determine the memory layout of processes in an attempt to increase the chances of a successful memory corruption exploit. (CVE-2011-0726)\n\nTimo Warns discovered that MAC partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system or potentially gain root privileges. (CVE-2011-1010)\n\nTimo Warns discovered that LDM partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1012)\n\nMatthiew Herrb discovered that the drm modeset interface did not correctly handle a signed comparison. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2011-1013)\n\nIt was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. (CVE-2011-1020)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1078)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1079)\n\nVasiliy Kulikov discovered that bridge network filtering did not check that name fields were NULL terminated. A local attacker could exploit this to leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1080)\n\nNelson Elhage discovered that the epoll subsystem did not correctly handle certain structures. A local attacker could create malicious requests that would hang the system, leading to a denial of service. (CVE-2011-1082)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain orders of operation with ACL data. A remote attacker with access to an NFSv4 mount could exploit this to crash the system, leading to a denial of service. (CVE-2011-1090)\n\nJohan Hovold discovered that the DCCP network stack did not correctly handle certain packet combinations. A remote attacker could send specially crafted network traffic that would crash the system, leading to a denial of service. (CVE-2011-1093)\n\nPeter Huewe discovered that the TPM device did not correctly initialize memory. A local attacker could exploit this to read kernel heap memory contents, leading to a loss of privacy. (CVE-2011-1160)\n\nTimo Warns discovered that OSF partition parsing routines did not correctly clear memory. A local attacker with physical access could plug in a specially crafted block device to read kernel memory, leading to a loss of privacy. (CVE-2011-1163)\n\nVasiliy Kulikov discovered that the netfilter code did not check certain strings copied from userspace. A local attacker with netfilter access could exploit this to read kernel memory or crash the system, leading to a denial of service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)\n\nVasiliy Kulikov discovered that the Acorn Universal Networking driver did not correctly initialize memory. A remote attacker could send specially crafted traffic to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1173)\n\nDan Rosenberg discovered that the IRDA subsystem did not correctly check certain field sizes. If a system was using IRDA, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. (CVE-2011-1180)\n\nRyan Sweat discovered that the GRO code did not correctly validate memory. In some configurations on systems using VLANs, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-1478)\n\nDan Rosenberg discovered that the X.25 Rose network stack did not correctly handle certain fields. If a system was running with Rose enabled, a remote attacker could send specially crafted traffic to gain root privileges. (CVE-2011-1493)\n\nTimo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1577)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did not correctly validate certain socket structures. If this driver was loaded, a local attacker could crash the system, leading to a denial of service. (CVE-2011-1598)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle certain packet structures. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1770)\n\nVasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. (CVE-2011-1833)\n\nVasiliy Kulikov discovered that taskstats listeners were not correctly handled. A local attacker could expoit this to exhaust memory and CPU resources, leading to a denial of service. (CVE-2011-2484)\n\nIt was discovered that Bluetooth l2cap and rfcomm did not correctly initialize structures. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)\n\nFernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service. (CVE-2011-2699)\n\nThe performance counter subsystem did not correctly handle certain counters. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2918)\n\nA flaw was found in the Linux kernel\u2019s /proc/*/_map_ interface. A local, unprivileged user could exploit this flaw to cause a denial of service. (CVE-2011-3637)\n\nDan Rosenberg discovered flaws in the linux Rose (X.25 PLP) layer used by amateur radio. A local user or a remote user on an X.25 network could exploit these flaws to execute arbitrary code as root. (CVE-2011-4913)\n\nBen Hutchings discovered several flaws in the Linux Rose (X.25 PLP) layer. A local user or a remote user on an X.25 network could exploit these flaws to execute arbitrary code as root. (CVE-2011-4914)", "published": "2011-09-13T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1204-1/", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2011-2918", "CVE-2010-4668", "CVE-2011-1160", "CVE-2011-1078", "CVE-2010-4649", "CVE-2011-1478", "CVE-2010-3859", "CVE-2011-1012", "CVE-2011-1598", "CVE-2011-2492", "CVE-2010-4251", "CVE-2011-1173", "CVE-2011-2699", "CVE-2010-4158", "CVE-2011-2484", "CVE-2010-4526", "CVE-2010-4162", "CVE-2011-1180", "CVE-2011-1079", "CVE-2011-1044", "CVE-2011-1770", "CVE-2010-4805", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-4913", "CVE-2011-1013", "CVE-2011-1833", "CVE-2011-4914", "CVE-2010-4160", "CVE-2011-1093", "CVE-2011-1010", "CVE-2011-1020", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1171", "CVE-2011-1082", "CVE-2011-1493", "CVE-2011-2534", "CVE-2011-3637", "CVE-2011-0726", "CVE-2011-1090", "CVE-2010-4175", "CVE-2011-1080", "CVE-2010-4077", "CVE-2010-4075", "CVE-2011-1577", "CVE-2010-4076"], "lastseen": "2018-03-29T18:18:27"}, {"id": "USN-1083-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. (CVE-2010-3904)\n\nNelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. (CVE-2010-3848, CVE-2010-3849, CVE-2010-3850)\n\nBen Hawkes discovered that the Linux kernel did not correctly filter registers on 64bit kernels when performing 32bit system calls. On a 64bit system, a local attacker could manipulate 32bit system calls to gain root privileges. (CVE-2010-3301)\n\nAl Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2009-4895)\n\nGleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. (CVE-2010-0435)\n\nDan Rosenberg discovered that the MOVE_EXT ext4 ioctl did not correctly check file permissions. A local attacker could overwrite append-only files, leading to potential data loss. (CVE-2010-2066)\n\nDan Rosenberg discovered that the swapexit xfs ioctl did not correctly check file permissions. A local attacker could exploit this to read from write-only files, leading to a loss of privacy. (CVE-2010-2226)\n\nSuresh Jayaraman discovered that CIFS did not correctly validate certain response packats. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-2248)\n\nBen Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. (CVE-2010-2478, CVE-2010-3084)\n\nJames Chapman discovered that L2TP did not correctly evaluate checksum capabilities. If an attacker could make malicious routing changes, they could crash the system, leading to a denial of service. (CVE-2010-2495)\n\nNeil Brown discovered that NFSv4 did not correctly check certain write requests. A remote attacker could send specially crafted traffic that could crash the system or possibly gain root privileges. (CVE-2010-2521)\n\nDavid Howells discovered that DNS resolution in CIFS could be spoofed. A local attacker could exploit this to control DNS replies, leading to a loss of privacy and possible privilege escalation. (CVE-2010-2524)\n\nDan Rosenberg discovered that the btrfs filesystem did not correctly validate permissions when using the clone function. A local attacker could overwrite the contents of file handles that were opened for append-only, or potentially read arbitrary contents, leading to a loss of privacy. (CVE-2010-2537, CVE-2010-2538)\n\nBob Peterson discovered that GFS2 rename operations did not correctly validate certain sizes. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-2798)\n\nEric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (CVE-2010-2942, CVE-2010-3477)\n\nDave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. (CVE-2010-2943)\n\nSergey Vlasov discovered that JFS did not correctly handle certain extended attributes. A local attacker could bypass namespace access rules, leading to a loss of privacy. (CVE-2010-2946)\n\nTavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. (CVE-2010-2954)\n\nBrad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n\nTavis Ormandy discovered that the session keyring did not correctly check for its parent. On systems without a default session keyring, a local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-2960)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. (CVE-2010-2962)\n\nKees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. (CVE-2010-2963)\n\nToshiyuki Okajima discovered that ext4 did not correctly check certain parameters. A local attacker could exploit this to crash the system or overwrite the last block of large files. (CVE-2010-3015)\n\nTavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2010-3067)\n\nDan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (CVE-2010-3078)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3079)\n\nTavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2010-3080)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, CVE-2010-3298)\n\nDan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. (CVE-2010-3310)\n\nThomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2010-3432)\n\nDan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2010-3437)\n\nDan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3442)\n\nDan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-3705)\n\nBrad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. (CVE-2010-3859)\n\nKees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. (CVE-2010-3861)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3874)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4072)\n\nDan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4073)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4082)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to to crash the kernel, or possibly gain root privileges. (CVE-2010-4160)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4164)\n\nSteve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4169)\n\nDan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4175)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nBrad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. (CVE-2010-4243)\n\nVegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service. (CVE-2010-4249)\n\nIt was discovered that named pipes did not correctly handle certain fcntl calls. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4256)\n\nNelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. If a local attacker were able to trigger certain kinds of kernel bugs, they could create a specially crafted process to gain root privileges. (CVE-2010-4258)\n\nKees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. (CVE-2010-4655)\n\nFrank Arnold discovered that the IGMP protocol did not correctly parse certain packets. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-0709)", "published": "2011-03-03T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1083-1/", "cvelist": ["CVE-2010-4242", "CVE-2010-2942", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-2066", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-2248", "CVE-2010-4073", "CVE-2010-2226", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-2946", "CVE-2009-4895", "CVE-2010-3437", "CVE-2010-2521", "CVE-2010-2943", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-4158", "CVE-2010-2524", "CVE-2010-3296", "CVE-2010-2478", "CVE-2010-3850", "CVE-2010-3015", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-2495", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-4243", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-2537", "CVE-2010-3084", "CVE-2010-4164", "CVE-2010-2798", "CVE-2010-4256", "CVE-2010-2962", "CVE-2011-0709", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-2538", "CVE-2010-4175", "CVE-2010-3861", "CVE-2010-3301", "CVE-2010-4655"], "lastseen": "2018-03-29T18:21:19"}, {"id": "USN-1202-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "description": "Dan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297)\n\nBrad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3874)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. (CVE-2010-3880)\n\nDan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4073)\n\nDan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to to crash the kernel, or possibly gain root privileges. (CVE-2010-4160)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163, CVE-2010-4668)\n\nDave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4169)\n\nDan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4175)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nBrad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec() calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. (CVE-2010-4243)\n\nIt was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4248)\n\nIt was discovered that named pipes did not correctly handle certain fcntl calls. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4256)\n\nDan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc filesystem. A local attacker could use this to increase the chances of a successful memory corruption exploit. (CVE-2010-4565)\n\nDan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\n\nKees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. (CVE-2010-4655)\n\nKees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2010-4656)\n\nGoldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file holes. A local attacker could exploit this to read uninitialized data from the disk, leading to a loss of privacy. (CVE-2011-0463)\n\nDan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl. If the dvb-ttpci module was loaded, a local attacker could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-0521)\n\nJens Kuehnel discovered that the InfiniBand driver contained a race condition. On systems using InfiniBand, a local attacker could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2011-0695)\n\nDan Rosenberg discovered that XFS did not correctly initialize memory. A local attacker could make crafted ioctl calls to leak portions of kernel stack memory, leading to a loss of privacy. (CVE-2011-0711)\n\nRafael Dominguez Vega discovered that the caiaq Native Instruments USB driver did not correctly validate string lengths. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2011-0712)\n\nKees Cook reported that /proc/pid/stat did not correctly filter certain memory locations. A local attacker could determine the memory layout of processes in an attempt to increase the chances of a successful memory corruption exploit. (CVE-2011-0726)\n\nTimo Warns discovered that MAC partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system or potentially gain root privileges. (CVE-2011-1010)\n\nTimo Warns discovered that LDM partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1012)\n\nMatthiew Herrb discovered that the drm modeset interface did not correctly handle a signed comparison. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2011-1013)\n\nMarek Ol\u0161\u00e1k discovered that the Radeon GPU drivers did not correctly validate certain registers. On systems with specific hardware, a local attacker could exploit this to write to arbitrary video memory. (CVE-2011-1016)\n\nTimo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. (CVE-2011-1017)\n\nVasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not needed to load kernel modules. A local attacker with the CAP_NET_ADMIN capability could load existing kernel modules, possibly increasing the attack surface available on the system. (CVE-2011-1019)\n\nIt was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities. (CVE-2011-1020)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly clear memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1078)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly check that device name strings were NULL terminated. A local attacker could exploit this to crash the system, leading to a denial of service, or leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1079)\n\nVasiliy Kulikov discovered that bridge network filtering did not check that name fields were NULL terminated. A local attacker could exploit this to leak contents of kernel stack memory, leading to a loss of privacy. (CVE-2011-1080)\n\nNelson Elhage discovered that the epoll subsystem did not correctly handle certain structures. A local attacker could create malicious requests that would hang the system, leading to a denial of service. (CVE-2011-1082)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain orders of operation with ACL data. A remote attacker with access to an NFSv4 mount could exploit this to crash the system, leading to a denial of service. (CVE-2011-1090)\n\nJohan Hovold discovered that the DCCP network stack did not correctly handle certain packet combinations. A remote attacker could send specially crafted network traffic that would crash the system, leading to a denial of service. (CVE-2011-1093)\n\nPeter Huewe discovered that the TPM device did not correctly initialize memory. A local attacker could exploit this to read kernel heap memory contents, leading to a loss of privacy. (CVE-2011-1160)\n\nTimo Warns discovered that OSF partition parsing routines did not correctly clear memory. A local attacker with physical access could plug in a specially crafted block device to read kernel memory, leading to a loss of privacy. (CVE-2011-1163)\n\nDan Rosenberg discovered that some ALSA drivers did not correctly check the adapter index during ioctl calls. If this driver was loaded, a local attacker could make a specially crafted ioctl call to gain root privileges. (CVE-2011-1169)\n\nVasiliy Kulikov discovered that the netfilter code did not check certain strings copied from userspace. A local attacker with netfilter access could exploit this to read kernel memory or crash the system, leading to a denial of service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)\n\nVasiliy Kulikov discovered that the Acorn Universal Networking driver did not correctly initialize memory. A remote attacker could send specially crafted traffic to read kernel stack memory, leading to a loss of privacy. (CVE-2011-1173)\n\nDan Rosenberg discovered that the IRDA subsystem did not correctly check certain field sizes. If a system was using IRDA, a remote attacker could send specially crafted traffic to crash the system or gain root privileges. (CVE-2011-1180)\n\nJulien Tinnes discovered that the kernel did not correctly validate the signal structure from tkill(). A local attacker could exploit this to send signals to arbitrary threads, possibly bypassing expected restrictions. (CVE-2011-1182)\n\nRyan Sweat discovered that the GRO code did not correctly validate memory. In some configurations on systems using VLANs, a remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2011-1478)\n\nDan Rosenberg discovered that the X.25 Rose network stack did not correctly handle certain fields. If a system was running with Rose enabled, a remote attacker could send specially crafted traffic to gain root privileges. (CVE-2011-1493)\n\nDan Rosenberg discovered that MPT devices did not correctly validate certain values in ioctl calls. If these drivers were loaded, a local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTimo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1577)\n\nTavis Ormandy discovered that the pidmap function did not correctly handle large requests. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did not correctly validate certain socket structures. If this driver was loaded, a local attacker could crash the system, leading to a denial of service. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl values. A local attacker with access to the video subsystem could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of certain memory allocations. A local attacker with access to the video subsystem could exploit this to run the system out of memory, leading to a denial of service. (CVE-2011-1746)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle certain packet structures. A remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-1770)\n\nVasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not correctly check the origin of mount points. A local attacker could exploit this to trick the system into unmounting arbitrary mount points, leading to a denial of service. (CVE-2011-1833)\n\nVasiliy Kulikov discovered that taskstats listeners were not correctly handled. A local attacker could expoit this to exhaust memory and CPU resources, leading to a denial of service. (CVE-2011-2484)\n\nIt was discovered that Bluetooth l2cap and rfcomm did not correctly initialize structures. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. (CVE-2011-2492)\n\nFernando Gont discovered that the IPv6 stack used predictable fragment identification numbers. A remote attacker could exploit this to exhaust network resources, leading to a denial of service. (CVE-2011-2699)\n\nThe performance counter subsystem did not correctly handle certain counters. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2011-2918)\n\nA flaw was found in the Linux kernel\u2019s /proc/*/_map_ interface. A local, unprivileged user could exploit this flaw to cause a denial of service. (CVE-2011-3637)\n\nDan Rosenberg discovered flaws in the linux Rose (X.25 PLP) layer used by amateur radio. A local user or a remote user on an X.25 network could exploit these flaws to execute arbitrary code as root. (CVE-2011-4913)\n\nBen Hutchings discovered several flaws in the Linux Rose (X.25 PLP) layer. A local user or a remote user on an X.25 network could exploit these flaws to execute arbitrary code as root. (CVE-2011-4914)", "published": "2011-09-13T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1202-1/", "cvelist": ["CVE-2010-4242", "CVE-2011-1017", "CVE-2011-0521", "CVE-2010-4163", "CVE-2011-2918", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4668", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2010-4083", "CVE-2011-1078", "CVE-2010-4082", "CVE-2011-1494", "CVE-2010-4649", "CVE-2011-1478", "CVE-2010-3859", "CVE-2011-1012", "CVE-2011-1598", "CVE-2011-2492", "CVE-2010-4080", "CVE-2010-4169", "CVE-2011-1173", "CVE-2010-4656", "CVE-2011-2699", "CVE-2010-3296", "CVE-2011-0463", "CVE-2011-2484", "CVE-2011-0711", "CVE-2010-4162", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-1079", "CVE-2011-1044", "CVE-2011-1770", "CVE-2011-0712", "CVE-2011-1019", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-1169", "CVE-2011-4913", "CVE-2011-1013", "CVE-2011-1833", "CVE-2011-4914", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4160", "CVE-2011-1093", "CVE-2011-1010", "CVE-2011-1020", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2010-3858", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1082", "CVE-2011-1493", "CVE-2010-4256", "CVE-2011-2534", "CVE-2011-3637", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-4565", "CVE-2010-4175", "CVE-2011-1080", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4655", "CVE-2011-1577", "CVE-2010-4076"], "lastseen": "2018-03-29T18:19:16"}, {"id": "USN-1093-1", "type": "ubuntu", "title": "Linux Kernel vulnerabilities (Marvell Dove)", "description": "Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. (CVE-2010-3904)\n\nNelson Elhage discovered several problems with the Acorn Econet protocol driver. A local user could cause a denial of service via a NULL pointer dereference, escalate privileges by overflowing the kernel stack, and assign Econet addresses to arbitrary interfaces. (CVE-2010-3848, CVE-2010-3849, CVE-2010-3850)\n\nBen Hutchings discovered that the ethtool interface did not correctly check certain sizes. A local attacker could perform malicious ioctl calls that could crash the system, leading to a denial of service. (CVE-2010-2478, CVE-2010-3084)\n\nEric Dumazet discovered that many network functions could leak kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (CVE-2010-2942, CVE-2010-3477)\n\nDave Chinner discovered that the XFS filesystem did not correctly order inode lookups when exported by NFS. A remote attacker could exploit this to read or write disk blocks that had changed file assignment or had become unlinked, leading to a loss of privacy. (CVE-2010-2943)\n\nTavis Ormandy discovered that the IRDA subsystem did not correctly shut down. A local attacker could exploit this to cause the system to crash or possibly gain root privileges. (CVE-2010-2954)\n\nBrad Spengler discovered that the wireless extensions did not correctly validate certain request sizes. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (CVE-2010-2955)\n\nTavis Ormandy discovered that the session keyring did not correctly check for its parent. On systems without a default session keyring, a local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-2960)\n\nKees Cook discovered that the Intel i915 graphics driver did not correctly validate memory regions. A local attacker with access to the video card could read and write arbitrary kernel memory to gain root privileges. (CVE-2010-2962)\n\nKees Cook discovered that the V4L1 32bit compat interface did not correctly validate certain parameters. A local attacker on a 64bit system with access to a video device could exploit this to gain root privileges. (CVE-2010-2963)\n\nTavis Ormandy discovered that the AIO subsystem did not correctly validate certain parameters. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2010-3067)\n\nDan Rosenberg discovered that certain XFS ioctls leaked kernel stack contents. A local attacker could exploit this to read portions of kernel memory, leading to a loss of privacy. (CVE-2010-3078)\n\nRobert Swiecki discovered that ftrace did not correctly handle mutexes. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3079)\n\nTavis Ormandy discovered that the OSS sequencer device did not correctly shut down. A local attacker could exploit this to crash the system or possibly gain root privileges. (CVE-2010-3080)\n\nDan Rosenberg discovered that several network ioctls did not clear kernel memory correctly. A local user could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3296, CVE-2010-3297, CVE-2010-3298)\n\nDan Rosenberg discovered that the ROSE driver did not correctly check parameters. A local attacker with access to a ROSE network device could exploit this to crash the system or possibly gain root privileges. (CVE-2010-3310)\n\nThomas Dreibholz discovered that SCTP did not correctly handle appending packet chunks. A remote attacker could send specially crafted traffic to crash the system, leading to a denial of service. (CVE-2010-3432)\n\nDan Rosenberg discovered that the CD driver did not correctly check parameters. A local attacker could exploit this to read arbitrary kernel memory, leading to a loss of privacy. (CVE-2010-3437)\n\nDan Rosenberg discovered that the Sound subsystem did not correctly validate parameters. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3442)\n\nDan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698)\n\nDan Rosenberg discovered that SCTP did not correctly handle HMAC calculations. A remote attacker could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-3705)\n\nBrad Spengler discovered that stack memory for new a process was not correctly calculated. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3858)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. (CVE-2010-3859)\n\nKees Cook discovered that the ethtool interface did not correctly clear kernel memory. A local attacker could read kernel heap memory, leading to a loss of privacy. (CVE-2010-3861)\n\nThomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. (CVE-2010-3880)\n\nVasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. (CVE-2010-3881)\n\nKees Cook and Vasiliy Kulikov discovered that the shm interface did not clear kernel memory correctly. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4072)\n\nDan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4073)\n\nDan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to to crash the kernel, or possibly gain root privileges. (CVE-2010-4160)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163, CVE-2010-4668)\n\nDan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4164)\n\nSteve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4169)\n\nDan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4175)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nIt was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service. (CVE-2010-4249)\n\nNelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. If a local attacker were able to trigger certain kinds of kernel bugs, they could create a specially crafted process to gain root privileges. (CVE-2010-4258)\n\nKrishna Gudipati discovered that the bfa adapter driver did not correctly initialize certain structures. A local attacker could read files in /sys to crash the system, leading to a denial of service. (CVE-2010-4343)\n\nTavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks. (CVE-2010-4346)\n\nIt was discovered that the ICMP stack did not correctly handle certain unreachable messages. If a remote attacker were able to acquire a socket lock, they could send specially crafted traffic that would crash the system, leading to a denial of service. (CVE-2010-4526)\n\nDan Rosenberg discovered that the OSS subsystem did not handle name termination correctly. A local attacker could exploit this crash the system or gain root privileges. (CVE-2010-4527)\n\nAn error was reported in the kernel\u2019s ORiNOCO wireless driver\u2019s handling of TKIP countermeasures. This reduces the amount of time an attacker needs breach a wireless network using WPA+TKIP for security. (CVE-2010-4648)\n\nDan Carpenter discovered that the Infiniband driver did not correctly handle certain requests. A local user could exploit this to crash the system or potentially gain root privileges. (CVE-2010-4649, CVE-2011-1044)\n\nAn error was discovered in the kernel\u2019s handling of CUSE (Character device in Userspace). A local attacker might exploit this flaw to escalate privilege, if access to /dev/cuse has been modified to allow non-root users. (CVE-2010-4650)\n\nKees Cook discovered that some ethtool functions did not correctly clear heap memory. A local attacker with CAP_NET_ADMIN privileges could exploit this to read portions of kernel heap memory, leading to a loss of privacy. (CVE-2010-4655)\n\nKees Cook discovered that the IOWarrior USB device driver did not correctly check certain size fields. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2010-4656)\n\nJoel Becker discovered that OCFS2 did not correctly validate on-disk symlink structures. If an attacker were able to trick a user or automated system into mounting a specially crafted filesystem, it could crash the system or expose kernel memory, leading to a loss of privacy. (CVE-2010-NNN2)\n\nA flaw was found in the kernel\u2019s Integrity Measurement Architecture (IMA). Changes made by an attacker might not be discovered by IMA, if SELinux was disabled, and a new IMA rule was loaded. (CVE-2011-0006)\n\nDan Carpenter discovered that the TTPCI DVB driver did not check certain values during an ioctl. If the dvb-ttpci module was loaded, a local attacker could exploit this to crash the system, leading to a denial of service, or possibly gain root privileges. (CVE-2011-0521)\n\nRafael Dominguez Vega discovered that the caiaq Native Instruments USB driver did not correctly validate string lengths. A local attacker with physical access could plug in a specially crafted USB device to crash the system or potentially gain root privileges. (CVE-2011-0712)\n\nTimo Warns discovered that MAC partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system or potentially gain root privileges. (CVE-2011-1010)\n\nTimo Warns discovered that LDM partition parsing routines did not correctly calculate block counts. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. (CVE-2011-1012)\n\nNelson Elhage discovered that the epoll subsystem did not correctly handle certain structures. A local attacker could create malicious requests that would hang the system, leading to a denial of service. (CVE-2011-1082)\n\nJohan Hovold discovered that the DCCP network stack did not correctly handle certain packet combinations. A remote attacker could send specially crafted network traffic that would crash the system, leading to a denial of service. (CVE-2011-1093)", "published": "2011-03-25T00:00:00", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1093-1/", "cvelist": ["CVE-2010-4242", "CVE-2010-2942", "CVE-2011-0521", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-3881", "CVE-2010-4346", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-2943", "CVE-2010-4082", "CVE-2010-4649", "CVE-2010-3859", "CVE-2010-3477", "CVE-2011-1012", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-4656", "CVE-2010-4158", "CVE-2010-3876", "CVE-2011-0006", "CVE-2010-3296", "CVE-2010-2478", "CVE-2010-3698", "CVE-2010-4526", "CVE-2010-3850", "CVE-2010-4650", "CVE-2010-4162", "CVE-2010-4258", "CVE-2011-1044", "CVE-2010-3442", "CVE-2011-0712", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-4648", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2011-1093", "CVE-2011-1010", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-3084", "CVE-2010-4164", "CVE-2011-1082", "CVE-2010-2962", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-4175", "CVE-2010-3861", "CVE-2010-4075", "CVE-2010-4655"], "lastseen": "2018-03-29T18:17:10"}, {"id": "USN-1071-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Tavis Ormandy discovered that the Linux kernel did not properly implement exception fixup. A local attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3086)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. (CVE-2010-3859)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3876)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. (CVE-2010-3880)\n\nDan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to to crash the kernel, or possibly gain root privileges. (CVE-2010-4160)", "published": "2011-02-25T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1071-1/", "cvelist": ["CVE-2010-4081", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-4080", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-4078"], "lastseen": "2018-03-29T18:19:42"}, {"id": "USN-1073-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Gleb Napatov discovered that KVM did not correctly check certain privileged operations. A local attacker with access to a guest kernel could exploit this to crash the host system, leading to a denial of service. (CVE-2010-0435)\n\nDan Jacobson discovered that ThinkPad video output was not correctly access controlled. A local attacker could exploit this to hang the system, leading to a denial of service. (CVE-2010-3448)\n\nIt was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-3698)\n\nDan Rosenberg discovered that the Linux kernel TIPC implementation contained multiple integer signedness errors. A local attacker could exploit this to gain root privileges. (CVE-2010-3859)\n\nThomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3865)\n\nDan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly parsed facilities. A remote attacker could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-3873)\n\nDan Rosenberg discovered that the CAN protocol on 64bit systems did not correctly calculate the size of certain buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. (CVE-2010-3874)\n\nVasiliy Kulikov discovered that the Linux kernel X.25 implementation did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3875)\n\nVasiliy Kulikov discovered that the Linux kernel sockets implementation did not properly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3876)\n\nVasiliy Kulikov discovered that the TIPC interface did not correctly initialize certain structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-3877)\n\nNelson Elhage discovered that the Linux kernel IPv4 implementation did not properly audit certain bytecodes in netlink messages. A local attacker could exploit this to cause the kernel to hang, leading to a denial of service. (CVE-2010-3880)\n\nDan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4073)\n\nDan Rosenberg discovered that the USB subsystem did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4074)\n\nDan Rosenberg discovered that the SiS video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4078)\n\nDan Rosenberg discovered that the ivtv V4L driver did not correctly initialize certian structures. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4079)\n\nDan Rosenberg discovered that the RME Hammerfall DSP audio interface driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4080, CVE-2010-4081)\n\nDan Rosenberg discovered that the VIA video driver did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4082)\n\nDan Rosenberg discovered that the semctl syscall did not correctly clear kernel memory. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. (CVE-2010-4083)\n\nJames Bottomley discovered that the ICP vortex storage array controller driver did not validate certain sizes. A local attacker on a 64bit system could exploit this to crash the kernel, leading to a denial of service. (CVE-2010-4157)\n\nDan Rosenberg discovered that the Linux kernel L2TP implementation contained multiple integer signedness errors. A local attacker could exploit this to to crash the kernel, or possibly gain root privileges. (CVE-2010-4160)\n\nSteve Chen discovered that setsockopt did not correctly check MSS values. A local attacker could make a specially crafted socket call to crash the system, leading to a denial of service. (CVE-2010-4165)\n\nDave Jones discovered that the mprotect system call did not correctly handle merged VMAs. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4169)\n\nIt was discovered that multithreaded exec did not handle CPU timers correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4248)\n\nVegard Nossum discovered that memory garbage collection was not handled correctly for active sockets. A local attacker could exploit this to allocate all available kernel memory, leading to a denial of service. (CVE-2010-4249)", "published": "2011-02-25T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1073-1/", "cvelist": ["CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4165", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4248", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-4078"], "lastseen": "2018-03-29T18:19:13"}], "openvas": [{"id": "OPENVAS:840618", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1092-1", "published": "2011-04-01T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840618", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4077", "CVE-2010-4076"], "lastseen": "2017-12-04T11:27:32"}, {"id": "OPENVAS:1361412562310840618", "type": "openvas", "title": "Ubuntu Update for linux-source-2.6.15 vulnerabilities USN-1092-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1092-1", "published": "2011-04-01T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840618", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4077", "CVE-2010-4076"], "lastseen": "2018-04-06T11:36:51"}, {"id": "OPENVAS:1361412562310840614", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1089-1", "published": "2011-03-24T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840614", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4175", "CVE-2010-4077", "CVE-2010-4076"], "lastseen": "2018-04-06T11:35:37"}, {"id": "OPENVAS:840614", "type": "openvas", "title": "Ubuntu Update for linux, linux-ec2 vulnerabilities USN-1089-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1089-1", "published": "2011-03-24T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840614", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4175", "CVE-2010-4077", "CVE-2010-4076"], "lastseen": "2017-12-04T11:27:03"}, {"id": "OPENVAS:881399", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0162 centos4 x86_64", "description": "Check for the Version of kernel", "published": "2012-07-30T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=881399", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2018-01-11T11:07:33"}, {"id": "OPENVAS:840632", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1105-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1105-1", "published": "2011-04-11T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=840632", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4346", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4164", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "lastseen": "2017-12-04T11:26:50"}, {"id": "OPENVAS:1361412562310870380", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0162-01", "description": "Check for the Version of kernel", "published": "2011-01-21T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870380", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2018-04-09T11:36:57"}, {"id": "OPENVAS:880459", "type": "openvas", "title": "CentOS Update for kernel CESA-2011:0162 centos4 i386", "description": "Check for the Version of kernel", "published": "2011-01-31T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=880459", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2017-07-25T10:55:57"}, {"id": "OPENVAS:870380", "type": "openvas", "title": "RedHat Update for kernel RHSA-2011:0162-01", "description": "Check for the Version of kernel", "published": "2011-01-21T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=870380", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2017-07-27T10:55:18"}, {"id": "OPENVAS:1361412562310840632", "type": "openvas", "title": "Ubuntu Update for linux vulnerabilities USN-1105-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1105-1", "published": "2011-04-11T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840632", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4346", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4164", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "lastseen": "2018-04-06T11:35:06"}], "nessus": [{"id": "UBUNTU_USN-1092-1.NASL", "type": "nessus", "title": "Ubuntu 6.06 LTS : linux-source-2.6.15 vulnerabilities (USN-1092-1)", "description": "Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4077)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-03-27T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=52991", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "lastseen": "2017-10-29T13:42:18"}, {"id": "UBUNTU_USN-1089-1.NASL", "type": "nessus", "title": "Ubuntu 9.10 : linux, linux-ec2 vulnerabilities (USN-1089-1)", "description": "Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075, CVE-2010-4076, CVE-2010-4077)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163)\n\nDan Rosenberg discovered that the RDS protocol did not correctly check ioctl arguments. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4175)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-03-21T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=52739", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4175", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "lastseen": "2017-10-29T13:44:06"}, {"id": "SL_20110118_KERNEL_ON_SL4_X.NASL", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL4.x i386/x86_64", "description": "This update fixes the following security issues :\n\n - A heap overflow flaw was found in the Linux kernel's Transparent Inter-Process Communication protocol (TIPC) implementation. A local, unprivileged user could use this flaw to escalate their privileges. (CVE-2010-3859, Important)\n\n - Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2010-4157, Moderate)\n\n - A NULL pointer dereference flaw was found in the Bluetooth HCI UART driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n - A flaw was found in the Linux kernel's garbage collector for AF_UNIX sockets. A local, unprivileged user could use this flaw to trigger a denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n - Missing initialization flaws were found in the Linux kernel. A local, unprivileged user could use these flaws to cause information leaks. (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, CVE-2010-4158, Low)\n\nThis update also fixes the following bugs :\n\n - A flaw was found in the Linux kernel where, if used in conjunction with another flaw that can result in a kernel Oops, could possibly lead to privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the sysctl panic_on_oops variable is turned on by default. However, as a preventive measure if the variable is turned off by an administrator, this update addresses the issue. (BZ#659568)\n\n - On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is achieved by using page-based sk_buff buffers without any packet split. The entire frame data is copied to the page(s) rather than some to the skb->data area and some to the page(s) when performing a typical packet-split. This caused problems with the filtering code and frames were getting dropped before they were received by listening applications. This bug could eventually lead to the IP address being released and not being able to be re-acquired from DHCP if the MTU (Maximum Transfer Unit) was changed (for an affected interface using the e1000e driver). With this update, frames are no longer dropped and an IP address is correctly re-acquired after a previous release.\n (BZ#664667)\n\nThe system must be rebooted for this update to take effect.", "published": "2012-08-01T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=60938", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2017-10-29T13:46:13"}, {"id": "UBUNTU_USN-1105-1.NASL", "type": "nessus", "title": "Ubuntu 8.04 LTS : linux vulnerabilities (USN-1105-1)", "description": "Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4075)\n\nDan Rosenberg discovered that the socket filters did not correctly initialize structure memory. A local attacker could create malicious filters to read portions of kernel stack memory, leading to a loss of privacy. (CVE-2010-4158)\n\nDan Rosenberg discovered that certain iovec operations did not calculate page counts correctly. A local attacker could exploit this to crash the system, leading to a denial of service. (CVE-2010-4162)\n\nDan Rosenberg discovered that the SCSI subsystem did not correctly validate iov segments. A local attacker with access to a SCSI device could send specially crafted requests to crash the system, leading to a denial of service. (CVE-2010-4163, CVE-2010-4668)\n\nDan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service.\n(CVE-2010-4164)\n\nAlan Cox discovered that the HCI UART driver did not correctly check if a write operation was available. If the mmap_min-addr sysctl was changed from the Ubuntu default to a value of 0, a local attacker could exploit this flaw to gain root privileges. (CVE-2010-4242)\n\nNelson Elhage discovered that the kernel did not correctly handle process cleanup after triggering a recoverable kernel bug. If a local attacker were able to trigger certain kinds of kernel bugs, they could create a specially crafted process to gain root privileges.\n(CVE-2010-4258)\n\nTavis Ormandy discovered that the install_special_mapping function could bypass the mmap_min_addr restriction. A local attacker could exploit this to mmap 4096 bytes below the mmap_min_addr area, possibly improving the chances of performing NULL pointer dereference attacks.\n(CVE-2010-4346).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2011-04-06T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=53303", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-4668", "CVE-2010-4346", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4164", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4076"], "lastseen": "2017-10-29T13:38:07"}, {"id": "CENTOS_RHSA-2011-0162.NASL", "type": "nessus", "title": "CentOS 4 : kernel (CESA-2011:0162)", "description": "Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A heap overflow flaw was found in the Linux kernel's Transparent Inter-Process Communication protocol (TIPC) implementation. A local, unprivileged user could use this flaw to escalate their privileges.\n(CVE-2010-3859, Important)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2010-4157, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* A flaw was found in the Linux kernel's garbage collector for AF_UNIX sockets. A local, unprivileged user could use this flaw to trigger a denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n* Missing initialization flaws were found in the Linux kernel. A local, unprivileged user could use these flaws to cause information leaks. (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Alan Cox for reporting CVE-2010-4242;\nVegard Nossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and CVE-2010-4158.\n\nThis update also fixes the following bugs :\n\n* A flaw was found in the Linux kernel where, if used in conjunction with another flaw that can result in a kernel Oops, could possibly lead to privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the sysctl panic_on_oops variable is turned on by default.\nHowever, as a preventive measure if the variable is turned off by an administrator, this update addresses the issue. Red Hat would like to thank Nelson Elhage for reporting this vulnerability. (BZ#659568)\n\n* On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is achieved by using page-based sk_buff buffers without any packet split. The entire frame data is copied to the page(s) rather than some to the skb->data area and some to the page(s) when performing a typical packet-split. This caused problems with the filtering code and frames were getting dropped before they were received by listening applications. This bug could eventually lead to the IP address being released and not being able to be re-acquired from DHCP if the MTU (Maximum Transfer Unit) was changed (for an affected interface using the e1000e driver). With this update, frames are no longer dropped and an IP address is correctly re-acquired after a previous release.\n(BZ#664667)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2011-01-28T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=51786", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2017-10-29T13:33:52"}, {"id": "ORACLELINUX_ELSA-2011-0162.NASL", "type": "nessus", "title": "Oracle Linux 4 : kernel (ELSA-2011-0162)", "description": "From Red Hat Security Advisory 2011:0162 :\n\nUpdated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A heap overflow flaw was found in the Linux kernel's Transparent Inter-Process Communication protocol (TIPC) implementation. A local, unprivileged user could use this flaw to escalate their privileges.\n(CVE-2010-3859, Important)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2010-4157, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* A flaw was found in the Linux kernel's garbage collector for AF_UNIX sockets. A local, unprivileged user could use this flaw to trigger a denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n* Missing initialization flaws were found in the Linux kernel. A local, unprivileged user could use these flaws to cause information leaks. (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Alan Cox for reporting CVE-2010-4242;\nVegard Nossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and CVE-2010-4158.\n\nThis update also fixes the following bugs :\n\n* A flaw was found in the Linux kernel where, if used in conjunction with another flaw that can result in a kernel Oops, could possibly lead to privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the sysctl panic_on_oops variable is turned on by default.\nHowever, as a preventive measure if the variable is turned off by an administrator, this update addresses the issue. Red Hat would like to thank Nelson Elhage for reporting this vulnerability. (BZ#659568)\n\n* On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is achieved by using page-based sk_buff buffers without any packet split. The entire frame data is copied to the page(s) rather than some to the skb->data area and some to the page(s) when performing a typical packet-split. This caused problems with the filtering code and frames were getting dropped before they were received by listening applications. This bug could eventually lead to the IP address being released and not being able to be re-acquired from DHCP if the MTU (Maximum Transfer Unit) was changed (for an affected interface using the e1000e driver). With this update, frames are no longer dropped and an IP address is correctly re-acquired after a previous release.\n(BZ#664667)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2013-07-12T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68182", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2017-10-29T13:39:24"}, {"id": "REDHAT-RHSA-2011-0162.NASL", "type": "nessus", "title": "RHEL 4 : kernel (RHSA-2011:0162)", "description": "Updated kernel packages that fix multiple security issues and two bugs are now available for Red Hat Enterprise Linux 4.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A heap overflow flaw was found in the Linux kernel's Transparent Inter-Process Communication protocol (TIPC) implementation. A local, unprivileged user could use this flaw to escalate their privileges.\n(CVE-2010-3859, Important)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit system could use these flaws to cause a denial of service or escalate their privileges. (CVE-2010-4157, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* A flaw was found in the Linux kernel's garbage collector for AF_UNIX sockets. A local, unprivileged user could use this flaw to trigger a denial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n* Missing initialization flaws were found in the Linux kernel. A local, unprivileged user could use these flaws to cause information leaks. (CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Alan Cox for reporting CVE-2010-4242;\nVegard Nossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for reporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and CVE-2010-4158.\n\nThis update also fixes the following bugs :\n\n* A flaw was found in the Linux kernel where, if used in conjunction with another flaw that can result in a kernel Oops, could possibly lead to privilege escalation. It does not affect Red Hat Enterprise Linux 4 as the sysctl panic_on_oops variable is turned on by default.\nHowever, as a preventive measure if the variable is turned off by an administrator, this update addresses the issue. Red Hat would like to thank Nelson Elhage for reporting this vulnerability. (BZ#659568)\n\n* On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is achieved by using page-based sk_buff buffers without any packet split. The entire frame data is copied to the page(s) rather than some to the skb->data area and some to the page(s) when performing a typical packet-split. This caused problems with the filtering code and frames were getting dropped before they were received by listening applications. This bug could eventually lead to the IP address being released and not being able to be re-acquired from DHCP if the MTU (Maximum Transfer Unit) was changed (for an affected interface using the e1000e driver). With this update, frames are no longer dropped and an IP address is correctly re-acquired after a previous release.\n(BZ#664667)\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.", "published": "2011-01-19T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=51569", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2017-10-29T13:44:04"}, {"id": "ORACLELINUX_ELSA-2011-0004.NASL", "type": "nessus", "title": "Oracle Linux 5 : kernel (ELSA-2011-0004)", "description": "From Red Hat Security Advisory 2011:0004 :\n\nUpdated kernel packages that fix multiple security issues, several bugs, and add an enhancement are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could use this flaw to cause a denial of service.\n(CVE-2010-3432, Important)\n\n* A missing integer overflow check was found in snd_ctl_new() in the Linux kernel's sound subsystem. A local, unprivileged user on a 32-bit system could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process Communication protocol (TIPC) implementation could allow a local, unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O interface back end. A privileged guest user could use this flaw to cause a denial of service on the host system running the Xen hypervisor. (CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux kernel. When making the size of the argument and environment area on the stack very large, it could trigger a BUG_ON(), resulting in a local denial of service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for monitoring the sockets of INET transport protocols. By sending a netlink message with certain bytecode, a local, unprivileged user could cause a denial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit system could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243 introduced a regression. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4161, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor could place invalid data in the memory that the guest shared with the blkback and blktap back-end drivers, resulting in a denial of service on the host system. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks implementation for the POSIX clock interface. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4248, Moderate)\n\n* Missing initialization flaws in the Linux kernel could lead to information leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442, CVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting CVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson Elhage for reporting CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; and Vasiliy Kulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement.\nDocumentation for the bug fixes and the enhancement will be available shortly from the Technical Notes document, linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs and add the enhancement noted in the Technical Notes. The system must be rebooted for this update to take effect.", "published": "2013-07-12T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=68176", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "lastseen": "2018-02-09T23:02:30"}, {"id": "CENTOS_RHSA-2011-0004.NASL", "type": "nessus", "title": "CentOS 5 : kernel (CESA-2011:0004)", "description": "Updated kernel packages that fix multiple security issues, several bugs, and add an enhancement are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's Stream Control Transmission Protocol (SCTP) implementation. A remote attacker could use this flaw to cause a denial of service.\n(CVE-2010-3432, Important)\n\n* A missing integer overflow check was found in snd_ctl_new() in the Linux kernel's sound subsystem. A local, unprivileged user on a 32-bit system could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process Communication protocol (TIPC) implementation could allow a local, unprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O interface back end. A privileged guest user could use this flaw to cause a denial of service on the host system running the Xen hypervisor. (CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux kernel. When making the size of the argument and environment area on the stack very large, it could trigger a BUG_ON(), resulting in a local denial of service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for monitoring the sockets of INET transport protocols. By sending a netlink message with certain bytecode, a local, unprivileged user could cause a denial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver in the Linux kernel. A local user with access to '/dev/gdth' on a 64-bit system could use this flaw to cause a denial of service or escalate their privileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243 introduced a regression. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4161, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor could place invalid data in the memory that the guest shared with the blkback and blktap back-end drivers, resulting in a denial of service on the host system. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks implementation for the POSIX clock interface. A local, unprivileged user could use this flaw to cause a denial of service. (CVE-2010-4248, Moderate)\n\n* Missing initialization flaws in the Linux kernel could lead to information leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442, CVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting CVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson Elhage for reporting CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; and Vasiliy Kulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement.\nDocumentation for the bug fixes and the enhancement will be available shortly from the Technical Notes document, linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported patches to correct these issues, and fix the bugs and add the enhancement noted in the Technical Notes. The system must be rebooted for this update to take effect.", "published": "2011-01-07T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=51426", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "lastseen": "2018-02-09T22:56:22"}, {"id": "SUSE_KERNEL-7381.NASL", "type": "nessus", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7381)", "description": "This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs.\n\nThe following security issues were fixed :\n\n - A memory leak in the ethtool ioctl was fixed that could disclose kernel memory to local attackers with CAP_NET_ADMIN privileges. (CVE-2010-4655)\n\n - The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel did not check the sign of a certain integer field, which allowed local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value. (CVE-2011-0521)\n\n - The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel did not initialize a certain structure, which allowed local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. (CVE-2010-3875)\n\n - net/packet/af_packet.c in the Linux kernel did not properly initialize certain structure members, which allowed local users to obtain potentially sensitive information from kernel stack memory by leveraging the CAP_NET_RAW capability to read copies of the applicable structures. (CVE-2010-3876)\n\n - The get_name function in net/tipc/socket.c in the Linux kernel did not initialize a certain structure, which allowed local users to obtain potentially sensitive information from kernel stack memory by reading a copy of this structure. (CVE-2010-3877)\n\n - A stack memory information leak in the xfs FSGEOMETRY_V1 ioctl was fixed. (CVE-2011-0711)\n\n - The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel on the s390 platform allowed local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.\n (CVE-2011-0710)\n\n - The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel, when SCTP is enabled, allowed remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error data. (CVE-2010-1173)\n\n - The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel did not properly initialize a certain structure member, which allowed local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. (CVE-2010-4075)\n\n - The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel did not properly initialize a certain structure member, which allowed local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. (CVE-2010-4076)\n\n - The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel did not properly initialize a certain structure member, which allowed local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. (CVE-2010-4077)\n\n - The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux kernel incorrectly expected that a certain name field ends with a '0' character, which allowed local users to conduct buffer overflow attacks and gain privileges, or possibly obtain sensitive information from kernel memory, via a SOUND_MIXER_SETLEVELS ioctl call. (CVE-2010-4527)\n\n - Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel allowed local users to cause a denial of service via vectors related to multithreaded exec, the use of a thread group leader in kernel/posix-cpu-timers.c, and the selection of a new thread group leader in the de_thread function in fs/exec.c. (CVE-2010-4248)\n\n - The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel allowed local users to cause a denial of service (panic) via a zero-length I/O request in a device ioctl to a SCSI device, related to an unaligned map. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4163. (CVE-2010-4668)\n\n - The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux kernel did not verify whether the tty has a write operation, which allowed local users to cause a denial of service (NULL pointer dereference) via vectors related to the Bluetooth driver. (CVE-2010-4242)\n\n - Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel on platforms other than x86 allowed local users to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES getsockopt call. (CVE-2010-4529)\n\n - The aun_incoming function in net/econet/af_econet.c in the Linux kernel, when Econet is enabled, allowed remote attackers to cause a denial of service (NULL pointer dereference and OOPS) by sending an Acorn Universal Networking (AUN) packet over UDP. (CVE-2010-4342)\n\n - Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel allowed remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. (CVE-2010-4526)", "published": "2011-03-25T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=52971", "cvelist": ["CVE-2010-4242", "CVE-2011-0521", "CVE-2010-4163", "CVE-2010-4529", "CVE-2010-4668", "CVE-2010-4527", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-0711", "CVE-2011-0710", "CVE-2010-4248", "CVE-2010-4342", "CVE-2010-1173", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4655", "CVE-2010-4076"], "lastseen": "2017-10-29T13:35:21"}], "centos": [{"id": "CESA-2011:0162", "type": "centos", "title": "kernel security update", "description": "**CentOS Errata and Security Advisory** CESA-2011:0162\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A heap overflow flaw was found in the Linux kernel's Transparent\nInter-Process Communication protocol (TIPC) implementation. A local,\nunprivileged user could use this flaw to escalate their privileges.\n(CVE-2010-3859, Important)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\nin the Linux kernel. A local user with access to \"/dev/gdth\" on a 64-bit\nsystem could use these flaws to cause a denial of service or escalate their\nprivileges. (CVE-2010-4157, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4242, Moderate)\n\n* A flaw was found in the Linux kernel's garbage collector for AF_UNIX\nsockets. A local, unprivileged user could use this flaw to trigger a\ndenial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n* Missing initialization flaws were found in the Linux kernel. A local,\nunprivileged user could use these flaws to cause information leaks.\n(CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\nCVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Alan Cox for reporting CVE-2010-4242; Vegard\nNossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting\nCVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for\nreporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\nCVE-2010-4158.\n\nThis update also fixes the following bugs:\n\n* A flaw was found in the Linux kernel where, if used in conjunction with\nanother flaw that can result in a kernel Oops, could possibly lead to\nprivilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\nsysctl panic_on_oops variable is turned on by default. However, as a\npreventive measure if the variable is turned off by an administrator, this\nupdate addresses the issue. Red Hat would like to thank Nelson Elhage for\nreporting this vulnerability. (BZ#659568)\n\n* On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\nachieved by using page-based sk_buff buffers without any packet split. The\nentire frame data is copied to the page(s) rather than some to the\nskb->data area and some to the page(s) when performing a typical\npacket-split. This caused problems with the filtering code and frames were\ngetting dropped before they were received by listening applications. This\nbug could eventually lead to the IP address being released and not being\nable to be re-acquired from DHCP if the MTU (Maximum Transfer Unit) was\nchanged (for an affected interface using the e1000e driver). With this\nupdate, frames are no longer dropped and an IP address is correctly\nre-acquired after a previous release. (BZ#664667)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017245.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017246.html\n\n**Affected packages:**\nkernel\nkernel-devel\nkernel-doc\nkernel-hugemem\nkernel-hugemem-devel\nkernel-largesmp\nkernel-largesmp-devel\nkernel-smp\nkernel-smp-devel\nkernel-xenU\nkernel-xenU-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0162.html", "published": "2011-01-27T04:25:23", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/017245.html", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2017-10-12T14:44:57"}, {"id": "CESA-2011:0004", "type": "centos", "title": "kernel security update", "description": "**CentOS Errata and Security Advisory** CESA-2011:0004\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's Stream\nControl Transmission Protocol (SCTP) implementation. A remote attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3432,\nImportant)\n\n* A missing integer overflow check was found in snd_ctl_new() in the Linux\nkernel's sound subsystem. A local, unprivileged user on a 32-bit system\ncould use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged user\ncould use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to cause a\ndenial of service on the host system running the Xen hypervisor.\n(CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on the\nstack very large, it could trigger a BUG_ON(), resulting in a local denial\nof service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\nmonitoring the sockets of INET transport protocols. By sending a netlink\nmessage with certain bytecode, a local, unprivileged user could cause a\ndenial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\nin the Linux kernel. A local user with access to \"/dev/gdth\" on a 64-bit\nsystem could use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\nintroduced a regression. A local, unprivileged user could use this flaw to\ncause a denial of service. (CVE-2010-4161, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor could\nplace invalid data in the memory that the guest shared with the blkback and\nblktap back-end drivers, resulting in a denial of service on the host\nsystem. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks implementation for\nthe POSIX clock interface. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4248, Moderate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson Elhage for\nreporting CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; and Vasiliy\nKulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement. Documentation\nfor the bug fixes and the enhancement will be available shortly from the\nTechnical Notes document, linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs and add the enhancement\nnoted in the Technical Notes. The system must be rebooted for this update\nto take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017221.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-January/017222.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0004.html", "published": "2011-01-06T07:23:15", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2011-January/017221.html", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "lastseen": "2017-10-03T18:24:58"}, {"id": "CESA-2010:0723", "type": "centos", "title": "kernel security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0723\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A buffer overflow flaw was found in the ecryptfs_uid_hash() function in\nthe Linux kernel eCryptfs implementation. On systems that have the eCryptfs\nnetlink transport (Red Hat Enterprise Linux 5 does) or where the\n\"/dev/ecryptfs\" file has world writable permissions (which it does not, by\ndefault, on Red Hat Enterprise Linux 5), a local, unprivileged user could\nuse this flaw to cause a denial of service or possibly escalate their\nprivileges. (CVE-2010-2492, Important)\n\n* A miscalculation of the size of the free space of the initial directory\nentry in a directory leaf block was found in the Linux kernel Global File\nSystem 2 (GFS2) implementation. A local, unprivileged user with write\naccess to a GFS2-mounted file system could perform a rename operation on\nthat file system to trigger a NULL pointer dereference, possibly resulting\nin a denial of service or privilege escalation. (CVE-2010-2798, Important)\n\n* A flaw was found in the Xen hypervisor implementation when running a\nsystem that has an Intel CPU without Extended Page Tables (EPT) support.\nWhile attempting to dump information about a crashing fully-virtualized\nguest, the flaw could cause the hypervisor to crash the host as well. A\nuser with permissions to configure a fully-virtualized guest system could\nuse this flaw to crash the host. (CVE-2010-2938, Moderate)\n\n* Information leak flaws were found in the Linux kernel's Traffic Control\nUnit implementation. A local attacker could use these flaws to cause the\nkernel to leak kernel memory to user-space, possibly leading to the\ndisclosure of sensitive information. (CVE-2010-2942, Moderate)\n\n* A flaw was found in the Linux kernel's XFS file system implementation.\nThe file handle lookup could return an invalid inode as valid. If an XFS\nfile system was mounted via NFS (Network File System), a local attacker\ncould access stale data or overwrite existing data that reused the inodes.\n(CVE-2010-2943, Moderate)\n\n* An integer overflow flaw was found in the extent range checking code in\nthe Linux kernel's ext4 file system implementation. A local, unprivileged\nuser with write access to an ext4-mounted file system could trigger this\nflaw by writing to a file at a very large file offset, resulting in a local\ndenial of service. (CVE-2010-3015, Moderate)\n\n* An information leak flaw was found in the Linux kernel's USB\nimplementation. Certain USB errors could result in an uninitialized kernel\nbuffer being sent to user-space. An attacker with physical access to a\ntarget system could use this flaw to cause an information leak.\n(CVE-2010-1083, Low)\n\nRed Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;\nGrant Diffey of CenITex for reporting CVE-2010-2798; Toshiyuki Okajima for\nreporting CVE-2010-3015; and Marcus Meissner for reporting CVE-2010-1083.\n\nThis update also fixes several bugs. Documentation for these bug fixes will\nbe available shortly from the Technical Notes document linked to in the\nReferences.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-September/017030.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-September/017031.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0723.html", "published": "2010-09-30T11:36:09", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-September/017030.html", "cvelist": ["CVE-2010-2942", "CVE-2010-2492", "CVE-2010-2943", "CVE-2010-3015", "CVE-2010-2938", "CVE-2010-1083", "CVE-2010-2798"], "lastseen": "2017-10-03T18:24:42"}, {"id": "CESA-2010:0898", "type": "centos", "title": "kmod, kvm security update", "description": "**CentOS Errata and Security Advisory** CESA-2010:0898\n\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for\nthe standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM handled the reloading of fs and gs\nsegment registers when they had invalid selectors. A privileged host user\nwith access to \"/dev/kvm\" could use this flaw to crash the host (denial of\nservice). (CVE-2010-3698)\n\nAll KVM users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. Note: The procedure in the Solution\nsection must be performed before this update will take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2010-December/017213.html\nhttp://lists.centos.org/pipermail/centos-announce/2010-December/017214.html\n\n**Affected packages:**\nkmod-kvm\nkvm\nkvm-qemu-img\nkvm-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2010-0898.html", "published": "2010-12-13T20:21:04", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2010-December/017213.html", "cvelist": ["CVE-2010-3698"], "lastseen": "2017-10-03T18:25:36"}, {"id": "CESA-2011:0303", "type": "centos", "title": "kernel security update", "description": "**CentOS Errata and Security Advisory** CESA-2011:0303\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the Linux kernel's garbage collector for AF_UNIX\nsockets. A local, unprivileged user could use this flaw to trigger a\ndenial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n* A flaw was found in the Linux kernel's networking subsystem. If the\nnumber of packets received exceeded the receiver's buffer limit, they were\nqueued in a backlog, consuming memory, instead of being discarded. A remote\nattacker could abuse this flaw to cause a denial of service (out-of-memory\ncondition). (CVE-2010-4251, Moderate)\n\n* A missing initialization flaw was found in the ethtool_get_regs()\nfunction in the Linux kernel's ethtool IOCTL handler. A local user who has\nthe CAP_NET_ADMIN capability could use this flaw to cause an information\nleak. (CVE-2010-4655, Low)\n\nRed Hat would like to thank Vegard Nossum for reporting CVE-2010-4249, and\nKees Cook for reporting CVE-2010-4655.\n\nThis update also fixes several bugs. Documentation for these bug fixes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/017348.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/017349.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0303.html", "published": "2011-04-14T19:48:06", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2011-April/017348.html", "cvelist": ["CVE-2010-4251", "CVE-2010-4805", "CVE-2010-4249", "CVE-2010-4655"], "lastseen": "2017-10-03T18:26:16"}], "redhat": [{"id": "RHSA-2011:0162", "type": "redhat", "title": "(RHSA-2011:0162) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A heap overflow flaw was found in the Linux kernel's Transparent\nInter-Process Communication protocol (TIPC) implementation. A local,\nunprivileged user could use this flaw to escalate their privileges.\n(CVE-2010-3859, Important)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\nin the Linux kernel. A local user with access to \"/dev/gdth\" on a 64-bit\nsystem could use these flaws to cause a denial of service or escalate their\nprivileges. (CVE-2010-4157, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4242, Moderate)\n\n* A flaw was found in the Linux kernel's garbage collector for AF_UNIX\nsockets. A local, unprivileged user could use this flaw to trigger a\ndenial of service (out-of-memory condition). (CVE-2010-4249, Moderate)\n\n* Missing initialization flaws were found in the Linux kernel. A local,\nunprivileged user could use these flaws to cause information leaks.\n(CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080,\nCVE-2010-4083, CVE-2010-4158, Low)\n\nRed Hat would like to thank Alan Cox for reporting CVE-2010-4242; Vegard\nNossum for reporting CVE-2010-4249; Vasiliy Kulikov for reporting\nCVE-2010-3876; Kees Cook for reporting CVE-2010-4072; and Dan Rosenberg for\nreporting CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4083, and\nCVE-2010-4158.\n\nThis update also fixes the following bugs:\n\n* A flaw was found in the Linux kernel where, if used in conjunction with\nanother flaw that can result in a kernel Oops, could possibly lead to\nprivilege escalation. It does not affect Red Hat Enterprise Linux 4 as the\nsysctl panic_on_oops variable is turned on by default. However, as a\npreventive measure if the variable is turned off by an administrator, this\nupdate addresses the issue. Red Hat would like to thank Nelson Elhage for\nreporting this vulnerability. (BZ#659568)\n\n* On Intel I/O Controller Hub 9 (ICH9) hardware, jumbo frame support is\nachieved by using page-based sk_buff buffers without any packet split. The\nentire frame data is copied to the page(s) rather than some to the\nskb->data area and some to the page(s) when performing a typical\npacket-split. This caused problems with the filtering code and frames were\ngetting dropped before they were received by listening applications. This\nbug could eventually lead to the IP address being released and not being\nable to be re-acquired from DHCP if the MTU (Maximum Transfer Unit) was\nchanged (for an affected interface using the e1000e driver). With this\nupdate, frames are no longer dropped and an IP address is correctly\nre-acquired after a previous release. (BZ#664667)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "published": "2011-01-18T05:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:0162", "cvelist": ["CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4075", "CVE-2010-4080", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4158", "CVE-2010-4242", "CVE-2010-4249"], "lastseen": "2017-09-09T07:19:51"}, {"id": "RHSA-2011:0004", "type": "redhat", "title": "(RHSA-2011:0004) Important: kernel security, bug fix, and enhancement update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in sctp_packet_config() in the Linux kernel's Stream\nControl Transmission Protocol (SCTP) implementation. A remote attacker\ncould use this flaw to cause a denial of service. (CVE-2010-3432,\nImportant)\n\n* A missing integer overflow check was found in snd_ctl_new() in the Linux\nkernel's sound subsystem. A local, unprivileged user on a 32-bit system\ncould use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-3442, Important)\n\n* A heap overflow flaw in the Linux kernel's Transparent Inter-Process\nCommunication protocol (TIPC) implementation could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3859, Important)\n\n* An integer overflow flaw was found in the Linux kernel's Reliable\nDatagram Sockets (RDS) protocol implementation. A local, unprivileged user\ncould use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-3865, Important)\n\n* A flaw was found in the Xenbus code for the unified block-device I/O\ninterface back end. A privileged guest user could use this flaw to cause a\ndenial of service on the host system running the Xen hypervisor.\n(CVE-2010-3699, Moderate)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on the\nstack very large, it could trigger a BUG_ON(), resulting in a local denial\nof service. (CVE-2010-3858, Moderate)\n\n* A flaw was found in inet_csk_diag_dump() in the Linux kernel's module for\nmonitoring the sockets of INET transport protocols. By sending a netlink\nmessage with certain bytecode, a local, unprivileged user could cause a\ndenial of service. (CVE-2010-3880, Moderate)\n\n* Missing sanity checks were found in gdth_ioctl_alloc() in the gdth driver\nin the Linux kernel. A local user with access to \"/dev/gdth\" on a 64-bit\nsystem could use this flaw to cause a denial of service or escalate their\nprivileges. (CVE-2010-4157, Moderate)\n\n* The fix for Red Hat Bugzilla bug 484590 as provided in RHSA-2009:1243\nintroduced a regression. A local, unprivileged user could use this flaw to\ncause a denial of service. (CVE-2010-4161, Moderate)\n\n* A NULL pointer dereference flaw was found in the Bluetooth HCI UART\ndriver in the Linux kernel. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4242, Moderate)\n\n* It was found that a malicious guest running on the Xen hypervisor could\nplace invalid data in the memory that the guest shared with the blkback and\nblktap back-end drivers, resulting in a denial of service on the host\nsystem. (CVE-2010-4247, Moderate)\n\n* A flaw was found in the Linux kernel's CPU time clocks implementation for\nthe POSIX clock interface. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2010-4248, Moderate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3876, CVE-2010-4083, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-3442,\nCVE-2010-4161, and CVE-2010-4083; Thomas Pollet for reporting\nCVE-2010-3865; Brad Spengler for reporting CVE-2010-3858; Nelson Elhage for\nreporting CVE-2010-3880; Alan Cox for reporting CVE-2010-4242; and Vasiliy\nKulikov for reporting CVE-2010-3876.\n\nThis update also fixes several bugs and adds an enhancement. Documentation\nfor the bug fixes and the enhancement will be available shortly from the\nTechnical Notes document, linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs and add the enhancement\nnoted in the Technical Notes. The system must be rebooted for this update\nto take effect.\n", "published": "2011-01-04T05:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:0004", "cvelist": ["CVE-2010-3432", "CVE-2010-3442", "CVE-2010-3699", "CVE-2010-3858", "CVE-2010-3859", "CVE-2010-3865", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4083", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-4242", "CVE-2010-4247", "CVE-2010-4248"], "lastseen": "2017-09-09T07:19:32"}, {"id": "RHSA-2011:0007", "type": "redhat", "title": "(RHSA-2011:0007) Important: kernel security and bug fix update", "description": "* Buffer overflow in eCryptfs. When /dev/ecryptfs has world writable\npermissions (which it does not, by default, on Red Hat Enterprise Linux 6),\na local, unprivileged user could use this flaw to cause a denial of service\nor possibly escalate their privileges. (CVE-2010-2492, Important)\n\n* Integer overflow in the RDS protocol implementation could allow a local,\nunprivileged user to cause a denial of service or escalate their\nprivileges. (CVE-2010-3865, Important)\n\n* Missing boundary checks in the PPP over L2TP sockets implementation could\nallow a local, unprivileged user to cause a denial of service or escalate\ntheir privileges. (CVE-2010-4160, Important)\n\n* NULL pointer dereference in the igb driver. If both Single Root I/O\nVirtualization (SR-IOV) and promiscuous mode were enabled on an interface\nusing igb, it could result in a denial of service when a tagged VLAN packet\nis received on that interface. (CVE-2010-4263, Important)\n\n* Missing initialization flaw in the XFS file system implementation, and in\nthe network traffic policing implementation, could allow a local,\nunprivileged user to cause an information leak. (CVE-2010-3078,\nCVE-2010-3477, Moderate)\n\n* NULL pointer dereference in the Open Sound System compatible sequencer\ndriver could allow a local, unprivileged user with access to /dev/sequencer\nto cause a denial of service. /dev/sequencer is only accessible to root and\nusers in the audio group by default. (CVE-2010-3080, Moderate)\n\n* Flaw in the ethtool IOCTL handler could allow a local user to cause an\ninformation leak. (CVE-2010-3861, Moderate)\n\n* Flaw in bcm_connect() in the Controller Area Network (CAN) Broadcast\nManager. On 64-bit systems, writing the socket address may overflow the\nprocname character array. (CVE-2010-3874, Moderate)\n\n* Flaw in the module for monitoring the sockets of INET transport\nprotocols could allow a local, unprivileged user to cause a denial of\nservice. (CVE-2010-3880, Moderate)\n\n* Missing boundary checks in the block layer implementation could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2010-4162,\nCVE-2010-4163, CVE-2010-4668, Moderate)\n\n* NULL pointer dereference in the Bluetooth HCI UART driver could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2010-4242,\nModerate)\n\n* Flaw in the Linux kernel CPU time clocks implementation for the POSIX\nclock interface could allow a local, unprivileged user to cause a denial of\nservice. (CVE-2010-4248, Moderate)\n\n* Flaw in the garbage collector for AF_UNIX sockets could allow a local,\nunprivileged user to trigger a denial of service. (CVE-2010-4249, Moderate)\n\n* Missing upper bound integer check in the AIO implementation could allow a\nlocal, unprivileged user to cause an information leak. (CVE-2010-3067, Low)\n\n* Missing initialization flaws could lead to information leaks.\n(CVE-2010-3298, CVE-2010-3876, CVE-2010-4072, CVE-2010-4073, CVE-2010-4074,\nCVE-2010-4075, CVE-2010-4077, CVE-2010-4079, CVE-2010-4080, CVE-2010-4081,\nCVE-2010-4082, CVE-2010-4083, CVE-2010-4158, Low)\n\n* Missing initialization flaw in KVM could allow a privileged host user\nwith access to /dev/kvm to cause an information leak. (CVE-2010-4525, Low)\n\nRed Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;\nThomas Pollet for reporting CVE-2010-3865; Dan Rosenberg for reporting\nCVE-2010-4160, CVE-2010-3078, CVE-2010-3874, CVE-2010-4162, CVE-2010-4163,\nCVE-2010-3298, CVE-2010-4073, CVE-2010-4074, CVE-2010-4075, CVE-2010-4077,\nCVE-2010-4079, CVE-2010-4080, CVE-2010-4081, CVE-2010-4082, CVE-2010-4083,\nand CVE-2010-4158; Kosuke Tatsukawa for reporting CVE-2010-4263; Tavis\nOrmandy for reporting CVE-2010-3080 and CVE-2010-3067; Kees Cook for\nreporting CVE-2010-3861 and CVE-2010-4072; Nelson Elhage for reporting\nCVE-2010-3880; Alan Cox for reporting CVE-2010-4242; Vegard Nossum for\nreporting CVE-2010-4249; Vasiliy Kulikov for reporting CVE-2010-3876; and\nStephan Mueller of atsec information security for reporting CVE-2010-4525.\n", "published": "2011-01-11T05:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:0007", "cvelist": ["CVE-2010-2492", "CVE-2010-3067", "CVE-2010-3078", "CVE-2010-3080", "CVE-2010-3298", "CVE-2010-3477", "CVE-2010-3861", "CVE-2010-3865", "CVE-2010-3874", "CVE-2010-3876", "CVE-2010-3880", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4074", "CVE-2010-4075", "CVE-2010-4077", "CVE-2010-4079", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4082", "CVE-2010-4083", "CVE-2010-4158", "CVE-2010-4160", "CVE-2010-4162", "CVE-2010-4163", "CVE-2010-4242", "CVE-2010-4248", "CVE-2010-4249", "CVE-2010-4263", "CVE-2010-4525", "CVE-2010-4668"], "lastseen": "2017-12-25T20:05:28"}, {"id": "RHSA-2011:0017", "type": "redhat", "title": "(RHSA-2011:0017) Important: Red Hat Enterprise Linux 5.6 kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A NULL pointer dereference flaw was found in the igb driver in the Linux\nkernel. If both the Single Root I/O Virtualization (SR-IOV) feature and\npromiscuous mode were enabled on an interface using igb, it could result in\na denial of service when a tagged VLAN packet is received on that\ninterface. (CVE-2010-4263, Important)\n\n* A missing sanity check was found in vbd_create() in the Xen hypervisor\nimplementation. As CD-ROM drives are not supported by the blkback back-end\ndriver, attempting to use a virtual CD-ROM drive with blkback could trigger\na denial of service (crash) on the host system running the Xen hypervisor.\n(CVE-2010-4238, Moderate)\n\n* A flaw was found in the Linux kernel execve() system call implementation.\nA local, unprivileged user could cause large amounts of memory to be\nallocated but not visible to the OOM (Out of Memory) killer, triggering a\ndenial of service. (CVE-2010-4243, Moderate)\n\n* A flaw was found in fixup_page_fault() in the Xen hypervisor\nimplementation. If a 64-bit para-virtualized guest accessed a certain area\nof memory, it could cause a denial of service on the host system running\nthe Xen hypervisor. (CVE-2010-4255, Moderate)\n\n* A missing initialization flaw was found in the bfa driver used by Brocade\nFibre Channel Host Bus Adapters. A local, unprivileged user could use this\nflaw to cause a denial of service by reading a file in the\n\"/sys/class/fc_host/host#/statistics/\" directory. (CVE-2010-4343, Moderate)\n\n* Missing initialization flaws in the Linux kernel could lead to\ninformation leaks. (CVE-2010-3296, CVE-2010-3877, CVE-2010-4072,\nCVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4158,\nLow)\n\nRed Hat would like to thank Kosuke Tatsukawa for reporting CVE-2010-4263;\nVladymyr Denysov for reporting CVE-2010-4238; Brad Spengler for reporting\nCVE-2010-4243; Dan Rosenberg for reporting CVE-2010-3296, CVE-2010-4073,\nCVE-2010-4075, CVE-2010-4080, CVE-2010-4081, and CVE-2010-4158; Vasiliy\nKulikov for reporting CVE-2010-3877; and Kees Cook for reporting\nCVE-2010-4072.\n\nThese updated packages also include several hundred bug fixes for and\nenhancements to the Linux kernel. Space precludes documenting each of these\nchanges in this advisory and users are directed to the Red Hat Enterprise\nLinux 5.6 Release Notes for information on the most significant of these\nchanges:\n\nhttp://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.6_Release_Notes/index.html\n\nRefer to the kernel chapter in the Red Hat Enterprise Linux 5.6 Technical\nNotes for further information:\n\nhttp://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.6_Technical_Notes/kernel.html\n\nAll Red Hat Enterprise Linux 5 users are advised to install these updated\npackages, which address these vulnerabilities as well as fixing the bugs\nand adding the enhancements noted in the Red Hat Enterprise Linux 5.6\nRelease Notes and Technical Notes. The system must be rebooted for this\nupdate to take effect.\n", "published": "2011-01-13T05:00:00", "cvss": {"score": 6.1, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:0017", "cvelist": ["CVE-2010-3296", "CVE-2010-3877", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4075", "CVE-2010-4080", "CVE-2010-4081", "CVE-2010-4158", "CVE-2010-4238", "CVE-2010-4243", "CVE-2010-4255", "CVE-2010-4263", "CVE-2010-4343"], "lastseen": "2017-09-09T07:20:14"}, {"id": "RHSA-2010:0723", "type": "redhat", "title": "(RHSA-2010:0723) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A buffer overflow flaw was found in the ecryptfs_uid_hash() function in\nthe Linux kernel eCryptfs implementation. On systems that have the eCryptfs\nnetlink transport (Red Hat Enterprise Linux 5 does) or where the\n\"/dev/ecryptfs\" file has world writable permissions (which it does not, by\ndefault, on Red Hat Enterprise Linux 5), a local, unprivileged user could\nuse this flaw to cause a denial of service or possibly escalate their\nprivileges. (CVE-2010-2492, Important)\n\n* A miscalculation of the size of the free space of the initial directory\nentry in a directory leaf block was found in the Linux kernel Global File\nSystem 2 (GFS2) implementation. A local, unprivileged user with write\naccess to a GFS2-mounted file system could perform a rename operation on\nthat file system to trigger a NULL pointer dereference, possibly resulting\nin a denial of service or privilege escalation. (CVE-2010-2798, Important)\n\n* A flaw was found in the Xen hypervisor implementation when running a\nsystem that has an Intel CPU without Extended Page Tables (EPT) support.\nWhile attempting to dump information about a crashing fully-virtualized\nguest, the flaw could cause the hypervisor to crash the host as well. A\nuser with permissions to configure a fully-virtualized guest system could\nuse this flaw to crash the host. (CVE-2010-2938, Moderate)\n\n* Information leak flaws were found in the Linux kernel's Traffic Control\nUnit implementation. A local attacker could use these flaws to cause the\nkernel to leak kernel memory to user-space, possibly leading to the\ndisclosure of sensitive information. (CVE-2010-2942, Moderate)\n\n* A flaw was found in the Linux kernel's XFS file system implementation.\nThe file handle lookup could return an invalid inode as valid. If an XFS\nfile system was mounted via NFS (Network File System), a local attacker\ncould access stale data or overwrite existing data that reused the inodes.\n(CVE-2010-2943, Moderate)\n\n* An integer overflow flaw was found in the extent range checking code in\nthe Linux kernel's ext4 file system implementation. A local, unprivileged\nuser with write access to an ext4-mounted file system could trigger this\nflaw by writing to a file at a very large file offset, resulting in a local\ndenial of service. (CVE-2010-3015, Moderate)\n\n* An information leak flaw was found in the Linux kernel's USB\nimplementation. Certain USB errors could result in an uninitialized kernel\nbuffer being sent to user-space. An attacker with physical access to a\ntarget system could use this flaw to cause an information leak.\n(CVE-2010-1083, Low)\n\nRed Hat would like to thank Andre Osterhues for reporting CVE-2010-2492;\nGrant Diffey of CenITex for reporting CVE-2010-2798; Toshiyuki Okajima for\nreporting CVE-2010-3015; and Marcus Meissner for reporting CVE-2010-1083.\n\nThis update also fixes several bugs. Documentation for these bug fixes will\nbe available shortly from the Technical Notes document linked to in the\nReferences.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "published": "2010-09-29T04:00:00", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0723", "cvelist": ["CVE-2010-1083", "CVE-2010-2492", "CVE-2010-2798", "CVE-2010-2938", "CVE-2010-2942", "CVE-2010-2943", "CVE-2010-3015"], "lastseen": "2017-09-08T08:04:12"}, {"id": "RHSA-2011:0421", "type": "redhat", "title": "(RHSA-2011:0421) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the sctp_icmp_proto_unreachable() function in the\nLinux kernel's Stream Control Transmission Protocol (SCTP) implementation.\nA remote attacker could use this flaw to cause a denial of service.\n(CVE-2010-4526, Important)\n\n* A missing boundary check was found in the dvb_ca_ioctl() function in the\nLinux kernel's av7110 module. On systems that use old DVB cards that\nrequire the av7110 module, a local, unprivileged user could use this flaw\nto cause a denial of service or escalate their privileges. (CVE-2011-0521,\nImportant)\n\n* A race condition was found in the way the Linux kernel's InfiniBand\nimplementation set up new connections. This could allow a remote user to\ncause a denial of service. (CVE-2011-0695, Important)\n\n* A heap overflow flaw in the iowarrior_write() function could allow a\nuser with access to an IO-Warrior USB device, that supports more than 8\nbytes per report, to cause a denial of service or escalate their\nprivileges. (CVE-2010-4656, Moderate)\n\n* A flaw was found in the way the Linux Ethernet bridge implementation\nhandled certain IGMP (Internet Group Management Protocol) packets. A local,\nunprivileged user on a system that has a network interface in an Ethernet\nbridge could use this flaw to crash that system. (CVE-2011-0716, Moderate)\n\n* A NULL pointer dereference flaw was found in the Generic Receive Offload\n(GRO) functionality in the Linux kernel's networking implementation. If\nboth GRO and promiscuous mode were enabled on an interface in a virtual LAN\n(VLAN), it could result in a denial of service when a malformed VLAN frame\nis received on that interface. (CVE-2011-1478, Moderate)\n\n* A missing initialization flaw in the Linux kernel could lead to an\ninformation leak. (CVE-2010-3296, Low)\n\n* A missing security check in the Linux kernel's implementation of the\ninstall_special_mapping() function could allow a local, unprivileged user\nto bypass the mmap_min_addr protection mechanism. (CVE-2010-4346, Low)\n\n* A logic error in the orinoco_ioctl_set_auth() function in the Linux\nkernel's ORiNOCO wireless extensions support implementation could render\nTKIP countermeasures ineffective when it is enabled, as it enabled the card\ninstead of shutting it down. (CVE-2010-4648, Low)\n\n* A missing initialization flaw was found in the ethtool_get_regs()\nfunction in the Linux kernel's ethtool IOCTL handler. A local user who has\nthe CAP_NET_ADMIN capability could use this flaw to cause an information\nleak. (CVE-2010-4655, Low)\n\n* An information leak was found in the Linux kernel's task_show_regs()\nimplementation. On IBM S/390 systems, a local, unprivileged user could use\nthis flaw to read /proc/[PID]/status files, allowing them to discover\nthe CPU register values of processes. (CVE-2011-0710, Low)\n\nRed Hat would like to thank Jens Kuehnel for reporting CVE-2011-0695; Kees\nCook for reporting CVE-2010-4656 and CVE-2010-4655; Dan Rosenberg for\nreporting CVE-2010-3296; and Tavis Ormandy for reporting CVE-2010-4346.\n\nThis update also fixes several bugs. Documentation for these bug fixes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n", "published": "2011-04-07T04:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:0421", "cvelist": ["CVE-2010-3296", "CVE-2010-4346", "CVE-2010-4526", "CVE-2010-4648", "CVE-2010-4655", "CVE-2010-4656", "CVE-2011-0521", "CVE-2011-0695", "CVE-2011-0710", "CVE-2011-0716", "CVE-2011-1478"], "lastseen": "2017-12-25T20:05:14"}, {"id": "RHSA-2010:0898", "type": "redhat", "title": "(RHSA-2010:0898) Moderate: kvm security update", "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for\nthe standard Red Hat Enterprise Linux kernel.\n\nA flaw was found in the way QEMU-KVM handled the reloading of fs and gs\nsegment registers when they had invalid selectors. A privileged host user\nwith access to \"/dev/kvm\" could use this flaw to crash the host (denial of\nservice). (CVE-2010-3698)\n\nAll KVM users should upgrade to these updated packages, which contain a\nbackported patch to correct this issue. Note: The procedure in the Solution\nsection must be performed before this update will take effect.\n", "published": "2010-12-06T05:00:00", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0898", "cvelist": ["CVE-2010-3698"], "lastseen": "2017-09-09T07:20:16"}, {"id": "RHSA-2010:0842", "type": "redhat", "title": "(RHSA-2010:0842) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* Missing sanity checks in the Intel i915 driver in the Linux kernel could\nallow a local, unprivileged user to escalate their privileges.\n(CVE-2010-2962, Important)\n\n* compat_alloc_user_space() in the Linux kernel 32/64-bit compatibility\nlayer implementation was missing sanity checks. This function could be\nabused in other areas of the Linux kernel if its length argument can be\ncontrolled from user-space. On 64-bit systems, a local, unprivileged user\ncould use this flaw to escalate their privileges. (CVE-2010-3081,\nImportant)\n\n* A buffer overflow flaw in niu_get_ethtool_tcam_all() in the niu Ethernet\ndriver in the Linux kernel, could allow a local user to cause a denial of\nservice or escalate their privileges. (CVE-2010-3084, Important)\n\n* A flaw in the IA32 system call emulation provided in 64-bit Linux kernels\ncould allow a local user to escalate their privileges. (CVE-2010-3301,\nImportant)\n\n* A flaw in sctp_packet_config() in the Linux kernel's Stream Control\nTransmission Protocol (SCTP) implementation could allow a remote attacker\nto cause a denial of service. (CVE-2010-3432, Important)\n\n* A missing integer overflow check in snd_ctl_new() in the Linux kernel's\nsound subsystem could allow a local, unprivileged user on a 32-bit system\nto cause a denial of service or escalate their privileges. (CVE-2010-3442,\nImportant)\n\n* A flaw was found in sctp_auth_asoc_get_hmac() in the Linux kernel's SCTP\nimplementation. When iterating through the hmac_ids array, it did not reset\nthe last id element if it was out of range. This could allow a remote\nattacker to cause a denial of service. (CVE-2010-3705, Important)\n\n* A function in the Linux kernel's Reliable Datagram Sockets (RDS) protocol\nimplementation was missing sanity checks, which could allow a local,\nunprivileged user to escalate their privileges. (CVE-2010-3904, Important)\n\n* A flaw in drm_ioctl() in the Linux kernel's Direct Rendering Manager\n(DRM) implementation could allow a local, unprivileged user to cause an\ninformation leak. (CVE-2010-2803, Moderate)\n\n* It was found that wireless drivers might not always clear allocated\nbuffers when handling a driver-specific IOCTL information request. A local\nuser could trigger this flaw to cause an information leak. (CVE-2010-2955,\nModerate)\n\n* A NULL pointer dereference flaw in ftrace_regex_lseek() in the Linux\nkernel's ftrace implementation could allow a local, unprivileged user to\ncause a denial of service. Note: The debugfs file system must be mounted\nlocally to exploit this issue. It is not mounted by default.\n(CVE-2010-3079, Moderate)\n\n* A flaw in the Linux kernel's packet writing driver could be triggered\nvia the PKT_CTRL_CMD_STATUS IOCTL request, possibly allowing a local,\nunprivileged user with access to \"/dev/pktcdvd/control\" to cause an\ninformation leak. Note: By default, only users in the cdrom group have\naccess to \"/dev/pktcdvd/control\". (CVE-2010-3437, Moderate)\n\n* A flaw was found in the way KVM (Kernel-based Virtual Machine) handled\nthe reloading of fs and gs segment registers when they had invalid\nselectors. A privileged host user with access to \"/dev/kvm\" could use this\nflaw to crash the host. (CVE-2010-3698, Moderate)\n\nRed Hat would like to thank Kees Cook for reporting CVE-2010-2962 and\nCVE-2010-2803; Ben Hawkes for reporting CVE-2010-3081 and CVE-2010-3301;\nDan Rosenberg for reporting CVE-2010-3442, CVE-2010-3705, CVE-2010-3904,\nand CVE-2010-3437; and Robert Swiecki for reporting CVE-2010-3079.\n\nThis update also fixes several bugs. Documentation for these bug fixes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "published": "2010-11-10T05:00:00", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2010:0842", "cvelist": ["CVE-2010-2803", "CVE-2010-2955", "CVE-2010-2962", "CVE-2010-3079", "CVE-2010-3081", "CVE-2010-3084", "CVE-2010-3301", "CVE-2010-3432", "CVE-2010-3437", "CVE-2010-3442", "CVE-2010-3698", "CVE-2010-3705", "CVE-2010-3904"], "lastseen": "2017-12-25T20:05:05"}, {"id": "RHSA-2011:0836", "type": "redhat", "title": "(RHSA-2011:0836) Important: kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* An integer underflow flaw, leading to a buffer overflow, was found in the\nLinux kernel's Datagram Congestion Control Protocol (DCCP) implementation.\nThis could allow a remote attacker to cause a denial of service.\n(CVE-2011-1770, Important)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on the\nstack very large, it could trigger a BUG_ON(), resulting in a local denial\nof service. (CVE-2010-3858, Moderate)\n\n* A missing validation check was found in the bcm_release() and\nraw_release() functions in the Linux kernel's Controller Area Network (CAN)\nimplementation. This could allow a local, unprivileged user to cause a\ndenial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)\n\n* The fix for Red Hat Bugzilla bug 656461, as provided in RHSA-2011:0542,\nintroduced a regression in the cifs_close() function in the Linux kernel's\nCommon Internet File System (CIFS) implementation. A local, unprivileged\nuser with write access to a CIFS file system could use this flaw to cause a\ndenial of service. (CVE-2011-1771, Moderate)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770; Brad\nSpengler for reporting CVE-2010-3858; and Oliver Hartkopp for reporting\nCVE-2011-1748.\n\nThis update also fixes various bugs. Documentation for these bug fixes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to resolve these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n", "published": "2011-06-01T04:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:0836", "cvelist": ["CVE-2010-3858", "CVE-2011-1598", "CVE-2011-1748", "CVE-2011-1770", "CVE-2011-1771"], "lastseen": "2017-12-25T20:06:17"}, {"id": "RHSA-2011:0263", "type": "redhat", "title": "(RHSA-2011:0263) Important: Red Hat Enterprise Linux 4.9 kernel security and bug fix update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A buffer overflow flaw was found in the load_mixer_volumes() function in\nthe Linux kernel's Open Sound System (OSS) sound driver. On 64-bit PowerPC\nsystems, a local, unprivileged user could use this flaw to cause a denial\nof service or escalate their privileges. (CVE-2010-4527, Important)\n\n* A missing boundary check was found in the dvb_ca_ioctl() function in the\nLinux kernel's av7110 module. On systems that use old DVB cards that\nrequire the av7110 module, a local, unprivileged user could use this flaw\nto cause a denial of service or escalate their privileges. (CVE-2011-0521,\nImportant)\n\n* A missing initialization flaw was found in the ethtool_get_regs()\nfunction in the Linux kernel's ethtool IOCTL handler. A local user who has\nthe CAP_NET_ADMIN capability could use this flaw to cause an information\nleak. (CVE-2010-4655, Low)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2010-4527, and\nKees Cook for reporting CVE-2010-4655.\n\nThese updated kernel packages also fix hundreds of bugs and add numerous\nenhancements. For details on individual bug fixes and enhancements included\nin this update, refer to the Red Hat Enterprise Linux 4.9 Release Notes,\nlinked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues and add these enhancements. The system must\nbe rebooted for this update to take effect.\n", "published": "2011-02-16T05:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2011:0263", "cvelist": ["CVE-2010-4527", "CVE-2010-4655", "CVE-2011-0521"], "lastseen": "2017-09-09T07:19:30"}], "oraclelinux": [{"id": "ELSA-2011-0162", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "[2.6.9-89.35.1.0.1.EL]\n- [XEN] fix cpu hotplug crash (Joe Jin) [orabug 7521308]\n- [XEN] Bring up vcpus before khelper init (Joe Jin) [orabug 7521308]\n- [XEN] flush the tlb cache immediately (Dave McCracken, Scott Shi) [orabug 9138767]\n- fix skb alignment that was causing sendto() to fail with EFAULT\n (Olaf Kirch) [orabug 6845794] - fix enomem due to larger mtu size page alloc (Zach Brown) [orabug 5486128]\n- backout patch sysrq-b that queues upto keventd thread (Guru Anbalagane)\n [orabug 6125546]\n- netrx/netpoll race avoidance (Tina Yang) [orabug 6143381]\n- [XEN] Fix elf_core_dump (Tina Yang) [orabug 6995928]\n- use lfence instead of cpuid instruction to implement memory barriers\n (Herbert van den Bergh) [orabug 7452412]\n- add netpoll support to xen netfront (Tina Yang) [orabz 7261]\n- [xen] execshield: fix endless GPF fault loop (Stephen Tweedie)\n [orabug 7175395]\n- [xen]: port el5u2 patch that allows 64-bit PVHVM guest to boot with 32-bit\n dom0 [orabug 7452107] xenstore\n- [mm] update shrink_zone patch to allow 100% swap utilization (John Sobecki,\n Chris Mason, Chuck Anderson, Dave McCracken) [orabug 7566319,6086839]\n- [kernel] backport report_lost_ticks patch from EL5.2 (John Sobecki)\n [orabug 6110605]\n- [xen] fix for hung JVM thread after #GPF [orabug 7916406] (Chuck Anderson)\n- port EL5U3 patch to adjust totalhigh_pages in the balloon driver\n [orabug 8300888]\n- check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug7556514]\n- [XEN] use hypercall to fixmap pte updates (Mukesh Rathor) [orabug 8433329]\n- fix oops in nlmclnt_mark_reclaim (Trond Myklebust) [orabug 8568878]\n- [x86_64] Allowed machine_reboot running on boot_cpu (Joe Jin) [orabug 8425237]\n- FP register state is corrupted during the handling a SIGSEGV (Chuck Anderson)\n [orabug 7708133]\n- [x86_64]: fix x86_64 largesmp kernel reboot hang (Joe Jin) [orabug bug9126592]\n- [nfs]: fix file attribute caching (Chuck Lever, Herbert van den Bergh)\n [orabug 8449921]\n- [mm] revert patch #2042 (John Sobecki) [orabug 8895251]\n- [x86_64] Add compat32 support for readahead and fadvise64 (John Haxby)\n [orabug 9458826]\n- [XEN] free pte on hugetlb_prefault to avoid the clear_page race\n (Dave McCracken, Joe Jin) [orabug 9493665]\n- [XEN] Flush tlb cache immediately to avoid clear_page race (Dave McCracken,\n Joe Jin) [orabug 9488844]\n- [aio] remove limit on number of retries (Srinivas Eeda) [orabug 10044782]\n[2.6.9-89.35.1]\n-unix: fix local socket dos (Neil Horman) [656757 656758] {CVE-2010-4249}\n-serial: clean data before filling it (Mauro Carvalho Chehab) [648808 648809]\n-net: fix reception of completely page backed sk_buffs (Andy Gospodarek) [664667 500921]\n-net: filter: make sure filters dont read uninitialized memory (Jiri Pirko) [651700 651701] {CVE-2010-4158}\n[2.6.9-89.34.1]\n-alsa: rme9652: prevent reading uninitialized stack memory (Stanislaw Gruszka) [648806 648807] {CVE-2010-4080}\n-bluetooth: fix missing null check (Jarod Wilson) [655662 655663] {CVE-2010-4242}\n-ipc: initialize structure memory to zero for compat functions (Xiaotian Feng) [648810 648811] {CVE-2010-4073}\n-ipc: shm: fix information leak to userland (Xiaotian Feng) [648816 648817] {CVE-2010-4072}\n-kernel: failure to revert address limit override in oops error path (Dave Anderson) [659568 659569] {CVE-2010-4258}\n-net: limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri Pirko) [656871 651924] {CVE-2010-3859}\n-net: packet: fix information leak to userland (Jiri Pirko) [649895 649896] {CVE-2010-3876}\n-scsi: gdth: integer overflow in ioc_general (Frantisek Hrbata) [651173 651174] {CVE-2010-4157}\n-sys_semctl: semctl fix kernel stack leakage (Xiaotian Feng) [648793 648794] {CVE-2010-4083}", "published": "2011-01-18T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2011-0162.html", "cvelist": ["CVE-2010-4242", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-4258", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4075"], "lastseen": "2016-09-04T11:16:33"}, {"id": "ELSA-2011-0263", "type": "oraclelinux", "title": "Oracle Linux 4.9 kernel security and bug fix update", "description": "[2.6.9-100]\n-cxgb3: prevent reading uninitialized stack memory to fix xgb_extension_ioctl infoleak (Eugene Teo) [633153] {CVE-2010-3296}\n-mlx4: disable MSI-X by default (Andy Gospodarek) [530596]\n-ext3: call fs invalidatepage instead of block_invalidatepage (Josef Bacik) [488611]\n-av7110: check for negative array offset (Mauro Carvalho Chehab) [672400] {CVE-2011-0521}\n-ext3: don not dirty unmapped data buffers (Josef Bacik) [488611]\n-net: clear heap allocations for privileged ethtool actions (Jiri Pirko) [672431] {CVE-2010-4655}\n[2.6.9-99]\n-bonding: fix active backup failover due to jiffie wrap (Andy Gospodarek) [641112]\n[2.6.9-98]\n-sound: fix a buffer overflow in the oss mixer (David Howells) [667619] {CVE-2010-4527}\n[2.6.9-97]\n-fs: fix filesystem corruption on ext2 (Alexander Viro) [662839]\n-sky2: fix oops in sky2_xmit_frame after tx timeout (Don Howard) [614559]\n-netdump: fix netdump failures on large memory systems (Neil Horman) [488557]\n[2.6.9-96]\n-usb: ehci amd periodic frame list table quirk (Don Zickus) [651334]\n-fs: truncate blocks outside i_size after O_DIRECT write error (Eric Sandeen) [665067]\n[2.6.9-95]\n-jbd: skip buffers that have a different jh (Josef Bacik) [488611]\n-unix: fix local socket dos (Neil Horman) [656758] {CVE-2010-4249}\n-s390x: qdio: fix zfcp stall with more than 63 active qdio devices (Hendrik Brueckner) [662130]\n-ehci-hcd: fix fatal error during bootup (Don Zickus) [656447]\n[2.6.9-94]\n-modules: sysctl to block module loading (Jerome Marchand) [645220]\n-redhat: added config_security_dmesg_restrict option (Frantisek Hrbata) [653252]\n-kernel: restrict unprivileged access to kernel syslog (Frantisek Hrbata) [653252]\n-sysctl: introduce ctl_unnumbered definition in sysctl.h (Frantisek Hrbata) [653252]\n-usb: allow usbstorage to have luns greater than 2TB (Don Zickus) [658824]\n-serial: clean data before filling it (Mauro Carvalho Chehab) [648809] {CVE-2010-4075}\n-sched: fix task starvation on Hyperthreaded cpus (Vitaly Mayatskikh) [488089]\n-s390: sclp: handle zero length event buffers (Hans-Joachim Picht) [487692]\n[2.6.9-93]\n-kernel: failure to revert address limit override in oops error path (Dave Anderson) [659569] {CVE-2010-4258}\n-nfsv4: fix oops in nfs4_kill_super (Jeff Layton) [660448]\n-net: filter: make sure filters dont read uninitialized memory (Jiri Pirko) [651701] {CVE-2010-4158}\n-net: limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri Pirko) [651924] {CVE-2010-3859}\n-bluetooth: fix missing null check (Jarod Wilson) [655663] {CVE-2010-4242}\n-ipc: initialize structure memory to zero for compat functions (Xiaotian Feng) [648811] {CVE-2010-4073}\n-ipc: shm: fix information leak to userland (Xiaotian Feng) [648817] {CVE-2010-4072}\n-netfront: default to copying instead of flipping (Laszlo Ersek) [653505]\n-net: packet: fix information leak to userland (Jiri Pirko) [649896] {CVE-2010-3876}\n-scsi: gdth: integer overflow in ioc_general (Frantisek Hrbata) [651174] {CVE-2010-4157}\n-sys_semctl: semctl fix kernel stack leakage (Xiaotian Feng) [648794] {CVE-2010-4083}\n-alsa: rme9652: prevent reading uninitialized stack memory (Stanislaw Gruszka) [648807] {CVE-2010-4080}\n-fs: only return EIO once on msync/fsync after IO failure (Rik van Riel) [645633]\n-xen: virtio_net: add get_drvinfo() to virtio_net (Laszlo Ersek) [647196]\n-xen: netfront: add get_drvinfo() to netfront (Laszlo Ersek) [647187]\n-kernel: fix possible integer overflow in mm/fremap.c (Larry Woodman) [637045]\n[2.6.9-92]\n-mm: revert patch to reduce large file latency during writebacks (Larry Woodman) [488070]\n[2.6.9-91]\n-mm: prevent panic when setting /proc/sys/vm/nr_hugepages (Larry Woodman) [647567]\n-net: sctp: do not reset the packet during sctp_packet_config() (Jiri Pirko) [637865] {CVE-2010-3432}\n-scsi: fix panic in sysfs_hash_and_remove() when scsi device is removed (Mark Goodwin) [533299]\n[2.6.9-90]\n-kernel: prevent heap corruption in snd_ctl_new() (Jerome Marchand) [638482] {CVE-2010-3442}\n-forcedeth: latest bugfixes from upstream (Ivan Vecera) [552953]\n-forcedeth: remove CONFIG_FORCEDETH_NAPI=y from config-generic (Ivan Vecera) [552953]\n[2.6.9-89.45]\n-scsi: scsi_do_req submitted commands (tape) never complete when device goes (Rob Evers) [636289]\n-scsi: log msg when getting unit attention (Mike Christie) [585430]\n-jbd: fix panic in jbd when running bashmemory (Josef Bacik) [488611]\n-qla2xxx: work around hypertransport sync flood error on sun x4200 with qla2xxx (Chad Dupuis) [621621]\n-aio: implement request batching for better merging and throughput (Jeff Moyer) [508377]\n-fs: a bunch of patches to fix various nfsd/iget() races (Alexander Viro) [189918]\n-net: bonding: add debug module option (Jiri Pirko) [247116]\n-fix fd leaks if pipe() is called with an invalid address (Amerigo Wang) [509627]\n[2.6.9-89.44]\n-ide-scsi: fix deadlock in ide-scsi error handler (Doug Ledford) [526966]\n-mlx4_core: allocate sufficient memory for interrupt table (Doug Ledford) [530596]\n-mptbase: panic with domain validation while rebuilding after the disk is replaced (Rob Evers) [476874]\n-fs: buffer: __block_write_full_page simplification by removing last_bh logic (Jeff Moyer) [472752]\n-fs: buffer: __block_write_full_page speedup by removing get_bh() and put_bh() (Jeff Moyer) [472752]\n-fs: buffer: __block_write_full_page race fix (Jeff Moyer) [472752]\n-kernel: fix integer overflow in groups_search (Jerome Marchand) [457519]\n-cifs: remove bogus check in ntlm session setup code (Jeff Layton) [604786]\n-cifs: when renaming don not try to unlink negative dentry (Jeff Layton) [500904]\n-autofs4: fix lookup deadlock when user space uses a signal (Ian Kent) [477017]\n-fs: make sure data stored into inode is properly seen before unlocking new inode (Eric Sandeen) [563920]\n-ipc: hard_msgmax should be higher not lower on 64bit (Amerigo Wang) [525815]\n-fs: fix file truncations when both suid and write permissions set (Amerigo Wang) [525398]\n-block: fix rcu accesses in partition statistics (Jerome Marchand) [517523]\n-kernel headers: fix missing defintion that causes build break (Neil Horman) [504593]\n[2.6.9-89.43]\n-aacraid: fix file system going into read only mode (Rob Evers) [624713]\n-blkfront: xen domu, raid1, lvm, iscsi target export with blockio bug (Paolo Bonzini) [490148]\n-cciss: change version from 2.6.20.RH2 to 2.6.20.RH3 (Tomas Henzl) [594086]\n-cciss: added printk in do_cciss_request before BUG() (Tomas Henzl) [594086]\n-cciss: fix a nulll pointer dereference in complete_command() (Tomas Henzl) [594086]\n-cciss: fix an issue when sending command with no data (Tomas Henzl) [594086]\n-mm: honor __GFP_NOFAIL flag in __alloc_pages() (Lachlan McIlroy) [605455]\n-xen: fix crashing of x86 hvm guest on x86_64 (Radim Krcmar) [637658]\n-xen: hide xenbus warnings on hvm guest shutdown (Radim Krcmar) [505081]\n-powernow-k8: fix errant print statement during voltage transitions (Bhavna Sarathy) [217829]\n-fusion: add sleep before subsequent tur in scan function (Tomas Henzl) [495236]\n-bonding: fix a race condition in calls to slave mii ioctls (Flavio Leitner) [621209]\n-s390x: cio: vary off on chpid 00 causes unexpected recovery actions (Hendrik Brueckner) [619855]\n-netfilter: arp_tables: fix unaligned accesses caused by casting strings to long (Jiri Pirko) [591638]\n-net: neigh: fix state transition incomplete->failed via netlink request (Jiri Pirko) [485904]\n-x86_64: floating point state corruption after handling the signal (Oleg Nesterov) [564381]\n-pidhashing: enforce pid_max_limit in sysctls and lower pid_max_limit on 32bit systems (Jiri Pirko) [525941]\n-s390: cio: linux does not boot through xautolog with conmode 3270 (Hans-Joachim Picht) [526282]\n-net: fix proc net ip_conntrack seq_file operations (Danny Feng) [524884]\n-ia64: swiotlb: fix swiotlb pci_map_sg error handling (Tomas Henzl) [525427]\n-xen: try harder to balloon up under memory pressure (Andrew Jones) [507847]\n-mm: fix bogus memory node assumption in huge page allocation (AMEET M. PARANJAPE) [506827]\n-kernel: binfmt_misc c: avoid potential kernel stack overflow (Vitaly Mayatskikh) [459466]\n-net: fix ipvs wrr scheduler bug of updating current weight (Vitaly Mayatskikh) [462717]\n[2.6.9-89.42]\n-net: actually copy input_dev to new sk_buff in skb_clone (Andy Gospodarek) [616710]\n-net: fix reception of completely page backed sk_buffs (Andy Gospodarek) [500921]\n-net: fix various snmp counter issues (Thomas Graf) [500889]\n-xen: can enter tickless mode with rcu pending and hang (Paolo Bonzini) [427998]\n-xen: fix occasional deadlocks in xen netfront (Paolo Bonzini) [480937]\n-xen: xenbus suspend_mutex remains locked on trans fail (Paolo Bonzini) [456649]\n-ext2: put explicit checks to not divide by zero (Josef Bacik) [500181]\n-usb: ehci split iso fixes, full speed audio etc (Don Zickus) [624117]\n-xenbus: implement O_NONBLOCK for /proc/xen/xenbus (Paolo Bonzini) [607261]\n-nfs: initialize nfs_open_context list member at allocation time (Jeff Layton) [634632]\n-cifs: fix dentry hash calculation for case insensitive mounts (Jeff Layton) [562949]\n-cifs: fix length calculation for converted unicode readdir names (Jeff Layton) [562949]\n[2.6.9-89.41]\n-bonding: fix ALB mode to balance traffic on vlans (Flavio Leitner) [640803]\n[2.6.9-89.40]\n-bonding: interface doesn t issue igmp report on slave interface during failover (Flavio Leitner) [637556]\n[2.6.9-89.39]\n-net: fix info leak in police code (Neil Horman) [636390] {CVE-2010-3477}\n-aio: check for multiplication overflow in io_submit (Jeff Moyer) [629447] {CVE-2010-3067}\n-fs: buffer.c: fix race in __block_prepare_write (Jeff Moyer) [480404]\n-3c59x: fix deadlock in irq handler tx path when netconsole in use (Neil Horman) [557380]\n-udp: use memory barrier in datagram_poll (Flavio Leitner) [546251]\n[2.6.9-89.38]\n-compat: make compat_alloc_user_space incorporate the access_ok (Xiaotian Feng) [634462] {CVE-2010-3081}\n-ext3: ensure inode is deleted from orphan list in ext3_direct_io() (Lachlan McIlroy) [629143]\n-sb800: add quirk for iso on amd sb800 (Pete Zaitcev) [537447]\n[2.6.9-89.37]\n-virtio_net: Fix MAX_PACKET_LEN to support 802.1Q VLANs (Michael S. Tsirkin) [607533]\n-do_generic_mapping_read: clear page errors when issuing a fresh read of the page (Rik van Riel) [481371]\n-ide: backport VIA PCI chipset ids to via82cxxx driver (Mauro Carvalho Chehab) [504778]\n-nfsd4: relax new lock seqid check (Jeff Layton) [577369]\n-igb: fix transmission of jumbo frames with mtu>=2100 (Stefan Assmann) [494597]\n-net: fix tcp conntrack to handle the half opened connection correctly (Jiri Pirko) [531914]\n-net: fix promisc refcounting for interfaces listening for multicast traffic (Neil Horman) [481292]\n-sctp: assign tsns earlier to avoid reordering (Neil Horman) [532045]\n-cciss: switch to using hlist to fix panic (Tomas Henzl) [479090]\n-nfs: statfs error handling and error message fix (Jeff Layton) [520018]\n-kthreads: fix kthread_create vs kthread_stop race (Oleg Nesterov) [519006]\n[2.6.9-89.36]\n-nfsd4: fix share conflict tests in nfs_check_open() (Jeff Layton) [510184]\n-nfsd4: move open owner checks from nfsd4_process_open2 into new function (Jeff Layton) [510184]\n-nfsd4: renew lease on seqid modifying operations (Jeff Layton) [508752]\n-ahci: add SATA GEN3 related messages (David Milburn) [512715]\n-igmp: fix ip_mc_sf_allow() race due to a lock problem (Flavio Leitner) [562904]\n-xen: don not recreate xenfb thread on every restore (Chris Lalancette) [543823]\n-bcm5709: update firmware for bcm5709 from version 4.4.23 to 4.6.15 (John Feeney) [532858]\n-net: apply broken_stats workaround to 5706 and 5708 (Flavio Leitner) [515274]\n-nfsd: fix races when cleaning up after last nfsd thread exits (Jeff Layton) [501500]\n-nfs: nfsd returns nfs4_ok when the owner opens a file with permission set to 000 (Peter Staubach) [507527]\n-nfsv4: send the delegation stateid for setattr calls (Jeff Layton) [502884]\n-nfsv4: fix up races in nfs4_proc_setattr (Jeff Layton) [502884]\n-nfsv4: don t reuse expired nfs4_state_owner structs (Jeff Layton) [502884]\n-nfsv4: fix a credential reference leak in nfs4_get_state_owner (Jeff Layton) [5 0 2 8 8 4 ] b r > - n f s v 4 : p o l l m o r e a g g r e s s i v e l y w h e n h a n d l i n g n f s 4 e r r _ d e l a y ( J e f f L a y t o n ) [ 5 0 2 8 8 4 ] b r > - n f s v 4 : f l u s h n f s v 4 w o r k w o r k q u e u e b e f o r e k i l l i n g s u p e r b l o c k ( J e f f L a y t o n ) [ 5 0 1 3 3 5 ] b r > - n f s v 4 : o n l y q u e u e n f s 4 _ c l o s e _ s t a t e j o b w h e n c a l l e d b y r p c i o d ( J e f f L a y t o n ) [ 5 0 1 3 3 5 ] b r > - n f s v 4 : s w i t c h n f s 4 w o r k q u e u e t o a p e r c l i e n t q u e u e ( J e f f L a y t o n ) [ 5 0 1 3 3 5 ] b r > - n f s : m o u n t e d n f s v 4 / k r b 5 e x p o r t i n a c c e s s i b l e f o l l o w i n g a n n f s s e r v e r r e b o o t ( H a r s h u l a ) [ 5 1 4 6 8 4 ] / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 6 5 5 . h t m l \" > C V E - 2 0 1 0 - 4 6 5 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 1 - 0 5 2 1 . h t m l \" > C V E - 2 0 1 1 - 0 5 2 1 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 5 2 7 . h t m l \" > C V E - 2 0 1 0 - 4 5 2 7 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 4 ( i 3 8 6 ) / t d > t d > k e r n e l - 2 . 6 . 9 - 1 0 0 . E L . s r c . r p m / t d > t d > 5 9 b 3 0 e 2 5 b 7 9 1 4 5 7 0 a 7 3 6 f 2 8 3 4 b 6 5 d e c d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L - 1 . 2 . 9 - 1 . e l 4 . s r c . r p m / t d > t d > 6 c d 9 0 2 5 5 b 7 7 b 7 c d c 0 1 6 d f f 1 4 2 a 0 f e 0 2 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L - 2 . 0 . 5 - 1 . e l 4 . s r c . r p m / t d > t d > f 9 3 d 7 c c 1 9 b f 5 6 2 b 4 b a d a 4 3 7 5 3 5 9 c 4 a c 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 9 - 1 0 0 . E L . i 6 8 6 . r p m / t d > t d > c e d 1 5 5 d b 4 b f 1 d 8 0 2 c 1 6 c f 9 d c a 3 3 7 0 6 8 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . i 6 8 6 . r p m / t d > t d > 2 e b 0 5 d e f a 1 d b 2 e d a 6 e 0 e 2 c 0 c 4 f 2 3 6 6 5 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 9 - 1 0 0 . E L . n o a r c h . r p m / t d > t d > 4 a 4 2 d 0 0 4 5 0 8 4 0 6 6 3 5 d a f 2 5 8 f 7 c b c 2 7 6 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h u g e m e m - 2 . 6 . 9 - 1 0 0 . E L . i 6 8 6 . r p m / t d > t d > 9 f d 5 a 8 5 5 2 4 d f 1 2 0 c 6 f 1 d 9 9 7 f c e 9 0 6 4 b 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h u g e m e m - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . i 6 8 6 . r p m / t d > t d > 5 0 3 b 4 a 0 a 1 b 2 8 0 f b 9 2 6 d 5 9 8 a 5 f d c d 5 8 2 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - s m p - 2 . 6 . 9 - 1 0 0 . E L . i 6 8 6 . r p m / t d > t d > e c c 2 6 e d 7 3 7 1 b 5 2 b 0 2 a 5 e 6 6 4 4 2 f a 5 d f 1 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - s m p - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . i 6 8 6 . r p m / t d > t d > 3 8 5 c b 4 b f 0 e c f 4 9 7 7 7 5 5 9 e 0 9 5 9 f 3 c b 1 8 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n U - 2 . 6 . 9 - 1 0 0 . E L . i 6 8 6 . r p m / t d > t d > d 6 9 c 6 f 8 6 6 1 0 2 1 c a c e 4 c b 9 4 6 c 0 6 e e 4 a 5 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n U - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . i 6 8 6 . r p m / t d > t d > f 9 c c 2 4 8 4 c c 5 e 6 0 2 5 0 4 b b a 2 7 2 f c 4 6 c 8 5 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L - 1 . 2 . 9 - 1 . e l 4 . i 6 8 6 . r p m / t d > t d > 2 5 6 f f 0 f 1 8 d a b a c 1 8 6 2 6 7 4 8 1 9 b 5 a d 6 e 3 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L h u g e m e m - 1 . 2 . 9 - 1 . e l 4 . i 6 8 6 . r p m / t d > t d > d 6 0 e 3 3 9 0 b 2 b 8 7 5 2 1 8 9 b 3 6 3 1 9 a 9 4 b c d a 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L s m p - 1 . 2 . 9 - 1 . e l 4 . i 6 8 6 . r p m / t d > t d > 9 f 2 a 1 7 7 e e a 2 d b 0 f 9 9 7 8 f 6 c 1 0 3 1 b 2 9 8 9 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L x e n U - 1 . 2 . 9 - 1 . e l 4 . i 6 8 6 . r p m / t d > t d > a a f 1 e d 4 d 4 8 4 e b 4 2 3 3 6 2 a 9 7 d 8 f d 7 3 e d 5 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L - 2 . 0 . 5 - 1 . e l 4 . i 6 8 6 . r p m / t d > t d > f 1 f b 1 9 d 8 a 9 5 5 f 2 a d 4 1 e f e 8 b d f 0 9 1 3 f 0 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L h u g e m e m - 2 . 0 . 5 - 1 . e l 4 . i 6 8 6 . r p m / t d > t d > 7 4 4 a 9 c e d 3 9 e 6 5 4 5 1 f 7 c 3 2 3 4 2 8 c 2 8 9 f 5 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L s m p - 2 . 0 . 5 - 1 . e l 4 . i 6 8 6 . r p m / t d > t d > 9 8 4 2 4 f 3 0 c 3 1 0 f f d 5 5 e d e d b 4 c f e d 9 3 3 0 d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L x e n U - 2 . 0 . 5 - 1 . e l 4 . i 6 8 6 . r p m / t d > t d > b d 5 f a b f 8 f 1 a 7 d b 7 4 3 5 4 5 6 8 3 f e 2 3 e 4 6 c f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 4 ( i a 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 9 - 1 0 0 . E L . s r c . r p m / t d > t d > 5 9 b 3 0 e 2 5 b 7 9 1 4 5 7 0 a 7 3 6 f 2 8 3 4 b 6 5 d e c d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L - 1 . 2 . 9 - 1 . e l 4 . s r c . r p m / t d > t d > 6 c d 9 0 2 5 5 b 7 7 b 7 c d c 0 1 6 d f f 1 4 2 a 0 f e 0 2 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L - 2 . 0 . 5 - 1 . e l 4 . s r c . r p m / t d > t d > f 9 3 d 7 c c 1 9 b f 5 6 2 b 4 b a d a 4 3 7 5 3 5 9 c 4 a c 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 9 - 1 0 0 . E L . i a 6 4 . r p m / t d > t d > 9 d 6 6 3 f a f 1 6 7 6 4 8 3 f 0 2 8 5 e a 8 d 9 b 8 5 d e 8 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . i a 6 4 . r p m / t d > t d > 1 4 7 9 7 8 2 a 8 6 6 8 2 9 5 3 e 7 9 d 7 c b f e 4 b 4 e b e 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 9 - 1 0 0 . E L . n o a r c h . r p m / t d > t d > 4 a 4 2 d 0 0 4 5 0 8 4 0 6 6 3 5 d a f 2 5 8 f 7 c b c 2 7 6 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - l a r g e s m p - 2 . 6 . 9 - 1 0 0 . E L . i a 6 4 . r p m / t d > t d > 2 3 d f 7 1 2 f 9 c b 0 e 7 6 1 2 4 e 4 7 6 0 f 3 4 6 9 1 3 6 1 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - l a r g e s m p - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . i a 6 4 . r p m / t d > t d > 6 9 1 5 7 9 8 f 7 d 4 9 8 8 c e 2 d 3 1 2 7 9 e a 9 c c 5 0 8 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L - 1 . 2 . 9 - 1 . e l 4 . i a 6 4 . r p m / t d > t d > 8 0 2 7 3 d e 3 f f 6 f 1 e f 2 7 e d 3 3 b b d 6 6 2 c d 7 b 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L l a r g e s m p - 1 . 2 . 9 - 1 . e l 4 . i a 6 4 . r p m / t d > t d > b b b 1 d 8 3 6 a 2 1 8 2 1 8 4 a b 9 5 8 a 0 e c 3 7 7 3 b 8 d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L - 2 . 0 . 5 - 1 . e l 4 . i a 6 4 . r p m / t d > t d > 1 0 8 0 a a c f a a 7 5 3 c 0 a d 1 4 2 f 9 3 b a 6 3 0 e 0 0 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L l a r g e s m p - 2 . 0 . 5 - 1 . e l 4 . i a 6 4 . r p m / t d > t d > a 8 0 9 e 7 4 3 a 1 0 4 3 c 7 c a 3 1 e 1 1 2 0 4 1 7 5 8 4 f e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 4 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 9 - 1 0 0 . E L . s r c . r p m / t d > t d > 5 9 b 3 0 e 2 5 b 7 9 1 4 5 7 0 a 7 3 6 f 2 8 3 4 b 6 5 d e c d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L - 1 . 2 . 9 - 1 . e l 4 . s r c . r p m / t d > t d > 6 c d 9 0 2 5 5 b 7 7 b 7 c d c 0 1 6 d f f 1 4 2 a 0 f e 0 2 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L - 2 . 0 . 5 - 1 . e l 4 . s r c . r p m / t d > t d > f 9 3 d 7 c c 1 9 b f 5 6 2 b 4 b a d a 4 3 7 5 3 5 9 c 4 a c 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 9 - 1 0 0 . E L . x 8 6 _ 6 4 . r p m / t d > t d > e 0 4 8 c 1 7 b 3 0 5 a 3 7 1 b 5 9 b b 6 4 b 8 7 d 3 2 0 f 4 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . x 8 6 _ 6 4 . r p m / t d > t d > 7 4 a 0 9 2 7 9 7 3 5 5 e e d 6 4 c c 5 5 e 3 3 6 8 1 d 9 c 3 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 9 - 1 0 0 . E L . n o a r c h . r p m / t d > t d > 4 a 4 2 d 0 0 4 5 0 8 4 0 6 6 3 5 d a f 2 5 8 f 7 c b c 2 7 6 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - l a r g e s m p - 2 . 6 . 9 - 1 0 0 . E L . x 8 6 _ 6 4 . r p m / t d > t d > 8 8 f 5 3 e f 2 6 4 e 6 f c 6 f 9 1 6 4 d 4 f 9 3 c e 6 b c 3 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - l a r g e s m p - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . x 8 6 _ 6 4 . r p m / t d > t d > e 9 d 1 0 7 2 9 0 b 4 1 0 7 5 4 0 4 5 8 a 3 e 7 d d 8 5 5 b d 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - s m p - 2 . 6 . 9 - 1 0 0 . E L . x 8 6 _ 6 4 . r p m / t d > t d > c d f 2 2 4 7 9 c a b 4 1 5 8 a a 6 8 e 4 1 c c 0 e 3 3 2 4 7 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - s m p - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . x 8 6 _ 6 4 . r p m / t d > t d > 4 9 4 9 0 9 7 b b e e 1 9 7 3 c c 2 8 3 8 c 9 3 f 8 8 f c e 7 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n U - 2 . 6 . 9 - 1 0 0 . E L . x 8 6 _ 6 4 . r p m / t d > t d > 8 e f d 5 5 1 8 0 0 5 b 4 0 c c 2 7 b a e d a c 8 7 8 4 1 6 1 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n U - d e v e l - 2 . 6 . 9 - 1 0 0 . E L . x 8 6 _ 6 4 . r p m / t d > t d > 8 4 2 2 3 a 9 4 a c 3 c 8 f 5 3 d 5 a 1 0 9 1 a 0 6 8 9 2 f c d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L B A - 2 0 1 1 - 1 7 9 6 . h t m l \" > E L B A - 2 0 1 1 - 1 7 9 6 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L - 1 . 2 . 9 - 1 . e l 4 . x 8 6 _ 6 4 . r p m / t d > t d > 3 5 8 d 1 6 5 e 0 0 7 c 8 5 9 8 d 8 5 d 3 8 0 f 1 1 f 1 d 3 0 a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L l a r g e s m p - 1 . 2 . 9 - 1 . e l 4 . x 8 6 _ 6 4 . r p m / t d > t d > d 8 8 a 2 9 6 6 0 7 0 9 5 3 4 1 7 8 4 2 8 b b 5 b 8 9 0 5 5 3 b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L s m p - 1 . 2 . 9 - 1 . e l 4 . x 8 6 _ 6 4 . r p m / t d > t d > 5 0 6 9 f 8 e 9 3 6 d b 3 d 8 d 5 4 e 0 2 1 c 5 7 c d 5 2 b c 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 9 - 1 0 0 . E L x e n U - 1 . 2 . 9 - 1 . e l 4 . x 8 6 _ 6 4 . r p m / t d > t d > 3 0 c 9 d c 5 2 2 f b d 9 c e 9 1 d 5 c 2 8 a 7 a 5 7 3 1 f 7 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L - 2 . 0 . 5 - 1 . e l 4 . x 8 6 _ 6 4 . r p m / t d > t d > 9 0 3 5 2 7 9 b 0 2 3 a 4 0 6 e a 5 1 d 4 1 c 6 5 3 7 1 3 f e 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L l a r g e s m p - 2 . 0 . 5 - 1 . e l 4 . x 8 6 _ 6 4 . r p m / t d > t d > 5 f a 1 2 2 c d f d b 5 0 8 a d 3 a d 6 d 4 8 6 0 1 d e 1 2 c 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L s m p - 2 . 0 . 5 - 1 . e l 4 . x 8 6 _ 6 4 . r p m / t d > t d > 1 a c d c e 1 b 5 9 2 b c b 3 5 7 0 2 7 1 8 7 4 1 6 c 4 2 d d 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 9 - 1 0 0 . E L x e n U - 2 . 0 . 5 - 1 . e l 4 . x 8 6 _ 6 4 . r p m / t d > t d > 2 1 b e d 4 2 2 7 c 0 6 b 1 a d 0 a e 2 6 f 7 4 0 8 8 d a 3 0 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2011-02-23T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2011-0263.html", "cvelist": ["CVE-2010-4242", "CVE-2011-0521", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-3067", "CVE-2010-3432", "CVE-2010-4075", "CVE-2010-4655"], "lastseen": "2018-04-04T13:00:47"}, {"id": "ELSA-2011-0004", "type": "oraclelinux", "title": "kernel security, bug fix, and enhancement update", "description": "[2.6.18-194.32.1.0.1.el5]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- Add entropy support to igb (John Sobecki) [orabug 7607479]\n- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]\n- [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043]\n [bz 7258]\n- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)\n [orabug 7579314]\n- [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702]\n- [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin)\n [orabug 9504524]\n- [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105]\n RDS: Fix BUG_ONs to not fire when in a tasklet\n ipoib: Fix lockup of the tx queue\n RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)\n RDS: Properly unmap when getting a remote access error (Tina Yang)\n RDS: Fix locking in rds_send_drop_to()\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh)\n [orabug 9245919]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- make xenkbd.abs_pointer=1 by default (John Haxby) [orabug 67188919]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n[2.6.18-194.32.1.el5]\n- [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [664416 663853]\n[2.6.18-194.31.1.el5]\n- [fs] nfs: set lock_context field in nfs_writepage_sync (Jeff Layton) [663381 660580]\n- [fs] nfs: remove problematic calls to nfs_clear_request (Jeff Layton) [663353 656492]\n- [fs] nfs: handle alloc failures in nfs_create_request (Jeff Layton) [663353 656492]\n- [fs] nfs: clean up nfs_create_request (Jeff Layton) [663353 656492]\n- [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [636412 635999] {CVE-2010-3699}\n[2.6.18-194.30.1.el5]\n- [scsi] lpfc: set heartbeat timer off by default (Rob Evers) [658079 655119]\n- [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656265 656266] {CVE-2010-4248}\n- [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645226 645227] {CVE-2010-3858}\n- [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651266 651267] {CVE-2010-3880}\n- [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645871 645872] {CVE-2010-3859}\n- [bluetooth] hci_ldisc: fix missing NULL check (Jarod Wilson) [655664 655666] {CVE-2010-4242}\n- [virt] xen: add bounds req-process loop in blkback/blktap (Laszlo Ersek) [656208 654546] {CVE-2010-4247}\n- [virt] xen: don't leak dev refs on bad xenbus transitions (Laszlo Ersek) [636412 635999] {CVE-2010-3699}\n- [scsi] lpfc: fix crashes on NULL pnode dereference (Rob Evers) [658864 649489]\n- [scsi] qla2xxx: check null fcport in _queuecommands (Chad Dupuis) [657029 644863]\n- [fs] gfs2: fix race in unlinked inode deallocation (Robert S Peterson) [651811 643165]\n- [scsi] lpfc: fix a BUG_ON in lpfc_abort_handler (Rob Evers) [658378 639028]\n- [scsi] re-enable transistions from OFFLINE to RUNNING (Mike Christie) [658934 641193]\n- [scsi] scsi_dh_alua: handle transitioning state correctly (Mike Snitzer) [657028 619361]\n- [misc] add round_jiffies_up and related routines (Michal Schmidt) [658520 556476]\n- [fs] fix dcache accounting bug (Josef Bacik) [658857 596548]\n- [usb] uhci: fix oops in uhci_scan_schedule (Pete Zaitcev) [657319 516851]\n- [scsi] lpfc: fix panic in lpfc_scsi_cmd_iocb_cmpl (Rob Evers) [658379 603806]\n[2.6.18-194.29.1.el5]\n- [net] rds: fix rds_iovec page count overflow (Jiri Pirko) [647421 647422] {CVE-2010-3865}\n- [net] fix deadlock in sock_queue_rcv_skb (Danny Feng) [652536 652537] {CVE-2010-4161}\n- [net] packet: fix information leak to userland (Jiri Pirko) [649897 649898] {CVE-2010-3876}\n- [ipc] sys_semctl: fix kernel stack leakage (Danny Feng) [648721 648722] {CVE-2010-4083}\n- [misc] kernel: remove yield from stop_machine paths (Oleg Nesterov) [651818 634454]\n- [fs] dlm: reduce cond_resched during send (David Teigland) [653335 604139]\n- [fs] dlm: use TCP_NODELAY (David Teigland) [653335 604139]\n- [net] sctp: do not reset packet during sctp_packet_config (Jiri Pirko) [637866 637867] {CVE-2010-3432}\n- [net] bonding: no lock on copy/clear VLAN list on slave (Andy Gospodarek) [652561 627974]\n- [scsi] gdth: prevent integer overflow in ioc_general (Frantisek Hrbata) [651175 651176] {CVE-2010-4157}\n- [kernel] add stop_machine barrier to fix lock contention (Prarit Bhargava) [651818 634454]\n[2.6.18-194.28.1.el5]\n- [net] bnx2: Increase max rx ring size from 1K to 2K (Andy Gospodarek) [649255 640026]\n- [net] bnx2: fixup broken NAPI accounting (Andy Gospodarek) [649255 640026]\n- [pci] include DL580 G7 in bfsort whitelist (Tony Camuso) [646765 644879]\n- [sound] core: prevent heap corruption in snd_ctl_new (Jerome Marchand) [638483 638484] {CVE-2010-3442}\n- [net] ixgbe: add option to control interrupt mode (Andy Gospodarek) [643339 571495]\n- [fs] execve: fix interactivity and response to SIGKILL (Dave Anderson) [643344 629176]\n- [usb] fix test of wrong variable in create_by_name (Don Howard) [643347 594635]\n- [fs] gfs2: fix stuck in inode wait, no glocks stuck (Robert S Peterson) [651805 595397]\n- [net] gro: fix bogus gso_size on the first fraglist entry (Herbert Xu) [648938 588015]\n- [virt] xen: fix Connected state after netback dev closed (Paolo Bonzini) [643345 591548]\n- [net] tun: orphan an skb on tx (Michael S. Tsirkin) [643348 584412]\n[2.6.18-194.27.1.el5]\n- [net] netxen: fix set mac addr (Andy Gospodarek) [647681 562937]", "published": "2011-01-04T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2011-0004.html", "cvelist": ["CVE-2010-4242", "CVE-2010-3865", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3876", "CVE-2010-4247", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3880", "CVE-2010-4157", "CVE-2010-4161", "CVE-2010-3858", "CVE-2010-3699", "CVE-2010-3432"], "lastseen": "2016-09-04T11:17:10"}, {"id": "ELSA-2011-0007", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "[2.6.32-71.14.1.0.1.el6]\n- replace Red Hat with Oracle in files genkey and kernel.spec\n[2.6.32-71.14.1.el6]\n- [kvm] x86: zero kvm_vcpu_events->interrupt.pad (Marcelo Tosatti) [665471 665409] {CVE-2010-4525}\n[2.6.32-71.13.1.el6]\nemail_6.RHSA-2011-0007 178L, 11970C written\n- [scsi] lpfc: Fixed crashes for NULL pnode dereference (Rob Evers) [660589 635733]\n[2.6.32-71.12.1.el6]\n- [netdrv] igb: only use vlan_gro_receive if vlans are registered (Stefan Assmann) [652804 660192] {CVE-2010-4263}\n- [net] core: neighbour update Oops (Jiri Pirko) [660591 658518]\n- [scsi] lpfc: Set heartbeat timer off by default (Rob Evers) [660244 655935]\n- [scsi] lpfc: Fixed crashes for BUG_ONs hit in the lpfc_abort_handler (Rob Evers) [659611 645882]\n[2.6.32-71.11.1.el6]\n- [kernel] posix-cpu-timers: workaround to suppress the problems with mt exec (Oleg Nesterov) [656267 656268] {CVE-2010-4248}\n- [fs] bio: take care not overflow page count when mapping/copying user data (Danny Feng) [652530 652531] {CVE-2010-4162}\n- [net] can-bcm: fix minor heap overflow (Danny Feng) [651846 651847] {CVE-2010-3874}\n- [net] filter: make sure filters dont read uninitialized memory (Jiri Pirko) [651704 651705] {CVE-2010-4158}\n- [net] inet_diag: Make sure we actually run the same bytecode we audited (Jiri Pirko) [651268 651269] {CVE-2010-3880}\n- [v4l] ivtvfb: prevent reading uninitialized stack memory (Mauro Carvalho Chehab) [648832 648833] {CVE-2010-4079}\n- [drm] via/ioctl.c: prevent reading uninitialized stack memory (Dave Airlie) [648718 648719] {CVE-2010-4082}\n- [char] nozomi: clear data before returning to userspace on TIOCGICOUNT (Mauro Carvalho Chehab) [648705 648706] {CVE-2010-4077}\n- [serial] clean data before filling it on TIOCGICOUNT (Mauro Carvalho Chehab) [648702 648703] {CVE-2010-4075}\n- [net] af_unix: limit unix_tot_inflight (Neil Horman) [656761 656762] {CVE-2010-4249}\n- [block] check for proper length of iov entries in blk_rq_map_user_iov() (Danny Feng) [652958 652959] {CVE-2010-4163}\n- [net] Limit sendto()/recvfrom()/iovec total length to INT_MAX (Jiri Pirko) [651894 651895] {CVE-2010-4160}\n- [netdrv] mlx4: Add OFED-1.5.2 patch to increase log_mtts_per_seg (Jay Fenlason) [643815 637284]\n- [kernel] kbuild: fix external module compiling (Aristeu Rozanski) [658879 655231]\n- [net] bluetooth: Fix missing NULL check (Jarod Wilson) [655667 655668] {CVE-2010-4242}\n- [kernel] ipc: initialize structure memory to zero for compat functions (Danny Feng) [648694 648695] {CVE-2010-4073}\n- [kernel] shm: fix information leak to userland (Danny Feng) [648688 648689] {CVE-2010-4072}\n- [md] dm: remove extra locking when changing device size (Mike Snitzer) [653900 644380]\n- [block] read i_size with i_size_read() (Mike Snitzer) [653900 644380]\n- [kbuild] don't sign out-of-tree modules (Aristeu Rozanski) [655122 653507]\n[2.6.32-71.10.1.el6]\n- [fs] xfs: prevent reading uninitialized stack memory (Dave Chinner) [630808 630809] {CVE-2010-3078}\n- [net] fix rds_iovec page count overflow (Jiri Pirko) [647423 647424] {CVE-2010-3865}\n- [scsi] Fix megaraid_sas driver SLAB memory leak detected with CONFIG_DEBUG_SLAB (Shyam Iyer) [649436 633836]\n- [usb] serial/mos*: prevent reading uninitialized stack memory (Don Zickus) [648697 648698] {CVE-2010-4074}\n- [kernel] ecryptfs_uid_hash() buffer overflow (Jerome Marchand) [626320 611388] {CVE-2010-2492}\n- [sound] seq/oss - Fix double-free at error path of snd_seq_oss_open() (Jaroslav Kysela) [630554 630555] {CVE-2010-3080}\n- [virt] virtio-net: init link state correctly (Jason Wang) [653340 646369]\n- [netdrv] prevent reading uninitialized memory in hso driver (Thomas Graf) [633143 633144] {CVE-2010-3298}\n[2.6.32-71.9.1.el6]\n- [fs] Do not mix FMODE_ and O_ flags with break_lease() and may_open() (Harshula Jayasuriya) [648408 642677]\n- [fs] aio: check for multiplication overflow in do_io_submit (Jeff Moyer) [629450 629451] {CVE-2010-3067}\n- [net] fix info leak from kernel in ethtool operation (Neil Horman) [646727 646728] {CVE-2010-3861}\n- [net] packet: fix information leak to userland (Jiri Pirko) [649899 649900] {CVE-2010-3876}\n- [net] clean up info leak in act_police (Neil Horman) [636393 636394] {CVE-2010-3477}\n- [mm] Prevent Out Of Memory when changing cpuset's mems on NUMA (Larry Woodman) [651996 597127]\n[2.6.32-71.8.1.el6]\n- [mm] remove false positive THP pmd_present BUG_ON (Andrea Arcangeli) [647391 646384]\n[2.6.32-71.7.1.el6]\n- [drm] ttm: fix regression introduced in dfb4a4250168008c5ac61e90ab2b86f074a83a6c (Dave Airlie) [646994 644896]\n[2.6.32-71.6.1.el6]\n- [block] fix a potential oops for callers of elevator_change (Jeff Moyer) [644926 641408]\n[2.6.32-71.5.1.el6]\n- [security] IMA: require command line option to enabled (Eric Paris) [644636 643667]\n- [net] Fix priv escalation in rds protocol (Neil Horman) [642899 642900] {CVE-2010-3904}\n- [v4l] Remove compat code for VIDIOCSMICROCODE (Mauro Carvalho Chehab) [642472 642473] {CVE-2010-2963}\n- [kernel] tracing: do not allow llseek to set_ftrace_filter (Jiri Olsa) [631625 631626] {CVE-2010-3079}\n- [virt] xen: hold mm->page_table_lock in vmalloc_sync (Andrew Jones) [644038 643371]\n- [fs] xfs: properly account for reclaimed inodes (Dave Chinner) [642680 641764]\n- [drm] fix ioctls infoleak (Danny Feng) [626319 621437] {CVE-2010-2803}\n- [netdrv] wireless extensions: fix kernel heap content leak (John Linville) [628437 628438] {CVE-2010-2955}\n- [netdrv] niu: buffer overflow for ETHTOOL_GRXCLSRLALL (Danny Feng) [632071 632072] {CVE-2010-3084}\n- [mm] add debug checks for mapcount related invariants (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] move VM_BUG_ON inside the page_table_lock of zap_huge_pmd (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] compaction: handle active and inactive fairly in too_many_isolated (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] start_khugepaged after setting transparent_hugepage_flags (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] fix hibernate memory corruption (Andrea Arcangeli) [644037 642570]\n- [mm] ksmd wait_event_freezable (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] khugepaged wait_event_freezable (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] unlink_anon_vmas in __split_vma in case of error (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] fix memleak in copy_huge_pmd (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] fix hang on anon_vma->root->lock (Andrea Arcangeli) [642679 622327 644037 642570]\n- [mm] avoid breaking huge pmd invariants in case of vma_adjust failures (Andrea Arcangeli) [642679 622327 644037 642570]\n[2.6.32-71.4.1.el6]\n- [scsi] fcoe: set default FIP mode as FIP_MODE_FABRIC (Mike Christie) [641457 636233]\n- [virt] KVM: Fix fs/gs reload oops with invalid ldt (Avi Kivity) [639884 639885] {CVE-2010-3698}\n- [drm] i915: prevent arbitrary kernel memory write (Jerome Marchand) [637690 637691] {CVE-2010-2962}\n- [scsi] libfc: adds flogi retry in case DID is zero in RJT (Mike Christie) [641456 633907]\n- [kernel] prevent heap corruption in snd_ctl_new() (Jerome Marchand) [638485 638486] {CVE-2010-3442}\n- [scsi] lpfc: lpfc driver oops during rhel6 installation with snapshot 12/13 and emulex FC (Rob Evers) [641907 634703]\n- [fs] ext4: Always journal quota file modifications (Eric Sandeen) [641454 624909]\n- [mm] fix split_huge_page error like mapcount 3 page_mapcount 2 (Andrea Arcangeli) [641258 640611]\n- [block] Fix pktcdvd ioctl dev_minor range check (Jerome Marchand) [638088 638089] {CVE-2010-3437}\n- [drm] ttm: Fix two race conditions + fix busy codepaths (Dave Airlie) [642045 640871]\n- [drm] Prune GEM vma entries (Dave Airlie) [642043 640870]\n- [virt] ksm: fix bad user data when swapping (Andrea Arcangeli) [641459 640579]\n- [virt] ksm: fix page_address_in_vma anon_vma oops (Andrea Arcangeli) [641460 640576]\n- [net] sctp: Fix out-of-bounds reading in sctp_asoc_get_hmac() (Jiri Pirko) [640461 640462] {CVE-2010-3705}\n- [mm] Move vma_stack_continue into mm.h (Mike Snitzer) [641483 638525]\n- [net] sctp: Do not reset the packet during sctp_packet_config() (Jiri Pirko) [637681 637682] {CVE-2010-3432}\n- [mm] vmstat incorrectly reports disk IO as swap in (Steve Best) [641458 636978]\n- [scsi] fcoe: Fix NPIV (Neil Horman) [641455 631246]\n[2.6.32-71.3.1.el6]\n- [block] prevent merges of discard and write requests (Mike Snitzer) [639412 637805]\n- [drm] nouveau: correct INIT_DP_CONDITION subcondition 5 (Ben Skeggs) [638973 636678]\n- [drm] nouveau: enable enhanced framing only if DP display supports it (Ben Skeggs) [638973 636678]\n- [drm] nouveau: fix required mode bandwidth calculation for DP (Ben Skeggs) [638973 636678]\n- [drm] nouveau: disable hotplug detect around DP link training (Ben Skeggs) [638973 636678]\n- [drm] nouveau: set DP display power state during DPMS (Ben Skeggs) [638973 636678]\n- [mm] remove madvise from possible /sys/kernel/mm/redhat_transparent_hugepage/enabled options (Larry Woodman) [636116 634500]\n- [netdrv] cxgb3: don't flush the workqueue if we are called from the workqueue (Doug Ledford) [634973 631547]\n- [netdrv] cxgb3: deal with fatal parity error status in interrupt handler (Doug Ledford) [634973 631547]\n- [netdrv] cxgb3: now that we define fatal parity errors, make sure they are cleared (Doug Ledford) [634973 631547]\n- [netdrv] cxgb3: Add define for fatal parity error bit manipulation (Doug Ledford) [634973 631547]\n- [virt] Emulate MSR_EBC_FREQUENCY_ID (Jes Sorensen) [633966 629836]\n- [virt] Define MSR_EBC_FREQUENCY_ID (Jes Sorensen) [633966 629836]\n- [kernel] initramfs: Fix initramfs size calculation (Hendrik Brueckner) [637087 626956]\n- [kernel] initramfs: Generalize initramfs_data.xxx.S variants (Hendrik Brueckner) [637087 626956]\n- [drm] radeon/kms: fix sideport detection on newer rs880 boards (Dave Airlie) [634984 626454]\n- [block] switch s390 tape_block and mg_disk to elevator_change() (Mike Snitzer) [633864 632631]\n- [block] add function call to switch the IO scheduler from a driver (Mike Snitzer) [633864 632631]\n[2.6.32-71.2.1.el6]\n- [misc] make compat_alloc_user_space() incorporate the access_ok() (Xiaotian Feng) [634465 634466] {CVE-2010-3081}\n- [x86] kernel: fix IA32 System Call Entry Point Vulnerability (Xiaotian Feng) [634451 634452] {CVE-2010-3301}\n[2.6.32-71.1.1.el6]\n- [security] Make kernel panic in FIPS mode if modsign check fails (David Howells) [633865 625914]\n- [virt] Guests on AMD with CPU type 6 and model >= 8 trigger errata read of MSR_K7_CLK_CTL (Jes Sorensen) [632292 629066]\n- [x86] UV: use virtual efi on SGI systems (George Beshers) [633964 627653]", "published": "2011-02-12T00:00:00", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2011-0007.html", "cvelist": ["CVE-2010-4242", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4668", "CVE-2010-4072", "CVE-2010-2955", "CVE-2010-3437", "CVE-2010-2492", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-4525", "CVE-2010-2963", "CVE-2010-4158", "CVE-2010-3876", "CVE-2010-3698", "CVE-2010-4162", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2010-3705", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4249", "CVE-2010-3081", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-2803", "CVE-2010-3084", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-4077", "CVE-2010-3861", "CVE-2010-4075", "CVE-2010-3301"], "lastseen": "2016-09-04T11:16:10"}, {"id": "ELSA-2011-0017", "type": "oraclelinux", "title": "Oracle Linux 5.6 kernel security and bug fix update", "description": "[2.6.18-238.el5]\n- [net] bnx2: remove extra call to pci_map_page (John Feeney) [663509]\n- [fs] nfs: set lock_context field in nfs_readpage_sync (Jeff Layton) [663853]\n[2.6.18-237.el5]\n- [block] fully zeroize request struct in rq_init (Rob Evers) [662154]\n- [scsi] qla4xxx: update to 5.02.04.02.05.06-d0 (Chad Dupuis) [656999]\n- [scsi] qla4xxx: make get_sys_info function return void (Chad Dupuis) [656999]\n- [scsi] qla4xxx: dont default device to FAILED state (Chad Dupuis) [656999]\n- [scsi] qla4xxx: mask bits in F/W Options during init (Chad Dupuis) [656999]\n- [scsi] qla4xxx: update to 5.02.04.01.05.06-d0 (Chad Dupuis) [661768]\n- [scsi] qla4xxx: disable irq instead of req pci_slot_reset (Chad Dupuis) [661768]\n- [scsi] qla4xxx: no device add until scsi_add_host success (Chad Dupuis) [661768]\n- [fs] nfs: set lock_context field in nfs_writepage_sync (Jeff Layton) [660580]\n- [scsi] bfa: fix crash reading driver sysfs statistics (Rob Evers) [659880] {CVE-2010-4343}\n- [misc] cpufeature: avoid corrupting cpuid vendor id (Matthew Garrett) [568751]\n- [char] drm: dont set signal blocker on master process (Dave Airlie) [570604]\n- [fs] nfs: remove problematic calls to nfs_clear_request (Jeff Layton) [656492]\n- [fs] nfs: handle alloc failures in nfs_create_request (Jeff Layton) [656492]\n- [fs] nfs: clean up nfs_create_request (Jeff Layton) [656492]\n- [net] forcedeth: fix race condition in latest backport (Ivan Vecera) [658434]\n- [net] cxgb3: fix read of uninitialized stack memory (Jay Fenlason) [633155] {CVE-2010-3296}\n- [net] tg3: increase jumbo flag threshold (John Feeney) [660506]\n- [net] s2io: fix netdev initialization failure (Bob Picco) [654948]\n- [net] igb: only use vlan_gro_receive if vlans registered (Stefan Assmann) [660190] {CVE-2010-4263}\n- [net] ipv6: try all routers with unknown reachable state (Thomas Graf) [661393]\n- [misc] kernel: fix address limit override in OOPS path (Dave Anderson) [659571] {CVE-2010-4258}\n[2.6.18-236.el5]\n- [powerpc] support DLPAR remove operations (Steve Best) [655089]\n- [net] igb: fix tx packet count (Stefan Assmann) [658801]\n- [usb] serial: new driver MosChip MCS7840 (Stefan Assmann) [574507]\n- [fs] exec: copy fixes into compat_do_execve paths (Oleg Nesterov) [625694] {CVE-2010-4243}\n- [fs] exec: make argv/envp memory visible to oom-killer (Oleg Nesterov) [625694] {CVE-2010-4243}\n- [misc] binfmts: kill bprm->argv_len (Oleg Nesterov) [625694] {CVE-2010-4243}\n- [mm] backport upstream stack guard page /proc reporting (Larry Woodman) [643426]\n- [mm] add guard page for stacks that grow upwards (Johannes Weiner) [630563]\n- [net] tipc: fix information leak to userland (Jiri Pirko) [649892] {CVE-2010-3877}\n- [sound] ALSA: fix sysfs unload and OSS mixer mutex issues (Jaroslav Kysela) [652165]\n- [net] tg3: fix 5719 bugs (John Feeney) [657097]\n- [net] bnx2: update firmware to 6.0.x (John Feeney) [644438]\n- [redhat] configs: add CONFIG_SECURITY_DMESG_RESTRICT (Frantisek Hrbata) [653250]\n- [misc] kernel: restrict unprivileged access to dmesg (Frantisek Hrbata) [653250]\n- [virt] xen: dont allow blkback virtual CDROM device (Andrew Jones) [635638] {CVE-2010-4238}\n- Revert: [xen] cd-rom drive does not recognize new media (Andrew Jones) [635638] {CVE-2010-4238}\n- [net] qlge: fix deadlock when interface is going down (Chad Dupuis) [654420]\n- [net] qlge: reset chip before freeing buffers (Chad Dupuis) [654420]\n- [net] qlge: restore vlan setting during ql_adapter_up (Chad Dupuis) [654420]\n- [scsi] qla4xxx: Update version to V5.02.04.00.05.06-d0 (Chad Dupuis) [656999]\n- [scsi] qla4xxx: Document Driver Versioning Scheme (Chad Dupuis) [656999]\n- [scsi] qla4xxx: Updated the Copyright header to 2010 (Chad Dupuis) [656999]\n- [scsi] qla4xxx: dont process devices untill probe done (Chad Dupuis) [656999]\n- [scsi] qla4xxx: free DDB when application calls for it (Chad Dupuis) [656999]\n- [scsi] qla4xxx: memory wedge with peg_halt test in loop (Chad Dupuis) [656999]\n- [scsi] qla4xxx: clear AF_FW_RECOVERY flag after reset (Chad Dupuis) [656999]\n- [scsi] qla4xxx: fix new IP address caching (Chad Dupuis) [656999]\n- [scsi] qla4xxx: replace hard coded values with macros (Chad Dupuis) [656999]\n- [scsi] qla4xxx: mark dev FAILED on 82XX init failure (Chad Dupuis) [656999]\n- [scsi] qla4xxx: fail init if pci mem write fails (Chad Dupuis) [656999]\n- [scsi] qla4xxx: ensure proper qla4xxx_conn_start state (Chad Dupuis) [656999]\n- [scsi] qla4xxx: do not process interrupts unconditionally (Chad Dupuis) [656999]\n- [scsi] qla4xxx: fix add w/iscsi2_create_conn not done yet (Chad Dupuis) [656999]\n- [scsi] qla4xxx: no fw hung if reset retry is in progress (Chad Dupuis) [656999]\n- [scsi] qla4xxx: correct use of cmd->host_scribble (Chad Dupuis) [656999]\n- [scsi] qla4xxx: msi init request_irq parameter usage fix (Chad Dupuis) [656999]\n- [scsi] qla4xxx: cleanup qla4xxx_wait_for_hba_online (Chad Dupuis) [656999]\n- [scsi] qla4xxx: grab hardware_lock before accessing srb (Chad Dupuis) [656999]\n- [scsi] qla4xxx: remove unwanted check for bad spd (Chad Dupuis) [656999]\n- [scsi] qla4xxx: update AER support for ISP82XX (Chad Dupuis) [656999]\n- [scsi] qla4xxx: clear rom lock if firmware died holding (Chad Dupuis) [656999]\n- [scsi] qla4xxx: CRB Register for Request Queue in-pointer (Chad Dupuis) [656999]\n- [scsi] qla4xxx: dump mailbox registers on System Error (Chad Dupuis) [656999]\n- [scsi] qla4xxx: add support for 8130/8131 AENs (Chad Dupuis) [656999]\n- [scsi] qla4xxx: fix seconds_since_last_heartbeat reset (Chad Dupuis) [656999]\n- [scsi] qla4xxx: no wait for outstanding command complete (Chad Dupuis) [656999]\n- [scsi] qla4xxx: free_irqs on failed initialize_adapter (Chad Dupuis) [656999]\n- [virt] xen: fix netback hotplug regression in xenbus fix (Laszlo Ersek) [635999]\n- [xen] fix 64-bit PV guest user mode segv crashing host (Paolo Bonzini) [658354] {CVE-2010-4255}\n[2.6.18-235.el5]\n- [net] filter: fix backport error in prior filter fix (Jarod Wilson) [651703]\n[2.6.18-234.el5]\n- [s390] vmlogrdr: purge after recording is switched off (Hendrik Brueckner) [653479]\n- [wireless] ieee80211: fix deauthentication (Stanislaw Gruszka) [644367]\n- [wireless] zd1211rw: fix associate after disassociate (Stanislaw Gruszka) [644367]\n- [fs] proc: fix NULL ->i_fop oops (Steve Best) [655083]\n- [scsi] lpfc: Update version to 8.2.0.87.1p (Rob Evers) [655119]\n- [scsi] lpfc: set heartbeat timer off by default (Rob Evers) [655119]\n- [scsi] lpfc: fix NULL deref duing allocation failure (Rob Evers) [655119]\n- [scsi] lpfc: fix remote SLI4 firmware download data bug (Rob Evers) [655119]\n- [scsi] lpfc: fix FDMI_DID login failure after link bounce (Rob Evers) [655119]\n- [scsi] lpfc: handle CVL after nameserver PLOGI timeouts (Rob Evers) [655119]\n- [scsi] lpfc: cleanup mbox cmds in mboxq_cmpl if CVL rcvd (Rob Evers) [655119]\n- [misc] posix-cpu-timers: workaround for mt exec problems (Oleg Nesterov) [656266]\n- [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645227]\n- [net] bnx2x: force interrupt mode for iscsi unset mac (Michal Schmidt) [655885]\n- [scsi] bnx2i: allow to abort connect if request times out (Mike Christie) [653991]\n- [scsi] bnx2i: fix remote TCP RST handling for 570X (1g) (Mike Christie) [653991]\n- [scsi] bnx2i: fix a cid leak issue for 5771X (10g) (Mike Christie) [653991]\n- [scsi] bnx2i: fix endian bug in TMF LUN cmd send (Mike Christie) [653991]\n- [misc] prevent divide by 0 in the kernel during boot (Larry Woodman) [508140]\n- [net] filter: make sure filters dont read uninit memory (Jiri Pirko) [651703] {CVE-2010-4158}\n- [net] inet_diag: make sure we run audited bytecode (Jiri Pirko) [651267]\n- [net] limit sendto/recvfrom/iovec total length to INT_MAX (Jiri Pirko) [645872] {CVE-2010-3859}\n- [bluetooth] hci_ldisc: fix missing NULL check (Jarod Wilson) [655666]\n- [net] be2net: avoid firmware update if interface not open (Ivan Vecera) [651948]\n- [ipc] shm: fix information leak to userland (Danny Feng) [648687] {CVE-2010-4072}\n- [ipc] initialize struct memory to 0 for compat functions (Danny Feng) [648693] {CVE-2010-4073}\n- [net] netxen: dont use reset_devices, it may go away (Chad Dupuis) [643254]\n- [net] netxen: fix kdump (Chad Dupuis) [643254]\n- [net] qlcnic: avoid reset_devices, it may become obsolete (Chad Dupuis) [656008]\n- [net] qlcnic: fix for kdump (Chad Dupuis) [656008]\n- [pci] block on access to temporarily unavailable device (Chad Dupuis) [656008]\n- [serial] serial_core: clean data before filling it (Mauro Carvalho Chehab) [648701] {CVE-2010-4075}\n- [edac] i7core_edac: return -ENODEV if dev already probed (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: properly terminate pci_dev_table (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix PCI refcounting on reloads (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix refcount error at PCI devices (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: safe to unregister mci when mci NULL (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix an oops at i7core probe (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: remove unused member in i7core_pvt (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: remove unused arg in get_dimm_config (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: reduce args of i7core_register_mci (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: use saved pointers (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: check probe counter in i7core_remove (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: call pci_dev_put on alloc failure (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix error path of i7core_register_mci (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix line order in i7core_register_mci (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: always do get/put for all devices (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: ensure edac pci handler release (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: introduce free_i7core_dev (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: introduce alloc_i7core_dev (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: reduce args of i7core_get_onedevice (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: fix the logic in i7core_remove (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: dont do legacy PCI probe by default (Mauro Carvalho Chehab) [651869]\n- [edac] edac_core: print debug messages at release calls (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: remove PCI devices from devices list (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: MCE NMI handling should stop first (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: improve debug register/remove errors (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: move #if PAGE_SHIFT to edac_core.h (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: terminate the group of udimm counters (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: mark const static vars as such (Mauro Carvalho Chehab) [651869]\n- [edac] i7core_edac: move static vars to the top of file (Mauro Carvalho Chehab) [651869]\n- [virt] xen: add bounds req-process loop in blkback/blktap (Laszlo Ersek) [654546] {CVE-2010-4247}\n- [virt] xen: dont leak dev refs on bad xenbus transitions (Laszlo Ersek) [635999] {CVE-2010-3699}\n- [mm] fix possible integer overflow in mm/fremap.c (Larry Woodman) [637047]\n- [misc] futex: replace LOCK_PREFIX in futex.h (Jiri Pirko) [633176] {CVE-2010-3086}\n[2.6.18-233.el5]\n- [scsi] mpt2sas: use sas device list for enclosure id (Tomas Henzl) [652284]\n- [scsi] ipr: fix mailbox register definition and add delay (Steve Best) [654446]\n- [scsi] ipr: fix lun assignment and comparison (Steve Best) [654446]\n- [powerpc] add AT_BASE_PLATFORM to Aux Vector and power7 (Steve Best) [652279]\n- [infiniband] ehea: use shca_list_lock spinlock (Steve Best) [613797]\n- [powerpc] kdump: CPUs assume context of oopsing CPU (Steve Best) [509792]\n- [scsi] lpfc: Update version for 8.2.0.87 driver release (Rob Evers) [649489]\n- [scsi] lpfc: add handling SLI4 unsolicted ELS RTV (Rob Evers) [649489]\n- [scsi] lpfc: add handling ECHO response support (Rob Evers) [649489]\n- [scsi] lpfc: ad d h a n d l i n g o f S L I 4 u n s o l i c t e d E L S ( R o b E v e r s ) [ 6 4 9 4 8 9 ] b r > - [ s c s i ] l p f c : f i x l o c k i n g f o r s e c u r i t y m a i l b o x c o m m a n d s ( R o b E v e r s ) [ 6 4 9 4 8 9 ] b r > - [ s c s i ] l p f c : a b o r t I / O s a n d w a i t o n X R I i n S L I 4 u n l o a d ( R o b E v e r s ) [ 6 4 9 4 8 9 ] b r > - [ s c s i ] l p f c : h a n d l e d e v l o s s t i m e o u t i n F I P e n g i n e ( R o b E v e r s ) [ 6 4 9 4 8 9 ] b r > - [ s c s i ] l p f c : f i x c r a s h e s o n N U L L p n o d e d e r e f e r e n c e ( R o b E v e r s ) [ 6 4 9 4 8 9 ] b r > - [ n e t ] c n i c : A d d c n i c _ f r e e _ u i o ( M i k e C h r i s t i e ) [ 6 5 1 2 8 7 ] b r > - [ n e t ] c n i c : A d d c n i c _ u i o _ d e v s t r u c t ( M i k e C h r i s t i e ) [ 6 5 1 2 8 7 ] b r > - [ n e t ] c n i c : A d d c n i c _ f r e e _ u i o ( M i k e C h r i s t i e ) [ 6 5 1 2 8 7 ] b r > - [ n e t ] c n i c : F i n e - t u n e r i n g i n i t c o d e ( M i k e C h r i s t i e ) [ 6 5 1 2 8 7 ] b r > - [ m i s c ] f i x d i r t y _ b y t e s s y s c t l n a m e ( L a r r y W o o d m a n ) [ 6 3 5 7 8 2 ] b r > - [ f s ] p r o c f s : a c q u i r e i n o d e m u t e x a r o u n d l l s e e k o p e r a t i o n ( L a c h l a n M c I l r o y ) [ 6 4 4 7 2 6 ] b r > - [ v i r t ] n e t f r o n t : d e f a u l t t o c o p y i n g i n s t e a d o f f l i p p i n g ( L a s z l o E r s e k ) [ 6 5 3 2 6 2 ] b r > - [ v i r t ] n e t b a c k : d o n t b a l l o o n u p f o r c o p y i n g r e c e i v e r s ( L a s z l o E r s e k ) [ 6 5 3 5 0 1 ] b r > - [ n e t ] r d s : f i x r d s _ i o v e c p a g e c o u n t o v e r f l o w ( J i r i P i r k o ) [ 6 4 7 4 2 2 ] b r > - [ n e t ] v i r t i o _ n e t : a d d l i n k s t a t u s h a n d l i n g ( J a s o n W a n g ) [ 6 4 9 5 7 3 ] b r > - [ n e t ] b e 2 n e t : U p d a t e b e 2 n e t t o v e r s i o n 2 . 1 0 2 . 5 1 2 r ( I v a n V e c e r a ) [ 6 4 7 2 5 9 ] b r > - [ c h a r ] w a t c h d o g : a n o t h e r L P C C o n t r o l l e r I D f o r P a t s b u r g ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ m i s c ] a n o t h e r L P C C o n t r o l l e r I D f o r I n t e l P a t s b u r g P C H ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ i 2 c ] i 2 c - i 8 0 1 : A d d I n t e l P a t s b u r g d e v i c e I D ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ m i s c ] p c i : u p d a t e I n t e l P a t s b u r g d e f i n e s ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ m i s c ] x 8 6 / P C I i r q a n d p c i _ i d s f o r I n t e l P a t s b u r g D e v i c e s ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ s o u n d ] A L S A H D A u d i o f o r I n t e l P a t s b u r g D e v i c e I D s ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ c h a r ] w a t c h d o g : T C O W a t c h d o g f o r I n t e l P a t s b u r g D e v i c e s ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ a t a ] a h c i : A H C I a n d R A I D m o d e f o r I n t e l P a t s b u r g D e v i c e s ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ a t a ] a t a _ p i i x : I D E M o d e S A T A f o r I n t e l P a t s b u r g D e v i c e s ( D a v i d M i l b u r n ) [ 5 7 0 8 6 8 ] b r > - [ n e t ] f i x d e a d l o c k i n s o c k _ q u e u e _ r c v _ s k b ( D a n n y F e n g ) [ 6 5 2 5 3 7 ] b r > - [ s c s i ] q l a 2 x x x : c h e c k n u l l f c p o r t i n _ q u e u e c o m m a n d s ( C h a d D u p u i s ) [ 6 4 4 8 6 3 ] b r > - [ n e t ] q l c n i c : F i x m i s s i n g e r r o r c o d e s ( C h a d D u p u i s ) [ 6 3 7 1 9 4 ] b r > - [ u s b ] w a c o m : a d d s u p p o r t f o r C i n t i q 2 1 U X 2 ( A r i s t e u R o z a n s k i ) [ 6 5 2 7 3 1 ] b r > - [ x e n ] h v m : a d d H V M O P _ g e t _ t i m e h y p e r c a l l ( P a o l o B o n z i n i ) [ 6 3 8 0 8 2 ] b r > b r > [ 2 . 6 . 1 8 - 2 3 2 . e l 5 ] b r > - [ s c s i ] m p t 2 s a s : u s e c o r r e c t p c i _ r e s o u r c e _ f l a g f o r c o m p a r e ( T o m a s H e n z l ) [ 6 4 9 8 8 5 ] b r > - [ s o u n d ] r m e 9 6 5 2 : p r e v e n t r e a d i n g u n i n i t i a l i z e d s t a c k m e m ( S t a n i s l a w G r u s z k a ) [ 6 4 8 7 0 9 6 4 8 7 1 4 ] { C V E - 2 0 1 0 - 4 0 8 0 C V E - 2 0 1 0 - 4 0 8 1 } b r > - [ n e t ] p a c k e t : f i x i n f o r m a t i o n l e a k t o u s e r l a n d ( J i r i P i r k o ) [ 6 4 9 8 9 8 ] b r > - [ i p c ] s y s _ s e m c t l : f i x k e r n e l s t a c k l e a k a g e ( D a n n y F e n g ) [ 6 4 8 7 2 2 ] { C V E - 2 0 1 0 - 4 0 8 3 } b r > - [ m i s c ] k e r n e l : r e m o v e y i e l d f r o m s t o p _ m a c h i n e p a t h s ( O l e g N e s t e r o v ) [ 6 3 4 4 5 4 ] b r > - [ f s ] d l m : r e d u c e c o n d _ r e s c h e d d u r i n g s e n d ( D a v i d T e i g l a n d ) [ 6 0 4 1 3 9 ] b r > - [ f s ] d l m : u s e T C P _ N O D E L A Y ( D a v i d T e i g l a n d ) [ 6 0 4 1 3 9 ] b r > - [ f s ] n f s : f i x a r e f e r r a l e r r o r O o p s ( S t e v e D i c k s o n ) [ 5 5 6 8 8 6 ] b r > - [ f s ] g f s 2 : f i x r a c e i n u n l i n k e d i n o d e d e a l l o c a t i o n ( R o b e r t S P e t e r s o n ) [ 6 4 3 1 6 5 ] b r > - [ s c s i ] r e t r y o n D I D _ R E Q U E U E e r r o r s ( M i k e C h r i s t i e ) [ 6 2 7 8 3 6 ] b r > - [ n e t ] s c t p : d o n o t r e s e t p a c k e t d u r i n g s c t p _ p a c k e t _ c o n f i g ( J i r i P i r k o ) [ 6 3 7 8 6 7 ] b r > - [ n e t ] b n x 2 : a d d A E R s u p p o r t ( J o h n F e e n e y ) [ 6 1 7 0 2 4 ] b r > - [ n e t ] b o n d i n g : n o l o c k o n c o p y / c l e a r V L A N l i s t o n s l a v e ( A n d y G o s p o d a r e k ) [ 6 2 7 9 7 4 ] b r > - [ s c s i ] g d t h : p r e v e n t i n t e g e r o v e r f l o w i n i o c _ g e n e r a l ( F r a n t i s e k H r b a t a ) [ 6 5 1 1 7 6 ] b r > b r > [ 2 . 6 . 1 8 - 2 3 1 . e l 5 ] b r > - [ s c s i ] s c s i _ d h _ a l u a : r e m o v e I B M P o w e r V i r t u a l S C S I A L U A ( S t e v e B e s t ) [ 5 6 7 2 9 2 ] b r > - [ f s ] g f s 2 : f l o c k ( L O C K _ E X | L O C K _ N B ) b l o c k s ( R o b e r t S P e t e r s o n ) [ 6 4 8 6 0 2 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 8 6 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 4 5 8 8 1 ] b r > - [ s c s i ] l p f c : f i x r a c e s e n d i n g F D I S C t o u n - i n i t V P I ( R o b E v e r s ) [ 6 4 5 8 8 1 ] b r > - [ s c s i ] l p f c : f i x m a i l b o x h a n d l i n g f o r U N R E G _ R P I _ A L L c a s e ( R o b E v e r s ) [ 6 4 5 8 8 1 ] b r > - [ k e r n e l ] a d d s t o p _ m a c h i n e b a r r i e r t o f i x l o c k c o n t e n t i o n ( P r a r i t B h a r g a v a ) [ 6 3 4 4 5 4 ] b r > - [ s c s i ] b n x 2 i : f i x i p a d d r e s s f o r m a t t i n g a n d o o p s ( M i k e C h r i s t i e ) [ 6 4 6 7 0 8 ] b r > - [ s c s i ] b e 2 i s c s i : r e m o v e p r e m a t u r e f r e e o f c i d ( M i k e C h r i s t i e ) [ 6 4 0 0 2 9 ] b r > - [ f s ] p r o c : m a k e p r o c p i d l i m i t s w o r l d r e a d a b l e ( J i r i O l s a ) [ 6 1 1 5 3 5 ] b r > - [ i d e ] a t i i x p : f i x l o c k i n g h a n g i n i d e l a y e r A T I I X P d r i v e r ( J a m e s L e d d y ) [ 5 8 6 4 8 2 ] b r > - [ s e c u r i t y ] o n l y c h e c k m m a p _ m i n _ a d d r p e r m s f o r w r i t e ( E r i c P a r i s ) [ 6 2 3 5 1 9 ] b r > - [ a t a ] s a t a _ s i l 2 4 : a d d D I D f o r a n o t h e r a d a p t e c f l a v o r ( D a v i d M i l b u r n ) [ 6 4 0 5 8 6 ] b r > - [ s 3 9 0 ] c i o : p r e v e n t p a n i c i n I / O c a n c e l f u n c t i o n ( H e n d r i k B r u e c k n e r ) [ 6 4 7 8 0 7 ] b r > - [ s 3 9 0 ] c i o : p r e v e n t p a n i c a f t e r u n e x p e c t e d I / O i n t e r r u p t ( H e n d r i k B r u e c k n e r ) [ 6 4 7 5 0 2 ] b r > b r > [ 2 . 6 . 1 8 - 2 3 0 . e l 5 ] b r > - [ f s ] n f s : f i x r e g r e s s i o n i n N F S D i r e c t I / O p a t h ( S t e v e D i c k s o n ) [ 6 4 7 2 9 7 ] b r > - [ f s ] n f s : a l l o w d i f f e r e n t p r o t o c o l m o u n t s t o s a m e s e r v e r ( S t e v e D i c k s o n ) [ 4 6 0 6 5 9 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 8 5 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x a B U G _ O N i n l p f c _ a b o r t _ h a n d l e r ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : u s e p c i r e s e t f u n c t i o n o n d r i v e r u n l o a d ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : r e p l a c e s o m e s p i n _ l o c k _ i r q s w / s p i n _ l o c k s ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f a i l i o w / l o s t f r a m e a n d t a r g e t c h e c k c o n d ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x a b o r t W Q E s f o r F I P f r a m e s ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 8 4 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : u n r e g a l l r p i m b o x c o m m a n d b e f o r e u n r e g v p i ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : m a k e a l l e r r o r v a l u e s n e g a t i v e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : r e m o v e d u p l i c a t e c o d e f r o m l p f c _ e l s _ r e t r y ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x c i r c u l a r s p i n l o c k d e p w / s c s i m i d l a y e r ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 8 3 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x F L O G I i s s u e w i t h M c D a t a 4 7 0 0 F C s w i t c h ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x p o s s i b l e r o u n d r o b i n f a i l o v e r f a i l u r e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x u n r e g i s t e r o f u n u s e d F C F o n t i m e o u t ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x h e a r t b e a t t i m e o u t d u r i n g p a u s e t e s t ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 8 2 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x l p f c _ e l s _ r e t r y d e l a y / r e t r y f o r P L O G I ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : s t r e a m l i n e s o m e s p i n l o c k s ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x l p f c _ i n i t i a l _ f l o g i r e t u r n o n f a i l u r e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x s t r a y s t a t e u p d a t e i s s u e w i t h n e w F C F ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : t r e a t F C F p r o p w i t h d i f f e r e n t i n d e x a s e r r o r ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x m i s c a u t h i s s u e s o n E m u l e x S e c u r e F C H B A ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 8 1 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : m o v e u n l o a d f l a g e a r l i e r i n v p o r t d e l e t e ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x I O C B l e a k o n F D I S C c o m p l e t i o n ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] l p f c : f i x p o s s i b l e c r a s h o n n o n - S L I 4 h b a ( R o b E v e r s ) [ 6 3 9 0 2 8 ] b r > - [ s c s i ] m p t 2 s a s : f i x p a n i c w / d i r e c t a t t a c h e d S E P ( J a r o d W i l s o n ) [ 6 4 1 0 8 6 ] b r > - [ r e d h a t ] s p e c : c l e a n u p r p m b u i l d k a b i d e p s d e t r i t u s ( J a r o d W i l s o n ) [ 6 4 4 1 2 9 ] b r > - [ n e t ] b n x 2 : I n c r e a s e m a x r x r i n g s i z e f r o m 1 K t o 2 K ( A n d y G o s p o d a r e k ) [ 6 4 0 0 2 6 ] b r > - [ n e t ] b n x 2 : f i x u p b r o k e n N A P I a c c o u n t i n g ( A n d y G o s p o d a r e k ) [ 6 4 0 0 2 6 ] b r > - [ s 3 9 0 ] q e t h : p o r t n o 1 s u p p o r t f o r O S M - d e v i c e i n s u f f i c i e n t ( H e n d r i k B r u e c k n e r ) [ 6 4 4 0 0 8 ] b r > b r > [ 2 . 6 . 1 8 - 2 2 9 . e l 5 ] b r > - [ p c i ] i n c l u d e D L 5 8 0 G 7 i n b f s o r t w h i t e l i s t ( T o n y C a m u s o ) [ 6 4 4 8 7 9 ] b r > - [ n e t ] i g b : f i x T X h a n g w h e n l o a d i n g i g b w i t h m a x _ v f s > 7 ( S t e f a n A s s m a n n ) [ 6 4 5 2 8 4 ] b r > - [ v i r t ] f i x t i m e k e e p i n g _ u s e _ t s c c h e c k i n i n i t _ t s c _ t i m e r ( P r a r i t B h a r g a v a ) [ 6 4 3 9 2 6 ] b r > - [ n e t ] b o n d i n g : s u p p o r t n e t c o n s o l e o v e r b o n d e d l i n k ( N e i l H o r m a n ) [ 2 3 5 3 4 3 ] b r > - [ v i r t ] x e n : i n c r e a s e t x q u e u e l e n o f n e t b a c k v i f d e v i c e s ( M i r o s l a v R e z a n i n a ) [ 5 3 9 6 2 6 ] b r > - [ s o u n d ] c o r e : p r e v e n t h e a p c o r r u p t i o n i n s n d _ c t l _ n e w ( J e r o m e M a r c h a n d ) [ 6 3 8 4 8 4 ] { C V E - 2 0 1 0 - 3 4 4 2 } b r > - [ n e t ] u p d a t e d d r i v e r s n e e d v e r s i o n s t r i n g u p d a t e s t o o ( A n d y G o s p o d a r e k ) [ 6 3 5 0 2 7 ] b r > - [ m i s c ] s o f t l o c k u p : i n c r e a s e t i m e o u t t o 6 0 s e c o n d s ( D o n Z i c k u s ) [ 6 4 3 7 0 7 ] b r > - [ v i r t ] x e n : f i x v d s o f a i l u r e u n d e r x e n p v e n v i r o n m e n t ( D a n n y F e n g ) [ 6 4 4 8 6 0 ] b r > - [ s c s i ] q l a 2 x x x : f i x z e r o t e s t o n a r r a y i n q l _ f c _ l o o p b a c k ( C h a d D u p u i s ) [ 6 4 4 1 3 6 ] b r > - [ u s b ] n e t / c a t c : c h a n g e N I C s T X _ M A X _ B U R S T , f i x e s p r o b e ( B o b P i c c o ) [ 6 3 7 8 2 6 ] b r > - [ v i r t ] c o n s o l e : d o n t b l o c k g u e s t i f h o s t d o e s n t r e a d ( A m i t S h a h ) [ 6 4 4 7 3 5 ] b r > - [ m e d i a ] v i d e o : r e m o v e c o m p a t c o d e f o r V I D I O C S M I C R O C O D E ( M a u r o C a r v a l h o C h e h a b ) [ 6 4 2 4 7 1 ] { C V E - 2 0 1 0 - 2 9 6 3 } b r > - [ x e n ] v t d : l e t I O M M U u s e a n o t h e r I R Q w i t h o u t c o n f l i c t ( D o n D u g g e r ) [ 5 7 5 7 9 0 ] b r > - [ n e t ] b o n d i n g : c o r r e c t l y p r o c e s s n o n - l i n e a r s k b s ( A n d y G o s p o d a r e k ) [ 6 1 9 0 7 0 ] b r > - [ n e t ] r d s : f i x l o c a l p r i v i l e g e e s c a l a t i o n ( E u g e n e T e o ) [ 6 4 2 8 9 8 ] { C V E - 2 0 1 0 - 3 9 0 4 } b r > b r > [ 2 . 6 . 1 8 - 2 2 8 . e l 5 ] b r > - [ c h a r ] t p m : p a y a t t e n t i o n t o I R Q i n f o f r o m P N P i n t p m _ t i s ( S t e f a n A s s m a n n ) [ 6 3 6 7 6 0 ] b r > - [ m i s c ] c p u f r e q : a d d m i s s i n g c p u f r e q _ c p u _ p u t ( P r a r i t B h a r g a v a ) [ 6 4 3 0 8 0 ] b r > - [ m d ] f i x s o f t l o c k u p i s s u e w a i t i n g f o r r e s y n c t o f i n i s h ( J a m e s P a r a d i s ) [ 5 7 3 1 0 6 ] b r > - [ s 3 9 0 ] d a s d _ e c k d : r e m o v e P S F o r d e r / s u b o r d e r i o c t l c h e c k ( J o h n F e e n e y ) [ 5 6 5 9 7 3 ] b r > - [ f s ] x f s : f i x s p e c u l a t i v e a l l o c a t i o n b e y o n d e o f ( D a v e C h i n n e r ) [ 6 3 8 7 5 3 ] b r > b r > [ 2 . 6 . 1 8 - 2 2 7 . e l 5 ] b r > - [ n e t ] i x g b e : a d d o p t i o n t o c o n t r o l i n t e r r u p t m o d e ( A n d y G o s p o d a r e k ) [ 5 7 1 4 9 5 ] b r > - [ m d ] r a i d 0 : f i x d a t a c o r r u p t i o n o n 3 2 - b i t w / l a r g e s t o r a g e ( S t a n i s l a w G r u s z k a ) [ 5 7 3 1 8 5 ] b r > - [ s c s i ] f i x w r i t e b u f f e r l e n g t h i n s c s i _ r e q _ m a p _ s g ( S t e v e B e s t ) [ 6 3 7 2 3 5 ] b r > - [ s c s i ] i p r : b a c k o u t i s r o p t i m i z a t i o n c h a n g e s ( S t e v e B e s t ) [ 6 3 4 2 1 3 ] b r > - [ s c s i ] i p r : f i x r s r c a d d r f o r m a t a n d a d d a t t r f o r d e v I D ( S t e v e B e s t ) [ 6 3 4 2 1 3 ] b r > - [ f s ] j b d 2 : p r o p e r l y a l i g n s i z e d s l a b c a c h e s ( E r i c S a n d e e n ) [ 6 3 8 9 6 1 ] b r > - [ f s ] e x t 4 : d o n t s c a n / a c c u m u l a t e t o o m a n y p a g e s ( E r i c S a n d e e n ) [ 5 7 2 9 3 0 ] b r > - [ f s ] g f s 2 : f i x f a t a l f i l e s y s t e m c o n s i s t e n c y e r r o r ( R o b e r t S P e t e r s o n ) [ 5 2 9 9 1 4 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 8 0 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : a d d S e c u r i t y C r y p t o s u p p o r t t o C O N F I G _ P O R T ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : r e m o v e u n u s e d v a r i a b l e s ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : l o g m s g 0 3 1 8 i s a w a r n i n g , n o t a n e r r o r ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x b u g w / c a b l e s w a p a n d n o n - e m p t y n o d e l i s t ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x a f a i l u r e t o r o u n d r o b i n o n a l l F C F s ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x h e a r t b e a t t i m e o u t d u r i n g f a b r i c r e c o n f i g ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 7 9 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x a C l e a r V i r t u a l L i n k r e c o v e r y f a i l u r e ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : c l e a r V F I _ R E G I S T E R E D f l a g a f t e r U N R E G _ V F I ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : i g n o r e f a i l u r e o f R E G _ V P I m b o x w / U P D b i t s e t ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x i o c t l u s i n g i n a c t i v e n d l p f o r c t r e s p ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x b u g w / n d l p n o t a c t i v a t e d p o s t - c a b l e s w a p ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : a d d s u p p o r t U P D b i t o f R E G _ V P I m a i l b o x c m d ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x d r i v e r d i s c o v e r y i s s u e a f t e r l i n k b o u n c e ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x V L A N I D 0 x F F F s e t t o r e g _ f c f i m b o x c m d ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : u p d a t e v e r s i o n f o r 8 . 2 . 0 . 7 8 d r i v e r r e l e a s e ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x r a c e c o n d i t i o n c a u s i n g > 1 F L O G I c o m m a n d s ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : e n h a n c e r o u n d - r o b i n F C F f a i l o v e r a l g o r i t h m ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : c l e a r I g n o r e R e g L o g i n w h e n p u r g i n g m a i l b o x ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x f o r E L S c o m m a n d s s t u c k o n t x q ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : a d d e d t a r g e t q u e u e d e p t h m o d u l e p a r a m e t e r ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] l p f c : f i x R o u n d R o b i n F C F f a i l o v e r i s s u e ( R o b E v e r s ) [ 6 1 9 9 1 7 ] b r > - [ s c s i ] r e - e n a b l e t r a n s i s t i o n s f r o m O F F L I N E t o R U N N I N G ( M i k e C h r i s t i e ) [ 6 4 1 1 9 3 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : p r o p e r l y i n i t p e r - c s r o w m e m o r y s i z e ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : b e t t e r i n i t i a l i z e p a g e c o u n t s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ r e d h a t ] c o n f i g s : e n a b l e e d a c d e b u g g i n g d e b u g k e r n e l s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : b a c k p o r t d r i v e r t o R H E L 5 . 6 c o d e b a s e ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : a d d a p p r o p r i a t e M A I N T A I N E R S i n f o ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : c o d i n g s t y l e c l e a n u p s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : i m p r o v e i n l i n e c o m m e n t s / d o c u m e n t a t i o n ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : r e o r g a n i z e f i l e c o n t e n t s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : p r o p e r l y d e t e c t c h a n n e l o n C E e r r o r s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : e n r i c h F B D i n f o f o r c o r r e c t e d e r r o r s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : e n r i c h F B D e r r o r i n f o f o r f a t a l e r r o r s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : p r e - a l l o c a t e b u f f e r f o r e r r o r m e s s a g e s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : f i x M T R x 4 / x 8 d e t e c t i o n l o g i c ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : m a k e d e b u g m e s s a g e s c o n s i s t e n t ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : r e m o v e s t a l e g e t _ e r r o r _ i n f o l o g i c ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : a d d e r r o r r e g i s t e r s c l e a n u p s u p p o r t ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : a d d s u p p o r t f o r r e p o r t i n g F B D e r r o r s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : p r o p e r l y d e t e c t e r r o r c o r r e c t i o n t y p e ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : d e t e c t i f d e v i c e i s i n s i n g l e m o d e ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : a d d d e t e c t i o n o f e n h a n c e d s c r u b m o d e ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : c l e a r e r r o r b i t a f t e r r e a d i n g ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : a d d e r r o r d e t e c t i o n f o r g l o b a l e r r o r s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : b e t t e r P C I d e v i c e n a m e s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : A d d F I X M E a b o u t e r r o r c o r r e c t i o n t y p e ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : a d d g l o b a l e r r o r r e g i s t e r s ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : d i s p l a y i n f o i f E C C i s e n a b l e d o r n o t ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ e d a c ] i 7 3 0 0 _ e d a c : n e w d r i v e r f o r I n t e l i 7 3 0 0 c h i p s e t ( M a u r o C a r v a l h o C h e h a b ) [ 4 8 7 4 2 8 ] b r > - [ m m ] k s w a p d : d o n t g e t s t u c k i n D s t a t e w / f r a g m e n t e d m e m ( L a r r y W o o d m a n ) [ 6 0 9 6 6 8 ] b r > - [ m i s c ] x 8 6 _ 6 4 : f i x h a n g a t B o o t i n g p r o c e s s o r 1 / 8 A P I C ( J o h n V i l l a l o v o s ) [ 6 3 9 8 5 1 ] b r > - [ m i s c ] o p r o f i l e : a d d b a c k t r a c e s f o r c o m p a t m o d e p r o c e s s e s ( J i r i O l s a ) [ 6 2 2 0 2 4 ] b r > - [ n e t ] t g 3 : r e - e n a b l e 5 7 1 7 B 0 s u p p o r t ( J o h n F e e n e y ) [ 6 3 4 3 2 0 ] b r > - [ n e t ] t g 3 : f i x 5 7 1 7 / 5 7 7 6 5 / 5 7 1 9 m e m o r y l e a k ( J o h n F e e n e y ) [ 6 3 1 9 6 3 ] b r > - [ n e t ] t g 3 : d i s p l a y F W v e r s i o n , h a n d l e F W e v e n t s c o r r e c t l y ( J o h n F e e n e y ) [ 6 3 4 3 2 5 ] b r > - [ n e t ] b n x 2 : i m p r o v e t x f a s t p a t h p e r f o r m a n c e ( J o h n F e e n e y ) [ 6 3 2 0 5 7 ] b r > - [ n e t ] e n i c : u p d a t e t o u p s t r e a m v e r s i o n 1 . 4 . 1 . 2 ( A n d y G o s p o d a r e k ) [ 5 6 8 1 1 1 ] b r > - [ n e t ] i x g b e : f i x 8 2 5 9 8 l i n k i s s u e a n d p a n i c w / s h a r e d i r q ( A n d y G o s p o d a r e k ) [ 6 3 7 3 3 1 ] b r > - [ n e t ] m l x 4 : b u m p m a x l o g _ m t t s _ p e r _ s e g m e m o r y r e s e r v a t i o n ( J a y F e n l a s o n ) [ 6 3 6 1 9 8 ] b r > - [ u s b ] n e t : a d d s u p p o r t f o r C D C E E M ( D o n Z i c k u s ) [ 5 7 2 5 1 9 ] b r > - [ s c s i ] q l a 2 x x x : c l e a r p o s t - u n c o r r e c t a b l e n o n - f a t a l e r r o r s ( C h a d D u p u i s ) [ 5 7 2 2 5 8 ] b r > - [ n e t ] q l c n i c : f i x p o l l i m p l e m e n t a t i o n ( C h a d D u p u i s ) [ 6 2 5 0 8 4 ] b r > - [ n e t ] q l c n i c : T S O f e a t u r e a d d e d f o r v l a n d e v i c e s ( C h a d D u p u i s ) [ 6 2 5 0 8 4 ] b r > - [ n e t ] q l c n i c : f i x d i a g r e s o u r c e a l l o c a t i o n ( C h a d D u p u i s ) [ 6 2 5 0 8 4 ] b r > - [ n e t ] q l c n i c : f i x l o o p b a c k t e s t ( C h a d D u p u i s ) [ 6 2 5 0 8 4 ] b r > - [ n e t ] q l c n i c : f i x b a n d w i d t h c h e c k ( C h a d D u p u i s ) [ 6 2 5 0 8 4 ] b r > - [ n e t ] q l c n i c : f i x g r o s u p p o r t ( C h a d D u p u i s ) [ 6 2 5 0 8 4 ] b r > - [ s 3 9 0 ] k e r n e l : f i x f o r k v s / p r o c / s t a t r a c e ( H e n d r i k B r u e c k n e r ) [ 6 2 7 2 9 8 ] b r > - [ m i s c ] a m d _ i o m m u : f i x k d u m p O O M i s s u e s e e n w i t h i o m m u = p t ( B h a v n a S a r a t h y ) [ 6 2 7 6 6 3 ] b r > - [ f s ] e x e c v e : f i x i n t e r a c t i v i t y a n d r e s p o n s e t o S I G K I L L ( D a v e A n d e r s o n ) [ 6 2 9 1 7 6 ] b r > - [ v i r t ] v i r t i o _ c o n s o l e : f i x u s e r s p a c e N U L L b u f f e r s u b m i t s ( A m i t S h a h ) [ 6 3 6 0 4 6 ] b r > - [ v i r t ] v i r t i o _ c o n s o l e : f i x p o l l b l o c k i n g w h e n d a t a r e a d y ( A m i t S h a h ) [ 6 3 6 0 2 0 ] b r > - [ v i r t ] v i r t i o _ c o n s o l e : s e n d S I G I O a s n e e d e d f o r h o s t e v t s ( A m i t S h a h ) [ 6 3 6 0 5 3 ] b r > - [ v i r t ] v i r t i o _ c o n s o l e : m a k e h o t - u n p l u g s a f e ( A m i t S h a h ) [ 6 2 8 8 2 8 ] b r > - [ n e t ] v i r t i o _ n e t : d e f e r s k b a l l o c a t i o n i n r e c e i v e p a t h ( A n t h o n y L i g u o r i ) [ 5 6 5 5 6 0 ] b r > - [ m i s c ] i n c r e a s e l o g b u f s i z e t o 5 1 2 K ( D o n Z i c k u s ) [ 5 6 3 5 3 5 ] b r > - [ x e n ] h v m : c o r r e c t a c c u r a c y o f p m t i m e r ( A n d r e w J o n e s ) [ 6 3 3 0 2 8 ] b r > - [ x e n ] f i x g u e s t c r a s h o n n o n - E P T m a c h i n e m a y c r a s h h o s t ( P a o l o B o n z i n i ) [ 6 2 1 4 3 0 ] { C V E - 2 0 1 0 - 2 9 3 8 } b r > b r > [ 2 . 6 . 1 8 - 2 2 6 . e l 5 ] b r > - [ n e t ] b o n d i n g : f i x I G M P r e p o r t o n s l a v e d u r i n g f a i l o v e r ( F l a v i o L e i t n e r ) [ 6 3 7 7 6 4 ] b r > b r > [ 2 . 6 . 1 8 - 2 2 5 . e l 5 ] b r > - [ u s b ] s e r i a l / p l 2 3 0 3 : a d d i d f o r H P L D 2 2 0 - H P P O S d i s p l a y ( D o n Z i c k u s ) [ 5 8 0 6 9 8 ] b r > b r > [ 2 . 6 . 1 8 - 2 2 4 . e l 5 ] b r > - [ s c s i ] m p t 2 s a s : r e c o v e r f r o m i n j e c t e d P C I e b u s e r r o r s ( T o m a s H e n z l ) [ 5 6 8 2 8 1 ] b r > - [ m e s s a g e ] f u s i o n : r e m o v e u n n e c e s s a r y p r i n t k f l o o d i n g l o g s ( T o m a s H e n z l ) [ 6 2 9 0 8 1 ] b r > - [ s c s i ] s c s i _ d h _ a l u a : h a n d l e t r a n s i t i o n i n g s t a t e c o r r e c t l y ( M i k e S n i t z e r ) [ 6 1 9 3 6 1 ] b r > - [ s c s i ] l p f c : f i x i o c t l c r a s h i n l p f c _ n l p _ p u t ( R o b E v e r s ) [ 6 2 5 8 4 1 ] b r > - [ n e t ] t r a c e : f i x s k _ b u f f t y p o i n n e t w o r k t r a c e p o i n t s ( N e i l H o r m a n ) [ 5 6 8 6 1 4 ] b r > - [ n e t ] s c h e d : f i x i n f o l e a k i n t r a f f i c p o l i c i n g ( N e i l H o r m a n ) [ 6 3 6 3 9 2 ] b r > - [ m d ] d m : f i x d e a d l o c k w i t h f s y n c v s . r e s i z e i n l v m ( M i k u l a s P a t o c k a ) [ 6 2 4 0 6 8 ] b r > - [ m i s c ] a m d _ i o m m u : f i x s l a b c o r r u p t i o n w i t h i o m m u e n a b l e d ( L a r r y W o o d m a n ) [ 5 3 0 6 1 9 ] b r > - [ m m ] a d d d i r t y _ b a c k g r o u n d _ b y t e s a n d d i r t y _ b y t e s s y s c t l s ( L a r r y W o o d m a n ) [ 6 3 5 7 8 2 ] b r > - [ s c s i ] a d d s c s i _ d i s p a t c h _ * t r a c e p o i n t s ( J i r i O l s a ) [ 5 6 8 2 9 0 ] b r > - [ m i s c ] o p r o f i l e : s u p p o r t I n t e l C P U F a m i l y 6 , M o d e l 2 2 , 2 9 ( J i r i O l s a ) [ 4 9 3 0 4 7 ] b r > - [ f s ] a i o : f i x f l u s h _ w o r k q u e u e d e a d l o c k ( J e f f M o y e r ) [ 5 4 6 7 0 0 ] b r > - [ n e t ] b e 2 n e t : u s e g e n e r a t e d M A C a d d r f o r V F s , f i x B U G _ O N ( I v a n V e c e r a ) [ 6 3 0 6 8 0 ] b r > - [ f s ] s y s f s : a d d l a b e l i n g s u p p o r t f o r s y s f s ( E r i c P a r i s ) [ 5 8 2 3 7 4 ] b r > - [ s e l i n u x ] i n o d e _ * s e c c t x h o o k s t o a c c e s s s e c u r i t y c t x i n f o ( E r i c P a r i s ) [ 5 8 2 3 7 4 ] b r > - [ f s ] x a t t r : r e f a c t o r v f s _ s e t x a t t r f o r S E L i n u x h o o k u s e ( E r i c P a r i s ) [ 5 8 2 3 7 4 ] b r > - [ r e d h a t ] c o n f i g s : c o m p i l e T C G m o d u l e s f o r k e r n e l - x e n ( A n d r e w J o n e s ) [ 6 3 6 1 0 0 ] b r > - [ n e t ] n e t x e n : f i x p o l l i m p l e m e n t a t i o n ( C h a d D u p u i s ) [ 6 2 5 0 7 9 ] b r > - [ n e t ] n e t x e n : f i x a r a c e i n n e t x e n _ n i c _ g e t _ s t a t s ( ) ( C h a d D u p u i s ) [ 6 2 5 0 7 9 ] b r > - [ n e t ] n e t x e n : u p d a t e v e r s i o n 4 . 0 . 7 4 ( C h a d D u p u i s ) [ 6 2 5 0 7 9 ] b r > - [ n e t ] n e t x e n : f i x f e a t u r e s e t t i n g f o r v l a n d e v i c e s ( C h a d D u p u i s ) [ 6 2 5 0 7 9 ] b r > - [ n e t ] n e t x e n : f i x t x c s u m s e t t i n g ( C h a d D u p u i s ) [ 6 2 5 0 7 9 ] b r > - [ s c s i ] q l a 2 x x x : r e c o v e r o n m m i o _ e n a b l e f u n c t i o n f o r 8 2 X X ( C h a d D u p u i s ) [ 6 1 3 1 3 4 ] b r > - [ s c s i ] q l a 2 x x x : a d d A E R s u p p o r t f o r 8 2 X X ( C h a d D u p u i s ) [ 6 1 3 1 3 4 ] b r > - [ m i s c ] a m d _ i o m m u : c h a n g e d e f a u l t t o p a s s t h r o u g h m o d e ( B h a v n a S a r a t h y ) [ 6 2 8 0 1 8 ] b r > - [ m i s c ] a m d _ i o m m u : a d d p a s s t h r o u g h m o d e s u p p o r t ( B h a v n a S a r a t h y ) [ 5 6 1 1 2 7 ] b r > - [ m i s c ] a m d : d o n t u s e m w a i t _ i d l e o n A M D C P U s ( B h a v n a S a r a t h y ) [ 6 1 0 1 9 9 ] b r > - [ m i s c ] a m d : s h o w L 3 c a c h e i n f o f o r a l l C P U f a m i l i e s ( B h a v n a S a r a t h y ) [ 6 1 0 1 9 9 ] b r > - [ m i s c ] a m d : u n i f y L 3 c a c h e i n d e x d i s a b l e c h e c k i n g ( B h a v n a S a r a t h y ) [ 6 1 0 1 9 9 ] b r > - [ m i s c ] a m d : a v o i d d u p e s y s f s b i t s f o r t h r e s h o l d i n g b a n k s ( B h a v n a S a r a t h y ) [ 6 1 0 1 9 9 ] b r > - [ m i s c ] a m d : r e m o v e s u p e r f l u o u s C P U f a m i l y / m o d e l c h e c k ( B h a v n a S a r a t h y ) [ 6 1 0 1 9 9 ] b r > - [ m i s c ] f i x r a c e i n p i d g e n e r a t i o n c a u s i n g i m m e d i a t e r e u s e ( D a v e A n d e r s o n ) [ 6 3 4 8 5 0 ] b r > b r > [ 2 . 6 . 1 8 - 2 2 3 . e l 5 ] b r > - [ r e d h a t ] k a b i : a d d n e t s y m b o l s f o r R H E L 5 . 6 ( J o n M a s t e r s ) [ 5 4 7 6 8 9 5 5 5 7 0 8 5 5 8 9 9 9 5 6 8 5 5 8 5 6 9 6 0 6 6 1 3 1 9 3 ] b r > - [ r e d h a t ] k a b i : a d d B l o c k a n d S C S I s y m b o l s f o r R H E L 5 . 6 ( J o n M a s t e r s ) [ 5 4 7 6 8 9 5 5 8 9 9 9 5 6 6 7 6 7 5 6 9 6 0 6 5 7 4 5 5 7 ] b r > - [ r e d h a t ] k a b i : a d d P C I k e r n e l s y m b o l s f o r R H E L 5 . 6 ( J o n M a s t e r s ) [ 5 4 7 6 8 9 5 5 5 7 0 8 5 6 6 7 6 7 5 6 8 5 5 8 5 6 9 6 0 6 5 9 7 1 4 3 6 1 3 1 9 3 ] b r > - [ r e d h a t ] k a b i : a d d c o r e k e r n e l s y m b o l s f o r R H E L 5 . 6 ( J o n M a s t e r s ) [ 5 4 5 2 1 8 5 6 2 2 4 2 ] b r > - [ n e t ] i p v s : a d d o n e - p a c k e t s c h e d u l e r ( T h o m a s G r a f ) [ 5 7 8 8 3 6 ] b r > - [ p c i ] f i x p c i _ m m c f g _ i n i t m a k i n g s o m e m e m o r y u n c a c h e a b l e ( S h y a m I y e r ) [ 5 8 1 9 3 3 ] b r > - [ v i r t ] x e n : f i x c r a s h i n g o f x 8 6 h v m g u e s t o n x 8 6 _ 6 4 ( R a d i m K r c m a r ) [ 6 0 5 6 9 7 ] b r > - [ s c s i ] f i x d i s k s p i n u p f o r s h o r t e r p a t h r e s t o r e t i m e s ( R o b E v e r s ) [ 6 0 8 1 0 9 ] b r > - [ s c s i ] a a c r a i d : f i x f i l e s y s t e m f a l s e l y g o i n g r e a d - o n l y ( R o b E v e r s ) [ 5 2 3 9 2 0 ] b r > - [ m i s c ] x 8 6 : f i x c p u i d _ l e v e l o n I n t e l p r e - m o d e l 1 3 c p u s ( P r a r i t B h a r g a v a ) [ 6 0 6 8 5 1 ] b r > - [ n e t ] c x g b 3 : a l t b u f f e r f r e e i n g s t r a t e g y w h e n x e n d o m 0 ( P a o l o B o n z i n i ) [ 4 8 8 8 8 2 ] b r > - [ n e t ] b o n d i n g : e n a b l e o u t p u t s l a v e s e l e c t i o n ( N e i l H o r m a n ) [ 5 1 6 2 8 9 ] b r > - [ m d ] d m - r a i d 1 : f i x d a t a l o s t a t m i r r o r l o g f a i l u r e ( M i k u l a s P a t o c k a ) [ 5 5 5 1 9 7 ] b r > - [ m d ] k c o p y d : d m s n a p s h o t p e r f o r m a n c e i m p r o v e m e n t ( M i k u l a s P a t o c k a ) [ 4 6 6 0 8 8 ] b r > - [ s c s i ] i n c r e a s e s y n c c a c h e t i m e o u t ( M i k e C h r i s t i e ) [ 5 9 2 3 2 2 ] b r > - [ s c s i ] l o g m s g w h e n g e t t i n g U n i t A t t e n t i o n ( M i k e C h r i s t i e ) [ 5 8 5 4 3 1 ] b r > - [ v i r t ] x e n : a d d d u m m y m w a i t f o r x e n t o m a k e i t c o m p i l e ( L u m i n g Y u ) [ 5 7 3 5 1 4 ] b r > - [ x 8 6 _ 6 4 ] u s e a p i c a s m a i n t i m e r i f n o n - s t o p - a p i c t i m e r ( L u m i n g Y u ) [ 5 7 3 5 1 4 ] b r > - [ a c p i ] c p u : u s e M W A I T f o r C - s t a t e ( L u m i n g Y u ) [ 5 7 3 5 1 4 ] b r > - [ n e t ] i p v 4 / d e f r a g : c h e c k s o c k e t t y p e b e f o r e r e f e r e n c e ( J i r i O l s a ) [ 6 3 2 2 6 6 ] b r > - [ n e t ] i p v 4 : p r e v e n t c h a i n e d s k b d e s t i n e d t o U F O d e v i c e ( J i r i O l s a ) [ 6 3 3 4 5 0 ] b r > - [ b l o c k ] c f q : n o m e r g e s f o r q u e u e s w / n o p r o c e s s r e f e r e n c e s ( J e f f M o y e r ) [ 6 0 5 2 6 5 ] b r > - [ f s ] a i o : c h e c k f o r m u l t i p l i c a t i o n o v e r f l o w i n i o _ s u b m i t ( J e f f M o y e r ) [ 6 2 9 4 4 9 ] { C V E - 2 0 1 0 - 3 0 6 7 } b r > - [ m i s c ] m a k e c o m p a t _ a l l o c _ u s e r _ s p a c e i n c o r p o r a t e a c c e s s _ o k ( D o n H o w a r d ) [ 6 3 4 4 6 4 ] { C V E - 2 0 1 0 - 3 0 8 1 } b r > - [ f s ] x f s : p r e v e n t r e a d i n g u n i n i t i a l i z e d s t a c k m e m o r y ( D a v e C h i n n e r ) [ 6 3 0 8 0 7 ] { C V E - 2 0 1 0 - 3 0 7 8 } b r > - [ f s ] a i o : f i x c l e a n u p i n i o _ s u b m i t _ o n e ( J e f f M o y e r ) [ 6 3 1 7 2 1 ] { C V E - 2 0 1 0 - 3 0 6 6 } b r > b r > [ 2 . 6 . 1 8 - 2 2 2 . e l 5 ] b r > - [ c p u f r e q ] p o w e r n o w - k 8 : f i x p e r c o r e f r e q u e n c y c o n t r o l ( B h a v n a S a r a t h y ) [ 5 0 2 3 9 7 ] b r > - [ m i s c ] u i d / g i d : f i x i n t e g e r o v e r f l o w i n g r o u p s _ s e a r c h ( J e r o m e M a r c h a n d ) [ 6 2 9 6 2 6 ] b r > - [ v i r t ] x e n : r e m o v e d e a d c o d e ( P a o l o B o n z i n i ) [ 5 0 7 8 4 6 ] b r > - [ v i r t ] x e n : d o n t g i v e u p b a l l o o n i n g u n d e r m e m p r e s s u r e ( P a o l o B o n z i n i ) [ 5 0 7 8 4 6 ] b r > - [ n e t ] i p v 4 : f i x o o p s i n w r i t i n g t o f o r w a r d i n g s y s c t l ( N e i l H o r m a n ) [ 6 2 9 6 3 8 ] b r > - [ n e t ] t r a c e : b a c k p o r t s o m e n e t w o r k i n g t r a c e p o i n t s ( N e i l H o r m a n ) [ 5 6 8 6 1 4 ] b r > - [ m i s c ] r e n a m e t o p o l o g y _ * _ c p u m a s k b a c k t o * _ s i b l i n g s ( M i c h a l S c h m i d t ) [ 6 3 3 3 8 8 ] b r > - [ s c s i ] 3 w _ s a s : a d d n e w 3 w a r e S A S d r i v e r ( T o m a s H e n z l ) [ 5 7 2 0 1 1 ] b r > - [ s c s i ] 3 w - 9 x x x : u p d a t e t o 2 . 2 6 . 0 8 . 0 0 7 - 2 . 6 . 1 8 R H ( T o m a s H e n z l ) [ 5 7 2 0 0 4 ] b r > - [ s c s i ] m e g a r a i d : f i x s u s p e n d f u n c t i o n ( T o m a s H e n z l ) [ 6 3 0 9 2 7 ] b r > - [ n e t ] i p v 6 : a d d m o d e s t o d o R A / R S w h e n i n f o r w a r d i n g m o d e ( T h o m a s G r a f ) [ 6 1 4 0 6 4 ] b r > - [ f s ] n f s v 4 : f i x b u g w h e n s e r v e r r e t u r n s N F S 4 E R R _ R E S O U R C E ( S t e v e D i c k s o n ) [ 6 2 0 5 0 2 ] b r > - [ f s ] n f s v 4 : e n s u r e l o c k o w n e r s a r e l a b e l l e d c o r r e c t l y ( S t e v e D i c k s o n ) [ 6 2 0 5 0 2 ] b r > - [ f s ] n f s v 4 : a d d s u p p o r t f o r R E L E A S E _ L O C K O W N E R o p e r a t i o n ( S t e v e D i c k s o n ) [ 6 2 0 5 0 2 ] b r > - [ f s ] n f s v 4 : c l e a n u p f o r l o c k o w n e r X D R e n c o d i n g ( S t e v e D i c k s o n ) [ 6 2 0 5 0 2 ] b r > - [ f s ] n f s v 4 : e n s u r e w e t r a c k l o c k s t a t e i n r / w r e q u e s t s ( S t e v e D i c k s o n ) [ 6 2 0 5 0 2 ] b r > - [ s c s i ] q l a 4 x x x : a d d P C I e A E R s u p p o r t ( C h a d D u p u i s ) [ 6 2 4 7 1 0 ] b r > - [ s c s i ] q l a 4 x x x : u p d a t e v e r s i o n t o 5 . 0 2 . 0 3 . 0 0 . 0 5 . 0 6 - d 1 ( C h a d D u p u i s ) [ 6 2 3 6 7 5 ] b r > - [ s c s i ] q l a 4 x x x : r e s o l v e n a m e s p a c e e r r o r w i t h q l a 2 x x x ( C h a d D u p u i s ) [ 6 2 3 6 7 5 ] b r > - [ n e t ] q l c n i c : a d d A E R s u p p o r t a n d m i s c e l l a n e o u s f i x e s ( C h a d D u p u i s ) [ 6 1 4 2 8 1 ] b r > - [ n e t ] q l c n i c : a d d N I C p a r t i t i o n i n g a n d o t h e r m i s c f i x e s ( C h a d D u p u i s ) [ 6 1 4 2 8 1 ] b r > - [ n e t ] q l c n i c : m i s c u p s t r e a m f i x e s f o r R H E L 5 . 6 ( C h a d D u p u i s ) [ 6 1 4 2 8 1 ] b r > - [ n e t ] i p v 4 : f i x b u f f e r o v e r f l o w i n i c m p m s g _ p u t ( F r a n t i s e k H r b a t a ) [ 6 0 1 3 9 1 ] b r > - [ p r o c ] a l l o w a c c e s s t o / p r o c / / f d a f t e r s e t u i d ( D a n n y F e n g ) [ 6 1 7 7 0 7 ] b r > - [ f s ] x f s : f i x m i s s i n g u n t r u s t e d i n o d e l o o k u p t a g ( D a v e C h i n n e r ) [ 6 0 7 0 3 2 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 1 8 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 1 7 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 1 6 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 1 4 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 1 3 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 1 2 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 1 1 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 1 0 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 9 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ w i r e l e s s ] f i x e s f r o m 2 . 6 . 3 2 . 8 ( S t a n i s l a w G r u s z k a ) [ 6 2 1 1 0 5 ] b r > - [ x e n ] e m u l a t e t a s k s w i t c h i n g ( P a o l o B o n z i n i ) [ 6 2 5 9 0 3 ] b r > - [ x e n ] i n t r o d u c e h v m _ s e t _ c r 3 ( P a o l o B o n z i n i ) [ 6 2 5 9 0 3 ] b r > - [ x e n ] i n t r o d u c e h v m _ v i r t u a l _ t o _ l i n e a r _ a d d r ( P a o l o B o n z i n i ) [ 6 2 5 9 0 3 ] b r > - [ x e n ] i n t r o d u c e h v m _ s e t _ s e g m e n t _ r e g i s t e r ( P a o l o B o n z i n i ) [ 6 2 5 9 0 3 ] b r > - [ x e n ] h v m : b i g c l e a n u p s a n d f i x e s t o e v e n t d e l i v e r l o g i c ( P a o l o B o n z i n i ) [ 6 2 5 9 0 3 ] b r > - [ x e n ] v m x : s i m p l i f y e v e n t - i n j e c t i o n l o g i c ( P a o l o B o n z i n i ) [ 6 2 5 9 0 3 ] b r > - [ x e n ] x m t r i g g e r N M I s u p p o r t f o r H V M g u e s t s ( P a o l o B o n z i n i ) [ 6 2 5 9 0 2 ] b r > - [ x e n ] v i r t u a l N M I s u p p o r t ( P a o l o B o n z i n i ) [ 6 2 5 9 0 2 ] b r > - [ x e n ] e m u l a t e i n j e c t i o n o f g u e s t N M I ( P a o l o B o n z i n i ) [ 6 2 5 9 0 2 ] b r > - [ x e n ] i n t r o d u c e g e t _ i s a _ i r q _ v e c t o r a n d i s _ i s a _ i r q _ m a s k e d ( P a o l o B o n z i n i ) [ 6 2 5 9 0 2 ] b r > - [ x e n ] h v m : f i x U P s u s p e n d / r e s u m e / m i g r a t i o n w / P V d r i v e r s ( M i r o s l a v R e z a n i n a ) [ 6 2 9 7 7 3 ] b r > b r > [ 2 . 6 . 1 8 - 2 2 1 . e l 5 ] b r > - [ a c p i ] c h e c k _ P P C s t a t e o n c p u f r e q s t a r t ( M a t t h e w G a r r e t t ) [ 5 8 1 0 3 7 ] b r > - [ f s ] a i o : b u m p i _ c o u n t i n s t e a d o f u s i n g i g r a b ( J e f f M o y e r ) [ 6 2 6 9 6 3 ] b r > - [ r e d h a t ] d o n t g e n e r a t e k A B I d e p s w h e n b u i l d i n g w / o k A B I ( J o n M a s t e r s ) [ 4 5 6 7 6 5 ] b r > - [ w a t c h d o g ] s u p p o r t f o r i T C O o n I b e x P e a k a n d C o u g a r P o i n t ( J o h n V i l l a l o v o s ) [ 5 3 4 1 5 2 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : w h i t e s p a c e c l e a n u p s ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : m i n o r f o r m a t t i n g f i x ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : f i x o p e r a t o r p r e c e d e n c e e r r o r ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : f i x s y n d r o m e c a l c u l a t i o n o n K 8 ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : s i m p l i f y E C C o v e r r i d e h a n d l i n g ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : d o n o t f a l s e l y t r i g g e r k e r n e l o o p s ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : r e s t r i c t P C I c o n f i g s p a c e a c c e s s ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : f i x f o r c i n g m o d u l e l o a d / u n l o a d ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : f i x d r i v e r i n s t a n c e f r e e i n g ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : f i x k 8 c h i p s e l e c t r e p o r t i n g ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ e d a c ] a m d 6 4 _ e d a c : a d d l e a n e r s y n d r o m e d e c o d i n g a l g o r i t h m ( B h a v n a S a r a t h y ) [ 5 6 8 5 7 6 ] b r > - [ s c s i ] b n x 2 i : l i n k h b a a n d c n i c d e v i c e b e f o r e d e v i c e r e g ( M i k e C h r i s t i e ) [ 5 7 8 0 0 5 ] b r > - [ s c s i ] b n x 2 i : m a k e f w u s e s t a t s n f i e l d t o b u i l d h e a d e r ( M i k e C h r i s t i e ) [ 5 7 8 0 0 5 ] b r > - [ n e t ] c n i c : s e l e c t b u g f i x e s f r o m u p s t r e a m f o r R H E L 5 . 6 ( M i k e C h r i s t i e ) [ 5 9 5 5 4 8 6 1 9 7 6 7 ] b r > - [ s c s i ] b n x 2 i : u p d a t e v e r s i o n t o b n x 2 i - 2 . 1 . 3 ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : a d d c h i p c l e a n u p f o r r e m o v e m o d u l e p a t h ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : r e b i n d C F C c l e a n u p t o c m _ a b o r t / c l o s e c o m p ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : a d d s u p p o r t f o r a d d i t i o n a l T M F s ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : f i x p r o t o c o l v i o l a t i o n o n n o p o u t r e s p o n s e s ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : f i x r e s p o n s e p a n i c o n u n s o l i c i t e d N O P - I n ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : f i x b u g s i n h a n d l i n g o f u n s o l i c i t e d N O P - I n s ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : a d d h o s t p a r a m I S C S I _ H O S T _ P A R A M _ I P A D D R E S S ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : f i x T C P g r a c e f u l t e r m i n a t i o n i n i t i a t i o n ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : f i n e t u n e m i s c d e s t r o y t i m e o u t v a l u e s ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : o p t i m i z e b n x 2 i _ s t o p c o n n e c t i o n c l e a n u p ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : c r e a t e a c t i v e l i n k l i s t h o l d i n g e n d p o i n t s ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ s c s i ] b n x 2 i : s p l i t h a r d w a r e c l e a n u p f r o m e p _ d i s c o n n e c t ( M i k e C h r i s t i e ) [ 5 6 8 6 0 6 ] b r > - [ f s ] d l m : f i x t r y 1 c b f a i l u r e , p a r t 2 ( A b h i j i t h D a s ) [ 5 0 4 1 8 8 ] b r > - [ f s ] d l m : n o n o d e c a l l b a c k w h e n t r y 1 c b l o c k r e q f a i l s ( D a v i d T e i g l a n d ) [ 5 0 4 1 8 8 ] b r > - [ m i s c ] c r y p t o : a d d I n t e l x 8 6 _ 6 4 h a r d w a r e C R C 3 2 s u p p o r t ( P r a r i t B h a r g a v a ) [ 6 2 6 0 1 8 ] b r > - [ n e t ] b n x 2 : u p d a t e t o v 2 . 0 . 8 + w i t h n e w 5 7 0 9 f i r m w a r e j 1 5 ( J o h n F e e n e y ) [ 5 6 8 6 0 1 ] b r > - [ n e t ] t g 3 : u p d a t e t o 3 . 1 0 8 + a n d a d d 5 7 1 8 B 0 , 5 7 1 9 s u p p o r t ( J o h n F e e n e y ) [ 5 6 7 4 6 2 ] b r > - [ m i s c ] m o v e d e v _ n a m e t o d e v i c e . h ( J o h n F e e n e y ) [ 5 6 8 5 5 1 ] b r > - [ m i s c ] a d d W A R N _ O N C E m a c r o ( J o h n F e e n e y ) [ 5 6 8 5 5 1 ] b r > - [ d m a _ v 3 ] u p d a t e I / O A T a n d D C A d r i v e r s ( J o h n F e e n e y ) [ 5 6 8 5 5 1 ] b r > - [ n e t ] f o r c e d e t h : u p d a t e t o l a t e s t u p s t r e a m f o r R H E L 5 . 6 ( I v a n V e c e r a ) [ 6 2 8 8 3 1 ] b r > - [ n e t ] e 1 0 0 0 e : u p d a t e t o u p s t r e a m v e r s i o n 1 . 2 . 7 - k 2 ( A n d y G o s p o d a r e k ) [ 5 6 6 0 2 1 ] b r > - [ n e t ] q l a 2 x x x : f i x d i s p l a y o f l i n k d o w n s t a t e ( C h a d D u p u i s ) [ 6 2 7 6 1 2 ] b r > - [ s c s i ] q l a 2 x x x : r o m l o c k r e c o v e r i f f w h a n g s h o l d i n g l o c k ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ s c s i ] q l a 2 x x x : u p d a t e A E R s u p p o r t , d o e a r l y a b o r t c m d s ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ s c s i ] q l a 2 x x x : a d d I S _ Q L A 8 2 X X c h e c k i n u p d a t e _ f w _ o p t i o n s ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ s c s i ] q l a 2 x x x : c o v e r U N D E R R U N c a s e w h e r e S C S I s t a t u s s e t ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ s c s i ] q l a 2 x x x : f i x s e t f w h u n g a n d c o m p l e t e w a i t i n g m b x ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ s c s i ] q l a 2 x x x : f i x s e c o n d s _ s i n c e _ l a s t _ h e a r t b e a t r e s e t ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ s c s i ] q l a 2 x x x : c o r r e c t e x t e n d e d s e n s e - d a t a h a n d l i n g ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ s c s i ] q l a 2 x x x : d o n t { s , g } e t p o r t M B C i f i n v a l i d p o r t i d ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ s c s i ] q l a 2 x x x : s t o p f i r m w a r e b e f o r e d o i n g i n i t f i r m w a r e ( C h a d D u p u i s ) [ 6 1 9 8 1 4 ] b r > - [ x e n ] o p r o f i l e : f o r c e u s e o f a r c h i t e c t u r a l p e r f m o n ( D o n D u g g e r ) [ 5 3 8 5 6 4 ] b r > - [ x e n ] o p r o f i l e : s u p p o r t I n t e l s a r c h p e r f m o n r e g i s t e r s ( D o n D u g g e r ) [ 5 3 8 5 6 4 ] b r > - [ x e n ] o p r o f i l e : a d d s u p p o r t f o r C o r e i 7 a n d A t o m ( D o n D u g g e r ) [ 5 3 8 5 6 4 ] b r > b r > [ 2 . 6 . 1 8 - 2 2 0 . e l 5 ] b r > - [ b l o c k ] c c i s s : v e r s i o n s t r i n g t o 3 . 6 . 2 2 . R H 1 ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : b u s _ u n r e g i s t e r _ o n c e n o t o n c e p e r h b a ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e n a m e c c i s s _ s e c t o r _ s i z e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : m a k e l o g _ u n i t _ t o _ s c s i 3 a d d r a n i n l i n e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x e n x i o w e i r d n e s s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e o r d e r f u n c t i o n s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x r a i d l e v e l s y s f s p e r m i s s i o n s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : m a k e d e v i c e a t t r i b u t e s s t a t i c ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : m a k e c c i s s _ s e q _ s h o w h a n d l e d r v _ a r r a y h o l e s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : a d d v i a _ i o c t l p a r a m t o r e b u i l d _ l u n _ t a b l e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : a d d s u p p o r t f o r m u l t i - l u n t a p e d e v i c e s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : n o t i f y s c s i m i d l a y e r o f d e v i c e c h a n g e s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x s c a t t e r - g a t h e r o n s c s i s i d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : a d d m o r e c o m m a n d s f o r t a p e s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f a c t o r o u t s c s i d m a c o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : e l i m i n a t e u n n e c e s s a r y p o i n t e r u s e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : d o n t u s e v o i d p o i n t e r f o r h b a ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : d e t e c t b a d a l i g n m e n t ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f a c t o r o u t s g c h a i n b l o c k m a p p i n g c o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x D M A d i r e c t i o n k l u d g e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : s i m p l i f y s c a t t e r g a t h e r c o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f a c t o r o u t s c a t t e r g a t h e r a l l o c a n d f r e e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : e n h a n c e d s c a t t e r - g a t h e r s u p p o r t ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e m o v e t h e s c a n t h r e a d ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x s c s i s t a t u s t y p o ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e m o v e s e n d c m d ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : c l e a n u p c o d e i n c c i s s _ s h u t d o w n ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e t r y d r i v e r c m d s w i t h u n i t a t t e n t i o n c o n d ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : n o p c i _ r e l e a s e _ r e g i o n s o n r e g i o n s n o t h e l d ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x m e m o r y l e a k i n c c i s s _ i n i t _ o n e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : d y n a m i c a l l y a l l o c a t e d r i v e i n f o s t r u c t ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x r a i d l a b e l r e l a t e d m a g i c n u m b e r ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : n o c h e c k b u s y i n i t i a l i z i n g i n c c i s s o p e n ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : a d d u s a g e _ c o u n t a t t r i b u t e t o l o g i c a l d r i v e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : a d d r a i d _ l e v e l a t t r i b u t e t o l o g i c a l d r i v e s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : a d d l u n i d a t t r i b u t e t o l o g d r i v e s i n / s y s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : d o n t c a l l p u t d i s k e x c e s s i v e l y ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : z e r o o u t d r i v e i n f o o n r e m o v a l ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : h a n d l e s p e c i a l c a s e f o r / d e v / c c i s s / c 0 d 0 ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : h a n d l e c a s e s w h e n c c i s s _ a d d _ d i s k f a i l s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x a n d r e a r r a n g e l o g i c a l d r i v e s y s f s c o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : d y n a m i c a l l o c a t e s t r u c t d e v i c e f o r l o g i c a l ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : U s e h e l p e r f u n c t i o n s t o a c c e s s d r i v e _ d a t a ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e m o v e w i t h i r q p a r a m e t e r w h e r e p o s s i b l e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e m o v e s y s f s e n t r i e s d u r i n g d r i v e r c l e a n u p ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : a d d c c i s s _ s y s f s _ s t a t _ i n q u i r y f u n c t i o n ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : a d d C T L R _ L U N I D d e f i n e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : R e m o v e u n u s e d w a s _ o n l y _ c o n t r o l l e r _ n o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x p r o b l e m w i t h L U N a d d r e s s i n g ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x p r o b l e m w i t h S G _ I O c o m p l e t i o n s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e t r y c o m m a n d s f r o m w i t h i n s e n d c m d _ w i t h i r q ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : c h a n g e S C S I e r r o r h a n d l i n g c o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e m o v e s e n d c m d r e j e c t p r o c e s s i n g ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : l e t s c s i e r r o r h a n d l i n g w o r k w / i n t e r r u p t s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f a c t o r o u t e r r o r p r o c e s s i n g c o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f a c t o r o u t t a r g e t s t a t u s c o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : s i m p l i f y d e v i c e a d d r e s s i n g m e t h o d s ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f a c t o r o u t s e n d c m d _ w i t h i r q c o r e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : u s e u n i n t e r r u p t i b l e t i m e o u t w h e n w a i t i n g ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f i x l u n r e s e t c o d e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : f a c t o r o u t s e n d c m d c o r e f o r s a n e i n t e r f a c e ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : r e m o v e d o u b l e s e t t i n g o f h - > b u s y ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ b l o c k ] c c i s s : d i s a b l e s c a n t h r e a d , i t p r e v e n t s r m m o d ( T o m a s H e n z l ) [ 5 6 8 8 3 0 ] b r > - [ n e t ] n e t x e n : f i x i n c o n s i s t e n t l o c k s t a t e ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : p r o t e c t t x t i m e o u t r e c o v e r y b y r t n l l o c k ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x f o r k d u m p ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x c a c h i n g w i n d o w r e g i s t e r ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x r c v b u f f e r l e a k ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x m e m o r y l e a k s i n e r r o r p a t h ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : r e m o v e u n n e c e s s a r y r e t u r n s ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : h a n d l e q u e u e m a n a g e r a c c e s s ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : t o f i x o n c h i p m e m o r y a c c e s s . ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : r e m o v e u n n e c e s s a r y s i z e c h e c k s ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x r e g i s t e r u s a g e ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x d e a d l o c k i n a e r ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x i n t e r r u p t f o r N X 2 0 3 1 ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x f w l o a d f r o m f i l e ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : v a l i d a t e u n i f i e d r o m i m a g e ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x c o r n e r c a s e s o f f i r m w a r e r e c o v e r y ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : u p d a t e v e r s i o n t o 4 . 0 . 7 3 ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x t x c s u m s t a t u s ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : a d d e d s a n i t y c h e c k f o r p c i m a p ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x w a r n i n g i n i o a d d r f o r N X 3 0 3 1 c h i p ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x b i o s v e r s i o n c a l c u l a t i o n ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : d i s a b l e o n N X _ P 3 _ B 1 h a r d w a r e ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : p r o t e c t r e s o u r c e c l e a n u p b y r t n l l o c k ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x t x t i m e o u t r e c o v e r y f o r N X 2 0 3 1 c h i p ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x s p a r s e w a r n i n g ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x l i c e n s e h e a d e r ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x e n d i a n n e s s i n t r c o a l e s c e ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x e n d i a n n e s s r e a d m a c a d d r e s s ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : u s e D E F I N E _ P C I _ D E V I C E _ T A B L E ( ) ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : u p d a t e v e r s i o n t o 4 . 0 . 7 2 ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x s e t m a c a d d r ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x s m a t c h w a r n i n g ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x t x r i n g m e m o r y l e a k ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x e t h t o o l l i n k t e s t ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : m o v e && a n d | | t o e n d o f p r e v i o u s l i n e ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x e t h t o o l r e g i s t e r d u m p ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x u n i f i e d f w s i z e c h e c k ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : s u p p o r t p c i e r r o r h a n d l e r s ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x t x t i m e o u t r e c o v e r y ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : m i n o r s u s p e n d r e s u m e f i x e s ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : u s e m o d u l e p a r a m e t e r c o r r e c t l y ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x f i r m w a r e t y p e c h e c k ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x n a p i i n t r e n a b l e c h e c k ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : p r o t e c t d e v i c e r e s e t b y r t n l _ l o c k ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x f a i l u r e c a s e s f o r f w h a n g r e c o v e r y ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ n e t ] n e t x e n : f i x d e b u g t o o l s a c c e s s f o r N X 2 0 3 1 ( C h a d D u p u i s ) [ 5 6 2 9 3 7 ] b r > - [ m i s c ] c l o n e : f i x r a c e b e t w e e n c o p y _ p r o c e s s a n d d e _ t h r e a d ( J i r i O l s a ) [ 5 9 0 8 6 4 ] b r > - [ s 3 9 0 ] d a s d : l e t r e c o v e r y c q r g e t f l a g s f r o m f a i l e d c q r ( H e n d r i k B r u e c k n e r ) [ 6 2 8 8 3 8 ] b r > - [ n e t ] i p v 4 : f i x l e a k , r c u a n d l e n g t h i n r o u t e c a c h e g c ( T h o m a s G r a f ) [ 5 4 1 2 2 4 ] b r > - [ n e t ] t c p : z e r o o u t r x _ o p t i n t c p _ d i s c o n n e c t ( T h o m a s G r a f ) [ 5 3 9 5 6 0 ] b r > - [ n e t ] i p v 6 : U p d a t e N e i g h b o r C a c h e w h e n I P v 6 R A r e c e i v e d ( T h o m a s G r a f ) [ 5 6 0 8 7 0 ] b r > - [ n e t ] i p v 6 : P l u g s k _ b u f f l e a k i n i p v 6 _ r c v ( T h o m a s G r a f ) [ 5 7 4 9 1 3 ] b r > - [ r e d h a t ] c o n f i g s : e n a b l e b u i l d i n g k 1 0 t e m p s e n s o r d r i v e r ( M i c h a l S c h m i d t ) [ 4 4 3 7 4 5 ] b r > - [ h w m o n ] a d d k 1 0 t e m p s e n s o r d r i v e r ( M i c h a l S c h m i d t ) [ 4 4 3 7 4 5 ] b r > - [ p c i ] a d d A M D 1 0 h , 1 1 h P C I I D s t o p c i _ i d s . h ( M i c h a l S c h m i d t ) [ 4 4 3 7 4 5 ] b r > - [ n e t ] v x g e : f i x m u l t i c a s t i s s u e s ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : s h o w s t a r t u p m e s s a g e w i t h K E R N _ I N F O ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : f i x m e m o r y l e a k i n v x g e _ a l l o c _ m s i x e r r o r p a t h ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : f i x c h e c k s t a c k w a r n i n g i n v x g e _ p r o b e ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : r e m o v e u n n e c e s s a r y r e t u r n s f r o m v o i d f u n c t s ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : v e r s i o n u p d a t e ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : p a s s c o r r e c t n u m b e r o f V F s v a l u e t o s r i o v ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : a l l o w l o a d f o r a l l e n u m e r a t e d p c i f u n c t i o n s ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : f i x p o s s i b l e m e m o r y l e a k i n d e v i c e i n i t ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : a d d m i s s i n g v l a n _ r x _ k i l l _ v i d m e t h o d ( M i c h a l S c h m i d t ) [ 5 9 4 4 0 4 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : r e m o v e t r a i l i n g s p a c e i n m e s s a g e s ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : u s e p c i _ d m a _ m a p p i n g _ e r r o r t o t e s t r e t u r n v a l ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : u s e D E F I N E _ P C I _ D E V I C E _ T A B L E ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : u s e D M A _ B I T _ M A S K i n s t e a d o f p l a i n v a l u e s ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] v x g e : m o v e && a n d | | t o e n d o f p r e v i o u s l i n e ( M i c h a l S c h m i d t ) [ 6 0 8 5 9 8 ] b r > - [ n e t ] b n x 2 x : f i x w r o n g r e t u r n f r o m b n x 2 x _ t r y l o c k _ h w _ l o c k ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : s m a l l f i x i n s t a t s h a n d l i n g ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : u p d a t e b n x 2 x v e r s i o n t o 1 . 5 2 . 5 3 - 4 ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : f i x P H Y l o c k i n g p r o b l e m ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : a d j u s t c o n f u s i n g i f i n d e n t a t i o n ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : l o a d f i r m w a r e i n o p e n i n s t e a d o f p r o b e ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : f i x n e t / i p 6 _ c h e c k s u m . h i n c l u d e ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : u p d a t e d r i v e r v e r s i o n t o 1 . 5 2 . 5 3 - 3 ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : m o v e s t a t i s t i c s h a n d l i n g c o d e t o o w n f i l e s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : c r e a t e s e p a r a t e f i l e f o r e t h t o o l r o u t i n e s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : c r e a t e b n x 2 x _ c m n . * f i l e s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : m a i n n e t d e v d o e s n o t n e e d - > p o l l , - > w e i g h t ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : m o v e g l o b a l v a r i a b l e l o a d _ c o u n t t o b n x 2 x . h ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : s t o r e m o d u l e p a r a m e t e r s i n m a i n s t r u c t u r e ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : c r e a t e s e p a r a t e f o l d e r f o r b n x 2 x d r i v e r ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : s e t R X H A S H f o r L R O p a c k e t s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : r e t u r n - E I N V A L f o r u n s u p p o r t e d f l a g s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : f a i l w h e n t r y i n g t o s e t u p u n s u p p o r t e d f e a t u r e s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : f i x l i n k p r o b l e m w i t h s o m e D A C s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : p r o t e c t a S M s t a t e c h a n g e ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : a v o i d T X t i m e o u t w h e n s t o p p i n g d e v i c e ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : f i x c h e c k t o g e t R X h a s h ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : r e m o v e t w o u n n e e d e d p r e f e t c h c a l l s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : a d d s u p p o r t f o r r e c e i v e h a s h i n g ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : u p d a t e d a t e a n d v e r s i o n t o 1 . 5 2 . 5 3 - 1 ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : d o n t r e p o r t l i n k d o w n i f a l r e a d y d o w n ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : r e w o r k p o w e r s t a t e h a n d l i n g c o d e ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : u s e r e g i s t e r m a s k t o a v o i d p a r i t y e r r o r ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : f i x M S I - X e n a b l i n g f l o w ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : a d d n e w s t a t i s t i c s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : w h i t e s p a c e a n d f o r m a t t i n g f i x u p s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : p r o t e c t c o d e w i t h N O M C P ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : i n c r e a s e D M A E m a x w r i t e s i z e f o r 5 7 7 1 1 ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : a d d s k e l e t o n V P D f i r m w a r e v e r s i o n r e a d c o d e ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : p a r i t y e r r o r h a n d l i n g f o r 5 7 7 1 0 a n d 5 7 7 1 1 ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : u s e D E F I N E _ P C I _ D E V I C E _ T A B L E ( ) ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : m o v e && a n d | | t o e n d o f p r e v i o u s l i n e ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : r e m o v e t r a i l i n g s p a c e i n m e s s a g e s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : c l e a n u p d e b u g p r i n t s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : u s e m a c r o f o r p h y a d d r e s s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : c o n v e r t m o r e t o % p M ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : u s e p c i _ i o r e m a p _ b a r ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : m a k e N A P I p o l l r o u t i n e c l o s e r t o u p s t r e a m ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : t y p o f i x e s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > m a c r o h e l p e r s ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] b n x 2 x : u s e D M A _ B I T _ M A S K ( 6 4 ) o v e r D M A _ 6 4 B I T _ M A S K ( M i c h a l S c h m i d t ) [ 5 7 2 0 1 2 ] b r > - [ n e t ] s f c : u p d a t e t o u p s t r e a m v e r s i o n 2 . 6 . 3 6 - r c 1 c o d e ( M i c h a l S c h m i d t ) [ 5 5 6 4 7 6 ] b r > - [ n e t ] s f c : u n d o n o w u n n e c e s s a r y R H E L w o r k q u e u e c h a n g e s ( M i c h a l S c h m i d t ) [ 5 5 6 4 7 6 ] b r > - [ n e t ] n e t d e v i c e : a d d n e t d e v _ f o r _ e a c h _ m c _ a d d r ( M i c h a l S c h m i d t ) [ 5 5 6 4 7 6 ] b r > - [ m i s c ] a d d r o u n d _ j i f f i e s _ u p a n d r e l a t e d r o u t i n e s ( M i c h a l S c h m i d t ) [ 5 5 6 4 7 6 ] b r > - [ n e t ] c o r e : b u g f i x f o r v l a n + g r o i s s u e ( M i c h a l S c h m i d t ) [ 5 5 6 4 7 6 ] b r > - [ n e t ] v l a n / b r i d g e : f i x s k b _ p u l l _ r c s u m f a t a l e x c e p t i o n ( M i c h a l S c h m i d t ) [ 5 5 6 4 7 6 ] b r > - [ f s ] p r o c : a d d f i l e p o s i t i o n a n d f l a g s i n f o i n / p r o c ( J e r o m e M a r c h a n d ) [ 4 9 8 0 8 1 ] b r > - [ n e t ] e 1 0 0 * / i g b * / i x g b * : a d d m i s s i n g r e a d m e m o r y b a r r i e r ( A n d y G o s p o d a r e k ) [ 6 2 9 7 6 1 ] b r > - [ n e t ] i g b / i g b v f : t u r n o n T S O f o r V L A N i n t e r f a c e s ( A n d y G o s p o d a r e k ) [ 6 2 9 4 5 7 ] b r > - [ n e t ] v l a n : c o n t r o l v l a n d e v i c e T S O s t a t u s w i t h e t h t o o l ( A n d y G o s p o d a r e k ) [ 6 2 9 4 5 7 ] b r > - [ x e n ] v t d : f i x p a r a m e t e r i o m m u = n o - i n t r e m a p ( P a o l o B o n z i n i ) [ 5 7 6 4 7 8 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 9 . e l 5 ] b r > - [ n e t ] u d p : f i x b o g u s U F O p a c k e t g e n e r a t i o n ( J a r o d W i l s o n ) [ 6 3 2 2 6 6 ] b r > - [ v i r t ] x e n : f i x x e n n e t d r i v e r t o n o t c o r r u p t d a t a ( N e i l H o r m a n ) [ 6 3 0 1 2 9 ] b r > - [ v i r t ] f i x 6 4 - b i t c o m p i l e i s s u e i n V M W a r e T S C u p d a t e ( P r a r i t B h a r g a v a ) [ 5 3 8 0 2 2 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 8 . e l 5 ] b r > - [ n e t ] t c p : p r e v e n t s e n d i n g p a s t r e c e i v e r w i n d o w w i t h T S O ( T h o m a s G r a f ) [ 4 9 4 4 0 0 ] b r > - [ m i s c ] n e t d e v i c e : a d d p r i n t k h e l p e r s f o r n e t d r i v e r s ( M i c h a l S c h m i d t ) [ 6 2 9 6 3 4 ] b r > - [ m i s c ] d r i v e r s : r e m o v e p r i v a t e d e f i n i t i o n s o f p r _ * m a c r o s ( M i c h a l S c h m i d t ) [ 6 2 9 6 3 4 ] b r > - [ m i s c ] k e r n e l : a d d p r _ * f a m i l y o f p r i n t k h e l p e r m a c r o s ( M i c h a l S c h m i d t ) [ 6 2 9 6 3 4 ] b r > - [ i n f i n i b a n d ] i w _ c x g b 3 : a l w a y s d e f i n e s t a t e s [ ] ( M i c h a l S c h m i d t ) [ 6 2 9 6 3 4 ] b r > - [ n e t ] i f b : f i x s y n t a x e r r o r i n p r _ d e b u g u s a g e ( M i c h a l S c h m i d t ) [ 6 2 9 6 3 4 ] b r > - [ n e t ] t g 3 : d i s a b l e P M E b i t d u r i n g r e s u m e ( J o h n F e e n e y ) [ 5 9 8 5 3 0 ] b r > - [ n e t ] n e t f i l t e r : f i x c r a s h e s c a u s e d b y f r a g m e n t j u m p s ( J i r i P i r k o ) [ 6 1 7 2 6 8 ] b r > - [ v i r t ] u p d a t e V M W a r e T S C c o d e ( P r a r i t B h a r g a v a ) [ 5 3 8 0 2 2 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 7 . e l 5 ] b r > - [ t i m e ] i m p l e m e n t f i n e g r a i n e d a c c o u n t i n g f o r P M t i m e r ( U l r i c h O b e r g f e l l ) [ 5 8 6 2 8 5 ] b r > - [ t i m e ] i n i t i a l i z e t i c k _ n s e c b a s e d o n k e r n e l p a r a m e t e r s ( U l r i c h O b e r g f e l l ) [ 5 8 6 2 8 5 ] b r > - [ t i m e ] i n t r o d u c e ' p m t i m e r _ f i n e _ g r a i n e d ' k e r n e l p a r a m e t e r ( U l r i c h O b e r g f e l l ) [ 5 8 6 2 8 5 ] b r > - [ s c s i ] i b m v f c : F i x t e r m i n a t e _ r p o r t _ i o ( S t e v e B e s t ) [ 6 2 8 6 1 5 ] b r > - [ f s ] e x t 3 : f l u s h d i s k c a c h e s o n f s y n c w h e n n e e d e d ( E r i c S a n d e e n ) [ 5 9 2 9 6 1 ] b r > - [ f s ] e x t 4 : m o v e a i o c o m p l e t i o n a f t e r u n w r i t t e n e x t e n t c o n ( E r i c S a n d e e n ) [ 6 1 7 6 9 0 ] b r > - [ f s ] x f s : m o v e a i o c o m p l e t i o n a f t e r u n w r i t t e n e x t e n t c o n v ( E r i c S a n d e e n ) [ 6 1 7 6 9 0 ] b r > - [ f s ] d i r e c t - i o : m o v e a i o _ c o m p l e t e i n t o - > e n d _ i o ( E r i c S a n d e e n ) [ 6 1 7 6 9 0 ] b r > - [ f s ] e x t 4 : q u o t a u p d a t e s f o r R H E L 5 . 6 ( E r i c S a n d e e n ) [ 4 5 7 1 5 3 ] b r > - [ f s ] e x t 4 : q u o t a i n f r a s t r u c t u r e u p d a t e s f o r R H E L 5 . 6 ( E r i c S a n d e e n ) [ 4 5 7 1 5 3 ] b r > - [ f s ] e x t 4 : c o r e u p d a t e s f o r R H E L 5 . 6 ( E r i c S a n d e e n ) [ 4 5 7 1 5 3 ] b r > - [ f s ] e x t 4 : a d d n e w k e r n e l h e l p e r s f o r R H E L 5 . 6 ( E r i c S a n d e e n ) [ 4 5 7 1 5 3 ] b r > - [ i n f i n i b a n d ] s y n c i s e r d r i v e r w i t h u p s t r e a m f o r R H E L 5 . 6 ( M i k e C h r i s t i e ) [ 6 2 3 5 9 5 ] b r > - [ n e t ] c x g b 3 : d o n t f l u s h w o r k q u e u e i f c a l l e d f r o m w q ( D o u g L e d f o r d ) [ 6 3 0 1 2 4 ] b r > - [ n e t ] c x g b 3 : g e t f a t a l p a r i t y e r r o r s t a t u s o n i n t e r r u p t ( D o u g L e d f o r d ) [ 6 3 0 1 2 4 ] b r > - [ n e t ] c x g b 3 : c l e a r f a t a l p a r i t y e r r o r r e g i s t e r o n i n i t ( D o u g L e d f o r d ) [ 6 3 0 1 2 4 ] b r > - [ n e t ] c x g b 3 : a d d d e f i n e f o r f a t a l p a r i t y e r r o r b i t ( D o u g L e d f o r d ) [ 6 3 0 1 2 4 ] b r > - [ n e t ] q l g e : u p d a t e d r i v e r v e r s i o n t o 1 . 0 0 . 0 0 . 2 5 ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ n e t ] q l g e : f i x a e e h h a n d l e r t o n o t a d d a p e n d i n g t i m e r ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ n e t ] q l g e : u p d a t e d r i v e r v e r s i o n t o 1 . 0 0 . 0 0 . 2 4 ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ n e t ] q l g e : r e m o v e e r r o r p k t f l a g s , e n a b l e n e t c s u m e r r o r ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ n e t ] q l g e : r e s t o r e p r o m i s c u o u s s e t t i n g i n q l _ a d a p t e r _ u p ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ n e t ] q l g e : c h a n g e c p u _ t o _ b e 1 6 t o h t o n s f o r u d p c h e c k s u m ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ n e t ] q l g e : r e m o v e f i r m w a r e d e p e n d e n c y f o r M P I c o r e d u m p ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ n e t ] q l g e : a d d i n g n d e v - > l a s t _ r x = j i f f i e s ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ n e t ] q l g e : f i x p k t g e n i s s u e r e p o r t e d b y C i s c o ( C h a d D u p u i s ) [ 5 6 7 4 0 2 ] b r > - [ v i r t i o ] f i x b a l l o o n w i t h o u t V I R T I O _ B A L L O O N _ F _ S T A T S _ V Q ( A m i t S h a h ) [ 6 0 1 6 9 2 ] b r > - [ v i r t i o ] f i x s c h e d w h i l e a t o m i c i n v i r t i o _ b a l l o o n s t a t s ( A m i t S h a h ) [ 6 0 1 6 9 2 ] b r > - [ v i r t i o ] a d d m e m o r y s t a t r e p o r t i n g t o b a l l o o n d r i v e r ( A m i t S h a h ) [ 6 0 1 6 9 2 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 6 . e l 5 ] b r > - [ n e t ] h a s h l i m i t : c h e c k a l l o c a t i o n b e f o r e f r e e i n g m e m o r y ( W a d e M e a l i n g ) [ 6 1 5 2 2 9 ] b r > - [ n e t ] c l u s t e r i p : c h e c k a l l o c a t i o n b e f o r e f r e e i n g m e m o r y ( W a d e M e a l i n g ) [ 6 1 5 2 2 7 ] b r > - [ i a 6 4 ] m c a : s a v e I - r e s o u r c e s w h e n I N I T i s s e n t ( T a k a o I n d o h ) [ 4 7 1 1 3 6 ] b r > - [ s c s i ] m p t 2 s a s : u p d a t e t o 0 5 . 1 0 1 . 0 0 . 0 2 ( T o m a s H e n z l ) [ 5 6 8 2 8 1 ] b r > - [ s c s i ] i p r : b u m p t h e v e r s i o n n u m b e r a n d d a t e ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : f i x r e s o u r c e t y p e u p d a t e a n d a d d a t t r i b u t e s ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : f i x t r a n s i t i o n t o o p e r a t i o n a l o n n e w a d a p t e r s ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : c h a n g e e n d i a n s w a p k e y f o r h w s p e c c h a n g e ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : a d d s u p p o r t f o r O b s i d i a n - E e m b e d d e d a d a p t e r ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : a d d M M I O w r i t e f o r B I S T o n 6 4 - b i t a d a p t e r s ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : m o v e s e t t i n g o f a l l o w _ r e s t a r t f l a g ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : a d d w r i t e q d e f i n i t i o n i f n e e d e d ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : a d d e n d i a n s w a p e n a b l e f o r 6 4 - b i t a d a p t e r s ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : f i x r e s o u r c e p a t h d i s p l a y a n d f o r m a t t i n g ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : i m p r o v e i n t e r r u p t s e r v i c e r o u t i n e p e r f o r m a n c e ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : s e t d a t a l i s t l e n g t h i n r e q u e s t c o n t r o l b l o c k ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : f i x r e g i s t e r r e a d a d d r e s s o n 6 4 - b i t a d a p t e r s ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : a d d r e s o u r c e p a t h t o I O A s t a t u s a r e a s t r u c t ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : i m p l e m e n t f i x e s f o r 6 4 - b i t a d a p t e r s u p p o r t ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ s c s i ] i p r : f i x c o m p i l e w a r n i n g ( S t e v e B e s t ) [ 6 2 6 5 6 6 ] b r > - [ f s ] e x t 4 : a l l o c a t e - > s _ b l o c k g r o u p _ l o c k s e p a r a t e l y ( E r i c S a n d e e n ) [ 6 1 4 9 5 7 ] b r > - [ p c i ] x e n : d i s a b l e b r o k e n m s i / m s i x o n i a 6 4 x e n ( R a d i m K r c m a r ) [ 5 1 8 4 6 3 ] b r > - [ m i s c ] f i x n o n - C O N F I G _ N U M A x 8 6 _ 6 4 c o m p i l e ( P r a r i t B h a r g a v a ) [ 5 8 3 6 7 3 ] b r > - [ p n p ] i g n o r e b o t h U N S E T a n d D I S A B L E D i o r e s o u r c e s ( P r a r i t B h a r g a v a ) [ 5 6 0 5 4 0 ] b r > - [ p n p ] r e s e r v e s y s t e m b o a r d i o m e m a n d i o p o r t r e s o u r c e s ( P r a r i t B h a r g a v a ) [ 5 6 0 5 4 0 ] b r > - [ n e t ] i p v 4 : a d d I P _ N O D E F R A G o p t i o n f o r I P v 4 s o c k e t ( J i r i O l s a ) [ 5 6 2 2 2 0 ] b r > - [ n f s ] s u n r p c : c a n c e l t a s k _ c l e a n u p w o r k i n x p r t _ d e s t r o y ( J e f f L a y t o n ) [ 6 1 1 9 3 8 ] b r > - [ f s ] n f s : f i x f i l e c r e a t e f a i l u r e w i t h H P U X c l i e n t ( J e f f L a y t o n ) [ 6 0 5 7 2 0 ] b r > - [ n e t ] i x g b e : u p d a t e t o u p s t r e a m v e r s i o n 2 . 0 . 8 4 - k 2 ( A n d y G o s p o d a r e k ) [ 5 6 8 6 0 2 ] b r > - [ n e t ] v l a n : a d d V L A N b i t f i e l d d e f i n e s ( A n d y G o s p o d a r e k ) [ 5 6 6 0 2 7 ] b r > - [ n e t ] i g b : a c t u a l l y s u p p o r t s e l f _ t e s t e t h t o o l c o m m a n d ( A n d y G o s p o d a r e k ) [ 5 9 3 8 6 2 ] b r > - [ n e t ] i x g b e : a c t u a l l y s u p p o r t s e l f _ t e s t e t h t o o l c o m m a n d ( A n d y G o s p o d a r e k ) [ 5 9 3 8 6 2 ] b r > - [ n e t ] i x g b e v f : u p d a t e t o v e r s i o n 1 . 0 . 0 - k 1 ( A n d y G o s p o d a r e k ) [ 5 6 6 0 2 7 ] b r > - [ n e t ] b o n d i n g : f i x A L B m o d e t o b a l a n c e t r a f f i c o n V L A N s ( A n d y G o s p o d a r e k ) [ 5 7 8 5 3 1 ] b r > - [ n e t ] i g b : d o r e g i s t e r d u m p j u s t b e f o r e r e s e t t i n g a d a p t e r ( A n d y G o s p o d a r e k ) [ 5 6 8 6 0 2 ] b r > - [ k e r n e l ] n m i _ w a t c h d o g : o u t p u t c o u n t d u r i n g c h e c k o n b o o t ( D o n Z i c k u s ) [ 6 1 3 6 6 7 ] b r > - [ m i s c ] n m i : f i x b o g u s n m i w a t c h d o g s t u c k m e s s a g e s ( D o n Z i c k u s ) [ 4 5 5 3 2 3 ] b r > - [ v i r t ] n m i : d o n t p r i n t N M I s t u c k m e s s a g e s o n g u e s t s ( D o n Z i c k u s ) [ 4 5 5 3 2 3 ] b r > - [ m i s c ] n m i _ w a t c h d o g : a d d / p r o c / s y s / k e r n e l / n m i _ w a t c h d o g ( D o n Z i c k u s ) [ 4 5 5 3 2 3 ] b r > - [ m i s c ] s c r i p t s : u s e s y s t e m p y t h o n i n s t e a d o f e n v ( D o n Z i c k u s ) [ 5 2 1 8 7 8 ] b r > - [ p c i ] s r - i o v : f i x b r o k e n r e s o u r c e a l i g n m e n t c a l c u l a t i o n s ( D o n D u t i l e ) [ 5 2 3 3 4 1 ] b r > - [ p c i ] c l e a n u p r e s o u r c e a l i g n m e n t m a n a g e m e n t ( D o n D u t i l e ) [ 5 2 3 3 4 1 ] b r > - [ p c i ] s r - i o v : a s s i g n p c i r e s o u r c e s e a r l i e r ( D o n D u t i l e ) [ 5 2 3 3 4 1 ] b r > - [ n e t ] v x g e : u p d a t e v e r s i o n t o r e f l e c t R H E L 5 . 6 c h a n g e s ( B o b P i c c o ) [ 5 8 0 4 1 3 ] b r > - [ n e t ] v x g e : s e t f u n c _ i d 0 a s p r i v i l e g e d f o r n o r m a l f u n c ( B o b P i c c o ) [ 5 8 0 4 1 3 ] b r > - [ n e t ] v x g e : f i x M S I X i n t e r r u p t c o n f i g u r a t i o n ( B o b P i c c o ) [ 5 8 0 4 1 3 ] b r > - [ n e t ] v x g e : f i x e t h t o o l - d o u t p u t ( B o b P i c c o ) [ 5 8 0 4 1 3 ] b r > - [ n e t ] v x g e : a l i g n t m e m o r y o n l y i f m i s a l i g n e d ( B o b P i c c o ) [ 5 8 0 4 1 3 ] b r > - [ n e t ] v x g e : f i x h w b u f f e r s t a r v a t i o n f r o m s h o r t p a c k e t s ( B o b P i c c o ) [ 5 8 0 4 1 3 ] b r > - [ n e t ] v x g e : f i x r e c e i v e s t a l l w / d r i v e r / c h i p o u t - o f - s y n c ( B o b P i c c o ) [ 5 8 0 4 1 3 ] b r > - [ c p u f r e q ] a d d A P E R F / M P E R F s u p p o r t f o r A M D p r o c e s s o r s ( B h a v n a S a r a t h y ) [ 6 2 1 3 3 5 ] b r > - [ x e n ] v m x : f i x h a n d l i n g o f F S / G S b a s e M S R s ( M i c h a l N o v o t n y ) [ 6 1 3 1 8 7 ] b r > - [ x e n ] h v : i m p r o v e b a c k t r a c e s u p p o r t o n i a 6 4 ( A n d r e w J o n e s ) [ 4 9 9 5 5 3 ] b r > - [ x e n ] s u p p o r t n e w A M D f a m i l y 0 x 1 5 C P U a n d N B h a r d w a r e ( B h a v n a S a r a t h y ) [ 6 1 9 0 9 2 ] b r > - [ x e n ] a l l o w d o m 0 t o c o n t r o l c o r e p e r f o r m a n c e b o o s t ( B h a v n a S a r a t h y ) [ 5 6 8 7 7 1 ] b r > - [ x e n ] a d d s u p p o r t f o r d o m 0 t o a c c e s s A P E R F / M P E R F f o r A M D ( B h a v n a S a r a t h y ) [ 5 6 8 7 7 2 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 5 . e l 5 ] b r > - [ s o u n d ] A L S A H D A d r i v e r u p d a t e f o r R H E L 5 . 6 ( J a r o s l a v K y s e l a ) [ 5 9 2 1 9 9 ] b r > - [ n e t ] i g b v f : u p d a t e t o l a t e s t u p s t r e a m f o r R H E L 5 . 6 ( S t e f a n A s s m a n n ) [ 5 6 6 0 2 8 ] b r > - [ n e t ] i g b : u p d a t e i g b d r i v e r t o s u p p o r t P o r t v i l l e A C S ( S t e f a n A s s m a n n ) [ 5 6 6 0 2 4 ] b r > - [ n e t ] i g b : f i x e r r o r i n i g b A E R c o d e ( S t e f a n A s s m a n n ) [ 6 1 2 2 1 2 ] b r > - [ a t a ] l i b a t a : f i x s u s p e n d / r e s u m e f o r A T A S E M B d e v i c e s ( D a v i d M i l b u r n ) [ 6 2 2 5 5 9 ] b r > - [ a t a ] s a t a _ m v : m s i m a s k i n g f i x ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ a t a ] s a t a _ m v : P r o p e r l y i n i t i a l i z e m a i n i r q m a s k ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ a t a ] s a t a _ m v : r e m o v e b o g u s n s e c t r e s t r i c t i o n ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ a t a ] s a t a _ m v : d o n t r e a d h c _ i r q _ c a u s e ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ a t a ] s a t a _ m v : a d d t h e G e n I I E f l a g t o t h e S o C d e v i c e s ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ a t a ] s a t a _ m v : d o n t i s s u e t w o D M A c o m m a n d s c o n c u r r e n t l y ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ a t a ] s a t a _ m v : s a f e r l o g i c f o r l i m i t w a r n i n g s ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ a t a ] s a t a _ m v : w a r n o n P I O w i t h m u l t i p l e D R Q s ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ a t a ] s a t a _ m v : e n a b l e a s y n c _ n o t i f y f o r 6 0 x 1 R e v . C 0 a n d u p ( D a v i d M i l b u r n ) [ 5 5 4 8 7 2 ] b r > - [ s 3 9 0 ] z f c p : D o n o t p r i n t b i t m a s k a s l i n k s p e e d ( H e n d r i k B r u e c k n e r ) [ 6 1 9 8 5 7 ] b r > - [ s 3 9 0 ] d a s d : f o r c e o n l i n e d o e s n o t w o r k ( H e n d r i k B r u e c k n e r ) [ 6 1 9 4 6 6 ] b r > - [ s 3 9 0 ] d a s d : a l l o c a t e f a l l b a c k c q r f o r r e s e r v e / r e l e a s e ( H e n d r i k B r u e c k n e r ) [ 6 1 9 4 6 5 ] b r > - [ s 3 9 0 ] q e t h : w a i t f o r f i n i s h e d r e c o v e r y ( H e n d r i k B r u e c k n e r ) [ 6 1 9 4 5 6 ] b r > - [ s 3 9 0 ] q e t h : a v o i d l o o p i f i p a c o m m a n d r e s p o n s e m i s s i n g ( H e n d r i k B r u e c k n e r ) [ 6 1 9 4 5 1 ] b r > - [ s 3 9 0 ] z f c p : n o f o r c e c l o s e w h e n p o r t i s a l r e a d y c l o s e d ( H e n d r i k B r u e c k n e r ) [ 6 1 2 2 6 3 ] b r > - [ s 3 9 0 ] z f c p : D o n o t u n b l o c k r p o r t f r o m R E O P E N _ P O R T _ F O R C E D ( H e n d r i k B r u e c k n e r ) [ 6 1 2 2 6 6 ] b r > - [ s 3 9 0 ] z f c p : F a i l e r p a f t e r t i m e o u t ( H e n d r i k B r u e c k n e r ) [ 6 1 2 2 6 1 ] b r > - [ m e s s a g e ] f u s i o n : u p d a t e t o 3 . 4 . 1 5 ( T o m a s H e n z l ) [ 5 6 8 2 9 2 ] b r > - [ n e t ] i p v 6 : r e r o u t e p a c k e t s a f t e r n e t f i l t e r m a n g l i n g ( T h o m a s G r a f ) [ 5 1 7 3 2 7 ] b r > - [ s c s i ] l p f c : u p d a t e d r i v e r f r o m 8 . 2 . 0 . 7 6 . 1 p t o 8 . 2 . 0 . 7 7 ( R o b E v e r s ) [ 6 0 3 8 0 6 ] b r > - [ v i r t ] x e n b u s : a v o i d d e a d l o c k u n r e g i s t e r i n g x e n b u s w a t c h ( P a o l o B o n z i n i ) [ 4 2 9 1 0 2 ] b r > - [ i a 6 4 ] k d u m p : p r e v e n t h a n g o n I N I T i n t e r r u p t d u r i n g b o o t ( N e i l H o r m a n ) [ 5 0 6 6 9 4 ] b r > - [ n e t ] q l a 3 x x x : f i x o o p s o n t o o - l o n g n e t d e v p r i v s t r u c t u r e ( N e i l H o r m a n ) [ 6 2 0 5 0 8 ] b r > - [ k p r o b e s ] k r e t p r o b e : s e t s t a t u s t o f i x f a u l t h a n d l i n g ( J o s h S t o n e ) [ 6 1 5 1 2 1 ] b r > - [ n e t ] b o n d i n g : f i x a r a c e i n c a l l s t o s l a v e M I I i o c t l s ( F l a v i o L e i t n e r ) [ 6 2 1 2 8 0 ] b r > - [ v i r t ] x e n - k e r n e l : i m p r o v e b a c k t r a c e s u p p o r t o n i a 6 4 ( A n d r e w J o n e s ) [ 4 9 9 5 5 3 ] b r > - [ a c p i ] t h i n k p a d - a c p i : l o c k d o w n v i d e o o u t p u t s t a t e a c c e s s ( D o n H o w a r d ) [ 6 0 7 0 3 7 ] b r > - [ f s ] x f s : f i x u n t r u s t e d i n o d e n u m b e r l o o k u p ( D a v e C h i n n e r ) [ 6 2 4 8 6 2 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 4 . e l 5 ] b r > - [ m m ] a c c e p t a n a b u t t i n g s t a c k s e g m e n t ( J i r i P i r k o ) [ 6 0 7 8 5 8 ] { C V E - 2 0 1 0 - 2 2 4 0 } b r > - [ f s ] f i x d c a c h e a c c o u n t i n g b u g ( J o s e f B a c i k ) [ 5 9 6 5 4 8 ] b r > - [ s c s i ] m p t s a s : e n a b l e T L R f o r S S P T A P E d r i v e s ( T o m a s H e n z l ) [ 5 9 9 4 2 0 ] b r > - [ s c s i ] s a s : a d d t r a n s p o r t l a y e r r e t r y s u p p o r t ( T o m a s H e n z l ) [ 5 9 9 4 2 0 ] b r > - [ s c s i ] f i x p o t e n t i a l k m a l l o c f a i l u r e i n s c s i _ g e t _ v p d _ p a g e ( T o m a s H e n z l ) [ 5 9 9 4 2 0 ] b r > - [ s c s i ] f i x b u g s i n s c s i _ v p d _ i n q u i r y ( T o m a s H e n z l ) [ 5 9 9 4 2 0 ] b r > - [ s c s i ] a d d V P D h e l p e r ( T o m a s H e n z l ) [ 5 9 9 4 2 0 ] b r > - [ x 8 6 _ 6 4 ] i m p l e m e n t v D S O r a n d o m i z a t i o n ( D a n n y F e n g ) [ 4 5 9 7 6 3 ] b r > - [ v i r t ] x e n : d o n t a d j u s t t i m e f o r n t p c l o c k s l o w i n g ( B r e t i s l a v K a b e l e ) [ 5 5 3 4 0 7 ] b r > - [ n e t ] i b m v e t h : f i x l o s t I R Q t h a t l e a d s t o s e r v i c e l o s s ( S t e v e B e s t ) [ 6 2 6 8 4 1 ] b r > - [ s c s i ] c x g b 3 i : s y n c d r i v e r w i t h u p s t r e a m f o r R H E L 5 . 6 ( M i k e C h r i s t i e ) [ 5 6 7 4 4 4 ] b r > - [ n e t ] s c h e d : f i x s o m e k e r n e l m e m o r y l e a k s ( J i r i P i r k o ) [ 6 2 4 6 3 8 ] { C V E - 2 0 1 0 - 2 9 4 2 } b r > - [ t p m ] a u t o l o a d t p m _ t i s d r i v e r ( J o h n F e e n e y ) [ 5 3 0 1 2 3 ] b r > - [ u s b ] f i x u s b f s i n f o r m a t i o n l e a k ( E u g e n e T e o ) [ 5 6 6 6 2 9 ] { C V E - 2 0 1 0 - 1 0 8 3 } b r > - [ v i r t i o ] c o n s o l e : B a c k p o r t d r i v e r f o r R H E L 5 . 6 ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > - [ v i r t i o ] a d d v i r t q u e u e _ v q _ o p s w r a p p e r s ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > - [ v i r t i o ] i n i t i a l i z e v q - > d a t a e n t r i e s t o N U L L ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > - [ v i r t i o ] a d d a b i l i t y t o d e t a c h u n u s e d b u f f e r s f r o m v r i n g s ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > - [ v i r t i o ] m a k e a d d _ b u f r e t u r n c a p a c i t y r e m a i n i n g ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > - [ v i r t i o ] f i n d _ v q s / d e l _ v q s v i r t i o o p e r a t i o n s ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > - [ v i r t i o ] a d d n a m e s t o v i r t q u e u e s t r u c t ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > - [ v i r t i o ] m o r e n e a t e n i n g o f v i r t i o _ r i n g m a c r o s ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > - [ v i r t i o ] f i x B A D _ R I N G , S T A R T _ U S a n d E N D _ U S E m a c r o s ( A m i t S h a h ) [ 6 2 0 0 3 7 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 3 . e l 5 ] b r > - [ m m ] p a s s c o r r e c t m m w h e n g r o w i n g s t a c k ( J i r i P i r k o ) [ 6 0 7 8 5 8 ] { C V E - 2 0 1 0 - 2 2 4 0 } b r > - [ m m ] f i x u p s o m e u s e r - v i s i b l e e f f e c t s o f s t a c k g u a r d p a g e ( J i r i P i r k o ) [ 6 0 7 8 5 8 ] { C V E - 2 0 1 0 - 2 2 4 0 } b r > - [ m m ] f i x p a g e t a b l e u n m a p f o r s t a c k g u a r d p a g e p r o p e r l y ( J i r i P i r k o ) [ 6 0 7 8 5 8 ] { C V E - 2 0 1 0 - 2 2 4 0 } b r > - [ m m ] f i x m i s s i n g u n m a p f o r s t a c k g u a r d p a g e f a i l u r e c a s e ( J i r i P i r k o ) [ 6 0 7 8 5 8 ] { C V E - 2 0 1 0 - 2 2 4 0 } b r > - [ m m ] k e e p a g u a r d p a g e b e l o w a g r o w - d o w n s t a c k s e g m e n t ( J i r i P i r k o ) [ 6 0 7 8 5 8 ] { C V E - 2 0 1 0 - 2 2 4 0 } b r > - [ n e t ] t c p : f i x d i v b y z e r o i n c o n g e s t i o n c o n t r o l p r o t o s ( N e i l H o r m a n ) [ 6 0 8 6 4 1 ] b r > - [ n e t ] t c p : t c p _ v e g a s s s t h r e s h b u g f i x ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : t c p _ v e g a s c o n g a v o i d f i x ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : f i x o v e r f l o w b u g i n V e g a s ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : f i x V e g a s b u g i n d i s a b l i n g s l o w s t a r t ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : i n c r e a s e V e g a s d e f a u l t a l p h a a n d b e t a p a r a m s ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : t c p _ h y b l a z e r o c o n g e s t i o n w i n d o w g r o w t h f i x ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : h t c p l a s t _ c o n g b u g f i x ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : T C P c u b i c v 2 . 2 ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : f a s t e r c u b e r o o t ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : b a c k p o r t c u b i c u p d a t e f o r n e t - 2 . 6 . 2 2 ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : s e t C u b i c a n d B I C d e f a u l t t h r e s h o l d s t o z e r o ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : c o n g e s t i o n c o n t r o l i n i t i a l i z a t i o n ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : u n i n l i n e t c p _ i s _ c w n d _ l i m i t e d ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ n e t ] t c p : m o v e p r i o r _ i n _ f l i g h t c o l l e c t t o b e t t e r s p o t ( T h o m a s G r a f ) [ 6 1 2 7 0 9 ] b r > - [ f s ] e x t 4 : c o n s o l i d a t e i n _ r a n g e d e f i n i t i o n s ( E r i c S a n d e e n ) [ 6 2 4 3 3 2 ] { C V E - 2 0 1 0 - 3 0 1 5 } b r > - [ n e t ] d o n t d o u b l e c o u n t U D P _ I N E R R O R S ( N e i l H o r m a n ) [ 6 1 8 8 1 8 ] b r > - [ s c s i ] b e 2 i s c s i : s y n c w i t h u p s t r e a m f o r R H E L 5 . 6 ( M i k e C h r i s t i e ) [ 5 6 9 6 4 3 ] b r > - [ m m c ] s d h c i : f i x s y s t e m c a n n o t e n t e r S 4 w i t h S D c a r d ( M a t t h e w G a r r e t t ) [ 6 0 6 8 9 9 ] b r > - [ c p u f r e q ] p o w e r n o w - k 8 : s u p p o r t A M D C o r e P e r f o r m a n c e B o o s t ( M a t t h e w G a r r e t t ) [ 5 6 8 7 5 1 ] b r > - [ f s ] c i f s : r e m o v e f o r c e p a r m f r o m c i f s _ u n i x _ i n f o _ t o _ i n o d e ( J e f f L a y t o n ) [ 6 1 9 1 1 2 ] b r > - [ f s ] n f s : f i x N F S 4 E R R _ F I L E _ O P E N h a n d l i n g i n L i n u x / N F S ( J e f f L a y t o n ) [ 6 0 4 0 4 4 ] b r > - [ u s b ] f i x t e s t o f w r o n g v a r i a b l e i n c r e a t e _ b y _ n a m e ( D o n H o w a r d ) [ 5 9 4 6 3 5 ] b r > - [ s 3 9 0 ] c i o : f i x c a u s e o f u n e x p e c t e d r e c o v e r y a c t i o n s ( H e n d r i k B r u e c k n e r ) [ 6 2 1 3 3 0 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 2 . e l 5 ] b r > - [ i p m i ] a d d p a r a m e t e r t o l i m i t C P U u s a g e i n k i p m i d ( T a k a o I n d o h ) [ 4 9 4 6 8 0 ] b r > - [ n e t ] b n x 2 x : A d d e d G R O s u p p o r t ( S t a n i s l a w G r u s z k a ) [ 5 7 3 1 1 4 ] b r > - [ n e t ] b n x 2 x : f i x m e m o r y b a r r i e r s ( S t a n i s l a w G r u s z k a ) [ 5 6 9 3 7 0 ] b r > - [ p p c ] p a r t i t i o n h i b e r n a t i o n s u p p o r t ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ p p c ] A d d r e s u m e h a n d l e r t o p o w e r p c t i m e m a n a g e m e n t c o d e ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ s c s i ] i b m v s c s i : F i x s o f t l o c k u p o n r e s u m e ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ s c s i ] i b m v f c : F i x s o f t l o c k u p o n r e s u m e ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ s c s i ] i b m v f c : A d d s u s p e n d / r e s u m e s u p p o r t ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ s c s i ] i b m v s c s i : A d d s u s p e n d / r e s u m e s u p p o r t ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ n e t ] i b m v e t h : A d d s u s p e n d / r e s u m e s u p p o r t ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ p p c ] v i o : a d d p o w e r m a n a g e m e n t s u p p o r t ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ p p c ] a d d h o o k s t o p u t C P U i n a p p r o p r i a t e o f f l i n e s t a t e ( S t e v e B e s t ) [ 5 6 5 5 7 0 ] b r > - [ v i r t ] x e n : f i x p a s s t h r o u g h o f S R - I O V V F ( P a o l o B o n z i n i ) [ 5 8 2 8 8 6 ] b r > - [ m m ] a d d o p t i o n t o s k i p Z E R O _ P A G E m m a p o f / d e v / z e r o ( L a r r y W o o d m a n ) [ 6 1 9 5 4 1 ] b r > - [ n e t ] b o n d i n g : c h e c k i f c l i e n t s M A C a d d r h a s c h a n g e d ( F l a v i o L e i t n e r ) [ 6 1 0 2 3 4 ] b r > - [ v i r t ] x e n : f i x p u d _ p r e s e n t c o m p i l e w a r n i n g s ( D o n Z i c k u s ) [ 5 9 0 7 6 0 ] b r > - [ x e n ] C P U s y n c h r o n i z a t i o n d u r i n g M T R R r e g i s t e r u p d a t e ( D o n D u g g e r ) [ 5 9 4 5 4 6 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 1 . e l 5 ] b r > - [ p c i ] f i x r e m o v e o f p r o c e n t r y f o r h o t p l u g d e v i c e s ( W a d e M e a l i n g ) [ 6 1 8 1 1 4 ] b r > - [ i d e ] : a t i i x p : n o p i o a u t o t u n e o n A M D H u d s o n 2 ( P r a r i t B h a r g a v a ) [ 6 1 8 0 7 5 ] b r > - [ p c i ] m s i : a d d o p t i o n f o r l o c k l e s s i n t e r r u p t m o d e ( P r a r i t B h a r g a v a ) [ 5 9 9 2 9 5 ] b r > - [ v i r t ] x e n b u s : i m p l e m e n t O _ N O N B L O C K ( P a o l o B o n z i n i ) [ 4 7 0 8 0 1 ] b r > - [ n e t ] i p 4 v / t c p : n o a d d i t i o n a l r e s e t o n c l o s e d s o c k e t s ( N e i l H o r m a n ) [ 6 0 5 2 5 9 ] b r > - [ m i s c ] x e n : f i x m i g r a t i o n u s i n g x e n - v n i f i n s m p h v m g u e s t ( M i r o s l a v R e z a n i n a ) [ 5 5 5 9 1 0 ] b r > - [ e d a c ] f i x i 7 c o r e _ e d a c i n m u l t i - s o c k e t s y s t e m s ( M a u r o C a r v a l h o C h e h a b ) [ 4 6 8 8 7 7 ] b r > - [ n e t ] a r p _ t a b l e s : f i x u n a l i g n e d a c c e s s e s ( J i r i P i r k o ) [ 5 8 2 2 6 8 ] b r > - [ f s ] e x t 3 : h a n d l e j o u r n a l _ s t a r t f a i l u r e p r o p e r l y ( J o s e f B a c i k ) [ 5 8 8 5 9 9 ] b r > - [ m i s c ] h a n d l e d e a d h u n g u n i n t e r r u p t i b l e t a s k s c o r r e c t l y ( J e r o m e M a r c h a n d ) [ 5 8 2 2 3 7 ] b r > - [ f s ] e c r y p t f s : f i x e c r y p t f s _ u i d _ h a s h b u f f e r o v e r f l o w ( J e r o m e M a r c h a n d ) [ 6 1 1 3 8 7 ] { C V E - 2 0 1 0 - 2 4 9 2 } b r > - [ i n f i n i b a n d ] c h e c k l o c a l r e s e r v e d p o r t s ( J e r o m e M a r c h a n d ) [ 5 5 7 8 8 4 ] b r > - [ i n f i n i b a n d ] r a n d o m i z e l o c a l p o r t a l l o c a t i o n ( J e r o m e M a r c h a n d ) [ 5 5 7 8 8 4 ] b r > - [ n e t ] r e s e r v e p o r t s f o r a p p s u s i n g f i x e d p o r t n u m b e r s ( J e r o m e M a r c h a n d ) [ 5 5 7 8 8 4 ] b r > - [ k e r n e l ] s y s c t l : a d d p r o c _ d o _ l a r g e _ b i t m a p ( J e r o m e M a r c h a n d ) [ 5 5 7 8 8 4 ] b r > - [ s c s i ] l p f c : u s e k e r n e l - p r o v i d e d r a n d o m 3 2 ( J a r o d W i l s o n ) [ 6 0 5 8 1 6 ] b r > - [ l i b ] m a k e t a u s w o r t h e r a n d o m 3 2 g e n e r a t o r a v a i l a b l e t o a l l ( J a r o d W i l s o n ) [ 6 0 5 8 1 6 ] b r > - [ n e t ] b e 2 n e t : i n c r e a s e P O S T t i m e o u t f o r E E H r e c o v e r y ( I v a n V e c e r a ) [ 6 1 6 5 1 2 ] b r > - [ h w m o n ] c o r e t e m p : g e t T j M a x v a l u e f r o m M S R ( D e a n N e l s o n ) [ 5 8 0 6 9 9 ] b r > - [ h w m o n ] c o r e t e m p : d e t e c t t h e t h e r m a l s e n s o r s b y C P U I D ( D e a n N e l s o n ) [ 5 8 0 6 9 9 ] b r > - [ f s ] x f s : r e n a m e X F S _ I G E T _ B U L K S T A T t o X F S _ I G E T _ U N T R U S T E D ( D a v e C h i n n e r ) [ 6 0 7 0 3 2 ] b r > - [ f s ] x f s : v a l i d a t e u n t r u s t e d i n o d e n u m b e r s d u r i n g l o o k u p ( D a v e C h i n n e r ) [ 6 0 7 0 3 2 ] b r > - [ f s ] x f s : a l w a y s u s e i g e t i n b u l k s t a t ( D a v e C h i n n e r ) [ 6 0 7 0 3 2 ] b r > - [ s 3 9 0 ] q e t h : s u p p o r t f o r O S A C H P I D t y p e s O S X a n d O S M ( H e n d r i k B r u e c k n e r ) [ 5 9 9 6 4 4 ] b r > - [ s 3 9 0 ] q e t h : d o n t a l l o w l a y e r s w i t c h w i t h o p e n i n t e r f a c e ( H e n d r i k B r u e c k n e r ) [ 6 1 2 1 9 5 ] b r > - [ s 3 9 0 ] z f c p : f i x r e f e r e n c e c o u n t i n g o n a d i s c ( H e n d r i k B r u e c k n e r ) [ 6 1 0 0 8 9 ] b r > - [ s 3 9 0 ] k e r n e l : i n i t r d v s b o o t m e m b i t m a p ( H e n d r i k B r u e c k n e r ) [ 6 1 0 8 3 7 ] b r > - [ s 3 9 0 ] h y p f s : f i x h i g h c p u t i m e o u t p u t ( H e n d r i k B r u e c k n e r ) [ 5 8 9 2 8 2 ] b r > - [ s 3 9 0 ] d a s d : f i x r a c e b e t w e e n t a s k l e t a n d d a s d _ s l e e p _ o n ( H e n d r i k B r u e c k n e r ) [ 5 9 3 7 5 6 ] b r > - [ s 3 9 0 ] c m m : f i x m o d u l e u n l o a d h a n d l i n g ( H e n d r i k B r u e c k n e r ) [ 5 9 8 5 4 9 ] b r > - [ f s ] g f s : c l e a n u p s t u f f e d f i l e d a t a c o p y h a n d l i n g ( A b h i j i t h D a s ) [ 5 8 0 8 6 7 ] b r > b r > [ 2 . 6 . 1 8 - 2 1 0 . e l 5 ] b r > - [ s c s i ] i p s d r i v e r s l e e p s w h i l e h o l d i n g s p i n _ l o c k ( S t e v e B e s t ) [ 6 1 6 9 6 1 ] b r > - [ n e t ] f i x l o c k u p s a n d d u p e a d d r e s s e s w / b o n d i n g a n d i p v 6 ( S h y a m I y e r ) [ 5 1 6 9 8 5 ] b r > - [ s c s i ] m e g a r a i d _ s a s : u p d a t e d r i v e r t o v e r s i o n 4 . 3 1 ( T o m a s H e n z l ) [ 5 6 4 2 4 9 ] b r > - [ s c s i ] m e g a r a i d _ s a s : u p d a t e d r i v e r t o v e r s i o n 4 . 2 7 ( R o b E v e r s ) [ 5 6 4 2 4 9 ] b r > - [ n e t ] n a t : a v o i d r e r o u t i n g p a c k e t s i f o n l y k e y c h a n g e d ( J i r i P i r k o ) [ 5 6 6 1 4 4 ] b r > - [ f s ] c i f s : r e m o v e b o g u s c h e c k i n N T L M s e s s i o n s e t u p c o d e ( J e f f L a y t o n ) [ 4 7 9 4 1 8 ] b r > - [ a t a ] a h c i : a d d e m _ b u f f e r a t t r i b u t e f o r A H C I h o s t s ( D a v i d M i l b u r n ) [ 5 6 8 3 6 4 ] b r > - [ s c s i ] q l a 4 x x x : a d d s u p p o r t f o r I S P 8 2 X X ( C h a d D u p u i s ) [ 5 4 6 5 9 2 ] b r > - [ s c s i ] q l a 4 x x x : F i x e s f r o m u p s t r e a m f o r 5 . 6 ( C h a d D u p u i s ) [ 5 4 6 5 9 2 ] b r > - [ s c s i ] q l a 2 x x x : m o r e u p s t r e a m u p d a t e s f o r R H E L 5 . 6 ( C h a d D u p u i s ) [ 5 6 7 4 2 8 ] b r > - [ s c s i ] q l a 2 x x x : a d d s u p p o r t f o r I S P 8 2 X X ( C h a d D u p u i s ) [ 5 6 7 4 2 8 ] b r > - [ s c s i ] q l a 2 x x x : m o r e u p d a t e s f r o m u p s t r e a m f o r R H E L 5 . 6 ( C h a d D u p u i s ) [ 5 6 7 4 2 8 ] b r > - [ s c s i ] q l a 2 x x x : u p d a t e t o 8 . 0 3 . 0 1 . 0 5 . 0 5 . 0 6 - k ( C h a d D u p u i s ) [ 5 6 7 4 2 8 ] b r > - [ x e n ] c o r r e c t b i t s i z e c a l c u l a t i o n f o r 3 2 - o n - 6 4 ( A n d r e w J o n e s ) [ 6 1 6 8 2 7 ] b r > b r > [ 2 . 6 . 1 8 - 2 0 9 . e l 5 ] b r > - [ n e t ] r 8 1 6 9 : f i x f o r b r o k e n r e g i s t e r w r i t e s ( I v a n V e c e r a ) [ 5 8 1 6 5 4 ] b r > - [ s e r i a l ] r e m o v e c o n t a c t i n f o f o r i t e 8 8 7 x c h i p s u p p o r t ( D e a n N e l s o n ) [ 5 6 3 2 7 1 ] b r > - [ s e r i a l ] f i x m o d p o s t w a r n i n g i n i t e 8 8 7 x d r i v e r ( D e a n N e l s o n ) [ 5 6 3 2 7 1 ] b r > - [ s e r i a l ] a d d s u p p o r t f o r i t e 8 8 7 x c h i p s ( D e a n N e l s o n ) [ 5 6 3 2 7 1 ] b r > - [ p a r p o r t ] i n c r e a s e i t e 8 8 7 x s I / O p o r t r a n g e ( D e a n N e l s o n ) [ 5 6 3 2 7 1 ] b r > - [ s c s i ] q l a 2 x x x : u p d a t e f i r m w a r e t o v e r s i o n 5 . 0 3 . 0 2 ( C h a d D u p u i s ) [ 5 7 8 4 4 4 5 9 8 9 4 6 ] b r > - [ f s ] c i f s : r e j e c t D N S u p c a l l a d d _ k e y r e q f r o m u s e r s p a c e ( J e f f L a y t o n ) [ 6 1 2 1 7 1 ] { C V E - 2 0 1 0 - 2 5 2 4 } b r > - [ s e c u r i t y ] k e y s : n e w k e y f l a g f o r a d d _ k e y f r o m u s e r s p a c e ( J e f f L a y t o n ) [ 6 1 2 1 7 1 ] { C V E - 2 0 1 0 - 2 5 2 4 } b r > b r > [ 2 . 6 . 1 8 - 2 0 8 . e l 5 ] b r > - [ f s ] g f s 2 : f i x r e n a m e c a u s i n g k e r n e l o o p s ( R o b e r t S P e t e r s o n ) [ 6 0 2 0 2 5 ] b r > - [ m i s c ] i o _ a p i c : s k i p t i m e r _ i r q _ w o r k s c h e c k w h e n o n V M w a r e ( P r a r i t B h a r g a v a ) [ 5 7 5 3 0 9 ] b r > - [ s c s i ] b e 2 i s c s i : f i x f o r 6 4 k d a t a l e n g t h s g e ( M i k e C h r i s t i e ) [ 6 0 8 8 0 1 ] b r > - [ m m ] f i x e x c e s s i v e m e m o r y r e c l a i m f r o m z o n e s w / l o t s f r e e ( L a r r y W o o d m a n ) [ 6 0 4 7 7 9 ] b r > - [ m m ] p r o p e r l y r e l e a s e a l l h u g e p a g e s o n d a t a b a s e s h u t d o w n ( L a r r y W o o d m a n ) [ 5 9 3 1 3 1 ] b r > - [ n e t ] f i x a c c e p t _ l o c a l h a n d l i n g f o r d e v w i t h n o x a t t r s ( J i r i O l s a ) [ 6 0 1 3 7 0 ] b r > - [ f s ] n f s : i _ n l i n k s c h a n g e s m u s t s e t N F S _ I N O _ I N V A L I D _ A T T R ( J e f f L a y t o n ) [ 6 0 1 8 0 0 ] b r > - [ f s ] n f s : f i x r e s o l u t i o n i n n f s _ i n o d e _ a t t r s _ n e e d _ u p d a t e ( J e f f L a y t o n ) [ 6 0 1 8 0 0 ] b r > - [ f s ] n f s : f i x c o m p i l e r w a r n i n g s i n t r o d u c e d r e c e n t l y ( J e f f L a y t o n ) [ 6 0 1 8 0 0 ] b r > - [ f s ] n f s : f i x a t t r i b u t e u p d a t e s e v e n m o r e ( J e f f L a y t o n ) [ 6 0 1 8 0 0 ] b r > - [ f s ] n f s : f i x t h e N F S a t t r i b u t e u p d a t e ( J e f f L a y t o n ) [ 6 0 1 8 0 0 ] b r > - [ f s ] n f s : c l e a n u p i n o d e h a n d l i n g f u n c t i o n s ( J e f f L a y t o n ) [ 6 0 1 8 0 0 ] b r > - [ f s ] n f s : n f s _ r e f r e s h _ i n o d e s h o u l d c l e a r c a c h e _ v a l i d i t y ( J e f f L a y t o n ) [ 6 0 1 8 0 0 ] b r > - [ f s ] n f s : u s e n f s _ r e f r e s h _ i n o d e i n _ _ n f s _ r e v a l i d a t e _ i n o d e ( J e f f L a y t o n ) [ 6 0 1 8 0 0 ] b r > - [ a t a ] a h c i , p a t a _ m a r v e l l : f i x u p c o m p e t i t i o n f o r P A T A p o r t ( D a v i d M i l b u r n ) [ 2 3 7 3 7 2 ] b r > - [ n e t ] q l c n i c : A d d Q L C N I C t o K c o n f i g a n d M a k e f i l e ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : e n a b l e b u i l d i n g d r i v e r m o d u l e ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : r e m o v e e x t r a s p a c e f r o m b o a r d n a m e s ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : f i x b i o s v e r s i o n c h e c k ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : v a l i d a t e u n i f i e d f w i m a g e ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : f i x m u l t i c a s t h a n d l i n g ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : a d d i t i o n a l d r i v e r s t a t i s t i c s . ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : f i x t x c s u m s t a t u s ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : a d d l o o p b a c k d i a g n o s t i c t e s t ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : a d d i n t e r r u p t d i a g n o s t i c t e s t ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : s u p p o r t L E D b l i n k f o r d e v i c e i d e n t i f i c a t i o n ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : p r o t e c t r e s o r u c e c l e a n u p b y r t n l l o c k ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : c l e a r d e v i c e r e s e t s t a t e a f t e r f w r e c o v e r y ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : a d d e t h e r n e t i d e n t i f i e r i n b o a r d i n f o ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : u s e D E F I N E _ P C I _ D E V I C E _ T A B L E ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - [ n e t ] q l c n i c : a d d Q l o g i c e t h e r n e t d r i v e r f o r C N A d e v i c e s ( C h a d D u p u i s ) [ 5 6 2 7 2 3 ] b r > - R e v e r t : [ f s ] c i f s : r e j e c t D N S u p c a l l a d d _ k e y r e q f r o m u s e r s p a c e ( J e f f L a y t o n ) [ 6 1 2 1 7 1 ] { C V E - 2 0 1 0 - 2 5 2 4 } b r > - R e v e r t : [ s e c u r i t y ] k e y s : n e w k e y f l a g f o r a d d _ k e y f r o m u s e r s p a c e ( J e f f L a y t o n ) [ 6 1 2 1 7 1 ] { C V E - 2 0 1 0 - 2 5 2 4 } b r > b r > [ 2 . 6 . 1 8 - 2 0 7 . e l 5 ] b r > - [ u s b ] u h c i : f i x o o p s i n u h c i _ s c a n _ s c h e d u l e ( P e t e Z a i t c e v ) [ 5 1 6 8 5 1 ] b r > - [ w i r e l e s s ] r t l 8 1 8 x : u s e c a n c e l _ w o r k _ s y n c ( S t a n i s l a w G r u s z k a ) [ 5 8 2 1 9 1 ] b r > - [ w i r e l e s s ] i w l w i f i : u s e c a n c e l _ w o r k _ s y n c ( S t a n i s l a w G r u s z k a ) [ 5 8 2 1 9 1 ] b r > - [ w i r e l e s s ] a t h 9 k : u s e c a n c e l _ w o r k _ s y n c ( S t a n i s l a w G r u s z k a ) [ 5 8 2 1 9 1 ] b r > - [ w i r e l e s s ] r t 2 x 0 0 : u s e c a n c e l _ w o r k _ s y n c ( S t a n i s l a w G r u s z k a ) [ 5 8 2 1 9 1 ] b r > - R e v e r t : [ w i r e l e s s ] r t 2 x 0 0 : f i x w o r k c a n c e l r a c e c o n d i t i o n ( S t a n i s l a w G r u s z k a ) [ 5 8 2 1 9 1 ] b r > - [ w i r e l e s s ] u s e c a n c e l _ w o r k _ s y n c i n m a c 8 0 2 1 1 a n d c o r e ( S t a n i s l a w G r u s z k a ) [ 5 8 2 1 9 1 ] b r > - [ m i s c ] w o r k q u e u e : a d d c a n c e l _ w o r k _ s y n c t o i n c l u d e ( S t a n i s l a w G r u s z k a ) [ 5 8 2 1 9 1 ] b r > - [ n e t ] i g b : d r o p s u p p o r t f o r U D P h a s h i n g w / R S S ( S t e f a n A s s m a n n ) [ 6 1 3 7 8 0 ] b r > - [ m i s c ] s i g n a l s : a v o i d u n n e c e s s a r y c r e d e n t i a l s c h e c k ( O l e g N e s t e r o v ) [ 4 5 9 9 0 1 ] b r > - [ a c p i ] t e l l p l a t f o r m t h a t w e s u p p o r t f i x e d h w T - s t a t e s ( M a t t h e w G a r r e t t ) [ 5 6 9 5 9 0 ] b r > - [ e d a c ] i 7 c o r e _ e d a c : B a c k p o r t d r i v e r t o R H E L 5 ( M a u r o C a r v a l h o C h e h a b ) [ 4 6 8 8 7 7 ] b r > - [ e d a c ] i 7 c o r e _ e d a c : a d d d r i v e r f o r n e w N e h a l e m ( M a u r o C a r v a l h o C h e h a b ) [ 4 6 8 8 7 7 ] b r > - [ x 8 6 _ 6 4 ] m c e : f i x m i s p l a c e d ' c o n t i n u e ' i n m c e . c ( M a u r o C a r v a l h o C h e h a b ) [ 4 6 8 8 7 7 ] b r > - [ p c i ] A d d a p r o b i n g c o d e t h a t s e e k s f o r a n s p e c i f i c b u s ( M a u r o C a r v a l h o C h e h a b ) [ 4 6 8 8 7 7 ] b r > - [ e d a c ] a d d s u p p o r t f o r D D R 3 a t E D A C c o r e ( M a u r o C a r v a l h o C h e h a b ) [ 4 6 8 8 7 7 ] b r > - [ w i r e l e s s ] K c o n f i g : s e l e c t W I R E L E S S _ C O M P A T a s n e e d e d ( J o h n L i n v i l l e ) [ 5 8 3 7 6 7 ] b r > - [ i 3 8 6 ] o p r o f i l e : f i x d e t e c t i o n o f I n t e l C P U f a m i l y 6 ( J o h n V i l l a l o v o s ) [ 5 8 1 9 1 9 ] b r > - [ m i s c ] i n t e l : s u p p o r t f o r I n t e l C o u g a r P o i n t C h i p s e t ( J o h n V i l l a l o v o s ) [ 5 6 6 8 5 4 ] b r > - [ f s ] x f s : d o n t l e t s w a p e x t o p e r a t e o n w r i t e - o n l y f i l e s ( J i r i P i r k o ) [ 6 0 5 1 6 1 ] { C V E - 2 0 1 0 - 2 2 2 6 } b r > - [ f s ] n f s : f i x b u g i n n f s d 4 r e a d _ b u f ( J i r i O l s a ) [ 6 1 2 0 3 5 ] { C V E - 2 0 1 0 - 2 5 2 1 } b r > - [ f s ] n f s d : a d d l o c k d e p a n n o t a t i o n t o n f s d 4 r e c o v e r c o d e ( J e f f L a y t o n ) [ 5 6 7 0 9 2 ] b r > - [ f s ] n f s : w a i t f o r c l o s e b e f o r e s i l l y - r e n a m i n g ( J e f f L a y t o n ) [ 5 6 5 9 7 4 ] b r > - [ f s ] c i f s : e n a b l e C O N F I G _ C I F S _ S T A T S ( J e f f L a y t o n ) [ 5 7 4 7 9 5 ] b r > - [ n e t ] s u n r p c : t r a n s l a t e a n - E N E T U N R E A C H t o - E N O T C O N N ( J e f f L a y t o n ) [ 4 8 1 3 7 2 ] b r > - [ f s ] c i f s : m e r g e C I F S S M B Q u e r y E A w i t h C I F S S M B Q A l l E A s ( J e f f L a y t o n ) [ 5 2 7 2 6 8 ] b r > - [ f s ] c i f s : v e r i f y l e n g t h s o f Q u e r y A l l E A s r e p l y ( J e f f L a y t o n ) [ 5 2 7 2 6 8 ] b r > - [ f s ] c i f s : i n c r e a s e m a x i m u m b u f f e r s i z e i n C I F S S M B Q A l l E A s ( J e f f L a y t o n ) [ 5 2 7 2 6 8 ] b r > - [ f s ] c i f s : r e n a m e n a m e _ l e n t o l i s t _ l e n i n C I F S S M B Q A l l E A s ( J e f f L a y t o n ) [ 5 2 7 2 6 8 ] b r > - [ f s ] c i f s : c l e a n u p i n d e n t a t i o n i n C I F S S M B Q A l l E A s ( J e f f L a y t o n ) [ 5 2 7 2 6 8 ] b r > - [ f s ] c i f s : r e j e c t D N S u p c a l l a d d _ k e y r e q f r o m u s e r s p a c e ( J e f f L a y t o n ) [ 6 1 2 1 7 1 ] { C V E - 2 0 1 0 - 2 5 2 4 } b r > - [ f s ] c i f s : a d d p a r e n s a r o u n d s m b _ v a r i n B C C m a c r o s ( J e f f L a y t o n ) [ 5 2 7 2 6 8 ] b r > - [ s e c u r i t y ] k e y s : n e w k e y f l a g f o r a d d _ k e y f r o m u s e r s p a c e ( J e f f L a y t o n ) [ 6 1 2 1 7 1 ] { C V E - 2 0 1 0 - 2 5 2 4 } b r > - [ s p e c f i l e ] s k i p x e n t a r b a l l a n d p a t c h i n g i f b u i l d i n g w / o x e n ( J a r o d W i l s o n ) b r > - [ s p e c f i l e ] r e p l a c e a n c i e n t a n d d e p r e c a t e d r p m s y n t a x ( J a r o d W i l s o n ) b r > - [ v i r t ] x e n : r e m o v e s y s d a t a h a c k f r o m i r q - x e n . c ( P a o l o B o n z i n i ) [ 5 6 1 3 9 0 ] b r > - [ x e n ] m s i f i x m a p c l e a n u p a n d v e c t o r t e a r d o w n ( D o n D u g g e r ) [ 5 1 6 2 3 6 ] b r > b r > [ 2 . 6 . 1 8 - 2 0 6 . e l 5 ] b r > - [ x 8 6 ] k p r o b e s : i n t r o d u c e k p r o b e s j u m p o p t i m i z a t i o n ( M a s a m i H i r a m a t s u ) [ 5 1 6 3 1 3 ] b r > - [ x 8 6 ] a d d x 8 6 _ 6 4 a l t e r n a t i v e s _ t e x t _ r e s e r v e d i n t e r f a c e ( M a s a m i H i r a m a t s u ) [ 5 1 6 3 1 3 ] b r > - [ x 8 6 _ 6 4 ] k p r o b e s : u p s t r e a m u p d a t e f o r r h e l 5 . 6 ( M a s a m i H i r a m a t s u ) [ 5 1 6 3 1 3 ] b r > - [ x 8 6 _ 6 4 ] a d d i n s t r u c t i o n d e c o d e r A P I ( M a s a m i H i r a m a t s u ) [ 5 1 6 3 1 3 ] b r > - [ f u s i o n ] m p t : f i x d e r e g i s t e r c a l l s i n e x i t p a t h ( h i r o m u n e d a ) [ 5 8 1 5 2 3 ] b r > - [ n e t ] c x g b 3 : w a i t l o n g e r f o r c o n t r o l p a c k e t s o n i n i t ( S t e v e B e s t ) [ 5 8 7 6 7 0 ] b r > - [ s c s i ] s c s i _ d h _ a l u a : a d d I B M P o w e r V i r t u a l S C S I A L U A d e v ( S t e v e B e s t ) [ 5 6 7 2 9 2 ] b r > - [ f s ] g f s 2 : f i x s t u c k i n i n o d e w a i t , n o g l o c k s s t u c k ( R o b e r t S P e t e r s o n ) [ 5 9 5 3 9 7 ] b r > - [ m e s s a g e ] m p t s a s : f i x d i s k a d d f a i l i n g d u e t o t i m e o u t ( R o b E v e r s ) [ 5 4 2 8 9 2 ] b r > - [ s c s i ] l p f c : u p d a t e f r o m 8 . 2 . 0 . 7 3 . 1 p t o 8 . 2 . 0 . 7 6 . 1 p ( R o b E v e r s ) [ 5 9 1 6 7 4 ] b r > - [ s c s i ] l p f c : u p d a t e f r o m 8 . 2 . 0 . 6 3 . p 3 t o 8 . 2 . 0 . 7 3 . 1 p ( R o b E v e r s ) [ 5 7 1 8 6 2 ] b r > - [ i 2 c ] f i x e x p o r t s t y p e s f o r r e c e n t l y a d d e d i 2 c s y m b o l s ( P r a r i t B h a r g a v a ) [ 6 1 1 7 7 4 ] b r > - [ v i r t ] x e n : f i x 3 2 - b i t s y s c a l l s o n 6 4 - b i t k e r n e l ( P a o l o B o n z i n i ) [ 5 6 1 3 9 4 ] b r > - [ v i r t ] x e n : a d d t r a c e p o i n t f o r k e r n e l p a g e f a u l t e v e n t ( P a o l o B o n z i n i ) [ 5 6 1 3 8 5 ] b r > - [ s e c u r i t y ] s e l i n u x : f i x r a c e w i t h r e - p a r e n t i n g ( O l e g N e s t e r o v ) [ 5 5 6 6 7 5 ] b r > - [ n e t ] s c t p : f i x l e n g t h c h e c k s ( N e i l H o r m a n ) [ 6 0 5 3 0 5 ] b r > - [ a c p i ] i n t e l : a v o i d s k i p p i n g A R B _ D I S A B L E o n m o d e l 0 x 0 e ( M a t t h e w G a r r e t t ) [ 6 0 2 8 4 6 ] b r > - [ b l o c k ] c f q - i o s c h e d : f i x b a d l o c k i n g i n c h a n g e d _ i o p r i o ( J e f f M o y e r ) [ 5 8 2 4 3 5 ] b r > - [ b l o c k ] c f q - i o s c h e d : k i l l c f q _ e x i t _ l o c k ( J e f f M o y e r ) [ 5 8 2 4 3 5 ] b r > - [ f s ] c i f s : f i x k e r n e l B U G w i t h r e m o t e O S / 2 s e r v e r ( J e f f L a y t o n ) [ 6 0 8 5 8 8 ] { C V E - 2 0 1 0 - 2 2 4 8 } b r > - [ f s ] c i f s : d o n t t r y b u s y - f i l e r e n a m e u n l e s s i n s a m e d i r ( J e f f L a y t o n ) [ 6 0 3 7 0 6 ] b r > - [ f s ] n f s d : d o n t b r e a k l e a s e w h i l e s e r v i c i n g C O M M I T c a l l ( J e f f L a y t o n ) [ 5 7 5 8 1 7 ] b r > - [ f s ] f o r c e t a r g e t r e v a l w h e n f o l l o w i n g L A S T _ B I N D s y m l i n k s ( J e f f L a y t o n ) [ 5 7 1 5 1 8 ] b r > - [ n e t ] b e 2 n e t : u p d a t e t o v 2 . 1 0 2 . 3 4 8 r w i t h S R - I O V s u p p o r t ( I v a n V e c e r a ) [ 5 6 8 3 8 8 ] b r > - [ n e t ] v i r t i o _ n e t : a d d s e t _ m u l t i c a s t _ l i s t ( H e r b e r t X u ) [ 5 5 2 5 7 4 ] b r > - [ n e t ] g r o : f i x b o g u s g s o _ s i z e o n t h e f i r s t f r a g l i s t e n t r y ( H e r b e r t X u ) [ 5 8 8 0 1 5 ] b r > - [ t i m e ] f i x s o f t l o c k u p s i n R H E L 5 v i r t g u e s t s ( G l a u b e r C o s t a ) [ 6 0 7 4 4 3 ] b r > - [ t i m e ] c o u n t t i c k s w h e n l o s s g t c y c l e _ a c c o u n t e d _ l i m i t ( G l a u b e r C o s t a ) [ 5 8 4 6 7 9 ] b r > - [ n e t ] e 1 0 0 0 e : d o n t i n a d v e r t e n t l y r e - s e t I N T X _ D I S A B L E ( D e a n N e l s o n ) [ 4 9 6 1 2 7 ] b r > - [ s c s i ] f i x u p s i z e o n r e a d c a p a c i t y f a i l u r e ( D a v i d M i l b u r n ) [ 5 6 9 6 5 4 ] b r > - [ s 3 9 0 ] s m s g i u c v : a d d m i s s i n g c h e c k f o r z / V M ( H e n d r i k B r u e c k n e r ) [ 5 9 0 7 3 7 ] b r > - [ s 3 9 0 ] z c o r e : f i x r e i p l d e v i c e d e t e c t i o n ( H e n d r i k B r u e c k n e r ) [ 5 8 7 0 2 7 ] b r > - [ s 3 9 0 ] z c r y p t : p r i n t e r r o r m e s s a g e f o r 8 / 7 2 e r r o r ( H e n d r i k B r u e c k n e r ) [ 5 6 3 5 4 5 ] b r > - [ s 3 9 0 ] k e r n e l : f i x d u m p i n d i c a t o r ( H e n d r i k B r u e c k n e r ) [ 5 4 6 2 8 8 ] b r > - [ n e t ] b l u e t o o t h : f i x p o s s i b l e b a d m e m o r y a c c e s s v i a s y s f s ( M a u r o C a r v a l h o C h e h a b ) [ 5 7 6 0 2 1 ] { C V E - 2 0 1 0 - 1 0 8 4 } b r > b r > [ 2 . 6 . 1 8 - 2 0 5 . e l 5 ] b r > - [ s c s i ] i p r : a d d s P C I I D d e f i n i t i o n s f o r n e w a d a p t e r s ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : a d d s u p p o r t f o r n e w I O A S C s ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : a d d s u p p o r t f o r m u l t i p l e s t a g e s o f i n i t ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : i m p l e m e n t s h u t d o w n c h a n g e s ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : h a r d w a r e a s s i s t e d s m a r t d u m p f u n c t i o n a l i t y ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : a d d e r r o r h a n d l i n g u p d a t e s f o r n e x t g e n c h i p ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : u p d a t e t h e c o n f i g t a b l e f o r n e x t g e n c h i p ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : d e f i n e r e g i s t e r o f f s e t s f o r n e x t g e n c h i p ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : a d d c o m m a n d s t r u c t u r e s f o r n e x t g e n c h i p ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : d i f f e r e n t i a t e p c i - x a n d p c i - e b a s e d a d a p t e r s ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : a d d t e s t f o r M S I i n t e r r u p t s u p p o r t ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : a d d m e s s a g e t o e r r o r t a b l e ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : h a n d l e l o g i c a l l y b a d b l o c k w r i t e e r r o r s ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : c o n v e r t t o u s e t h e d a t a b u f f e r a c c e s s o r s ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : a d d s o m e d e f i n e s t h a t a r e m i s s i n g i n R H E L 5 . 5 ( S t e v e B e s t ) [ 5 6 3 5 8 9 ] b r > - [ s c s i ] i p r : a d d w o r k a r o u n d f o r M S I i n t e r r u p t s o n P 7 ( S t e v e B e s t ) [ 5 7 2 3 3 3 ] b r > - [ n e t ] t c p : f i x r c v m s s e s t i m a t e f o r l r o ( S t a n i s l a w G r u s z k a ) [ 5 9 3 8 0 1 ] b r > - [ v i r t ] x e n n e t b a c k : c o p y s k b u f f s i f h e a d c r o s s e s p a g e s ( P a o l o B o n z i n i ) [ 5 7 8 2 5 9 ] b r > - [ v i r t ] x e n : h a n d l e s o f t i r q s a t e n d o f e v e n t p r o c e s s i n g ( P a o l o B o n z i n i ) [ 5 6 4 5 2 3 ] b r > - [ v i r t ] f i x t s c c o u n t c l o c k s o u r c e u n d e r k v m g u e s t s ( G l a u b e r C o s t a ) [ 5 8 1 3 9 6 ] b r > - [ n e t ] b e n e t : c o m p a t h e a d e r c l e a n u p s , p a r t 2 ( I v a n V e c e r a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] b e n e t : c o m p a t h e a d e r c l e a n u p s , p a r t 1 ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] b n x 2 : c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] e 1 0 0 0 / e 1 0 0 0 e : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] e n i c : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] f o r c e d e t h : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] i g b : c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] i x g b e : c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] m y r i 1 0 g e : c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] n e t x e n : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] n i u : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] q l g e : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] r 8 1 6 9 : c o m p a t h e a d e r c l e a n u p s , p a r t 2 ( I v a n V e c e r a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] r 8 1 6 9 : c o m p a t h e a d e r c l e a n u p s , p a r t 1 ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] s f c : c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] s k y 2 : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] t g 3 : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] b o n d i n g : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] m o v e c o m p a t h e a d e r f i l e c o n t e n t s t o p r o p e r i n c l u d e s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] e t h e r n e t : c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] c h e l s i o : c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] s 2 i o : c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ n e t ] v x g e : c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ i n f i n i b a n d ] c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ s c s i ] c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ m i s c ] r e a d q / w r i t e q c o m p a t h e a d e r c l e a n u p ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ p c i ] c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ m i s c ] c o m p a t . h c l e a n u p : a d d c a n c e l _ d e l a y e d _ w o r k _ s y n c ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ i 2 c ] c o m p a t h e a d e r c l e a n u p s ( P r a r i t B h a r g a v a ) [ 5 4 6 7 4 0 ] b r > - [ f s ] n f s : f i x m e m o r y l e a k w h e n u s i n g - o n o l o c k o n n f s v 2 / 3 ( J e f f L a y t o n ) [ 5 9 2 9 0 8 ] b r > b r > [ 2 . 6 . 1 8 - 2 0 4 . e l 5 ] b r > - [ f s ] g f s 2 : f i x o r d e r i n g o f o r d e r e d w r i t e s ( S t e v e n W h i t e h o u s e ) [ 5 8 1 0 1 3 ] b r > - [ n e t ] c n i c : f i x b n x 2 x p a n i c w / m u l t i p l e i n t e r f a c e s e n a b l e d ( S t a n i s l a w G r u s z k a ) [ 6 0 2 4 0 2 ] b r > - [ x 8 6 _ 6 4 ] u n i f y a p i c m a p p i n g c o d e ( P r a r i t B h a r g a v a ) [ 5 7 3 8 5 8 ] b r > - [ v i r t ] x e n : f i x C o n n e c t e d s t a t e a f t e r n e t b a c k d e v c l o s e d ( P a o l o B o n z i n i ) [ 5 9 1 5 4 8 ] b r > - [ n e t ] i p v 4 : a d d s y s c t l t o a c c e p t p a c k e t s w / l o c a l s o u r c e ( J i r i O l s a ) [ 6 0 1 3 7 0 ] b r > - [ n f s ] f i x u n i t i a l i z e d l i s t h e a d o n e r r o r e x i t i n r e c o v e r y ( J e f f L a y t o n ) [ 5 6 9 3 4 2 ] b r > - [ v i r t ] v i r t i o _ b l k : a d d s u p p o r t f o r c a c h e f l u s h e s ( C h r i s t o p h H e l l w i g ) [ 5 7 1 7 3 5 ] b r > - [ x e n ] i a 6 4 : u n s e t b e f r o m t h e t a s k p s r ( A n d r e w J o n e s ) [ 5 8 7 4 7 7 ] { C V E - 2 0 1 0 - 2 0 7 0 } b r > b r > [ 2 . 6 . 1 8 - 2 0 3 . e l 5 ] b r > - [ m i s c ] p e r m i t l a r g e r t h a n 2 T B U S B a n d F W d r i v e s ( P e t e Z a i t c e v ) [ 5 0 3 8 6 4 ] b r > - [ n e t ] c n i c : f i x p a n i c w h e n n l m s g r c v d w h e n d e v i c e d o w n ( S t a n i s l a w G r u s z k a ) [ 5 9 5 8 6 2 ] b r > - [ i n f i n i b a n d ] e h c a : r e q u i r e i n _ w c i n p r o c e s s _ m a d ( S t e v e B e s t ) [ 5 7 1 5 1 7 ] b r > - [ n e t ] i g b : A d d s u p p o r t f o r p c i - e A d v a n c e d E r r o r R e p o r t i n g ( S t e f a n A s s m a n n ) [ 5 6 8 2 2 1 ] b r > - [ f s ] e x t 4 : M O V E _ E X T c a n t o v e r w r i t e a p p e n d - o n l y f i l e s ( E r i c S a n d e e n ) [ 6 0 1 0 0 8 ] { C V E - 2 0 1 0 - 2 0 6 6 } b r > - [ n e t ] w i r e l e s s : c o n v e r t r e g _ r e g d b _ s e a r c h _ l o c k t o m u t e x ( J o h n L i n v i l l e ) [ 5 9 7 3 3 4 ] b r > - [ n e t ] t c p : d o n t s e n d k e e p a l i v e p r o b e s i f r e c e i v i n g d a t a ( F l a v i o L e i t n e r ) [ 5 9 3 0 4 0 ] b r > - [ h w m o n ] a d d s u p p o r t f o r a d d i t i o n a l C P U m o d e l s t o c o r e t e m p ( D e a n N e l s o n ) [ 5 5 9 2 2 8 ] b r > - [ f s ] g f s 2 : u s e - E U S E R S w h e n m o u n t i n g w / o e n o u g h j o u r n a l s ( A b h i j i t h D a s ) [ 6 0 0 3 8 7 ] b r > - [ m i s c ] w o r k q u e u e : m a k e c a n c e l _ w o r k _ s y n c E X P O R T _ S Y M B O L _ G P L ( O l e g N e s t e r o v ) [ 5 9 6 6 2 6 ] b r > b r > [ 2 . 6 . 1 8 - 2 0 2 . e l 5 ] b r > - [ f s ] g f s 2 : f i x p e r m i s s i o n s c h e c k i n g f o r s e t f l a g s i o c t l ( S t e v e n W h i t e h o u s e ) [ 5 9 5 3 9 9 ] { C V E - 2 0 1 0 - 1 6 4 1 } b r > - [ m m ] c l e a r p a g e e r r o r s w h e n i s s u i n g a f r e s h r e a d o f p a g e ( R i k v a n R i e l ) [ 5 9 0 7 6 3 ] b r > - [ m i s c ] k e y s : d o n o t f i n d a l r e a d y f r e e d k e y r i n g s ( V i t a l y M a y a t s k i k h ) [ 5 8 5 1 0 0 ] { C V E - 2 0 1 0 - 1 4 3 7 } b r > - [ m i s c ] w o r k q u e u e : s i l e n c e k a b i c h e c k e r ( S t a n i s l a w G r u s z k a ) [ 5 9 6 6 2 6 ] b r > - [ m i s c ] w o r k q u e u e : i m p l e m e n t c a n c e l _ w o r k _ s y n c ( O l e g N e s t e r o v ) [ 5 9 6 6 2 6 ] b r > - [ m i s c ] w o r k q u e u e : i m p l e m e n t t r y _ t o _ g r a b _ p e n d i n g ( O l e g N e s t e r o v ) [ 5 9 6 6 2 6 ] b r > - [ m i s c ] w o r k q u e u e : p r e p f l u s h _ c p u _ w o r k q u e u e f o r a d d i t i o n s ( O l e g N e s t e r o v ) [ 5 9 6 6 2 6 ] b r > - [ m i s c ] w o r k q u e u e : i m p l e m e n t w a i t _ o n _ w o r k ( O l e g N e s t e r o v ) [ 5 9 6 6 2 6 ] b r > - [ m i s c ] w o r k q u e u e : a d d s e t _ w q _ d a t a a n d g e t _ w q _ d a t a h e l p e r s ( O l e g N e s t e r o v ) [ 5 9 6 6 2 6 ] b r > - [ m i s c ] w o r k q u e u e : c w q i n s t e a d o f w q w h e r e a p p r o p r i a t e ( O l e g N e s t e r o v ) [ 5 9 6 6 2 6 ] b r > - [ m i s c ] w o r k q u e u e : i n i t i a l p r e p f o r c a n c e l _ w o r k _ s y n c ( O l e g N e s t e r o v ) [ 5 9 6 6 2 6 ] b r > - [ n e t ] s c t p : f i l e m u s t b e v a l i d b e f o r e s e t t i n g t i m e o u t ( J i r i P i r k o ) [ 5 7 8 2 6 1 ] b r > - [ n e t ] t g 3 : f i x p a n i c i n t g 3 _ i n t e r r u p t ( J o h n F e e n e y ) [ 5 6 9 1 0 6 ] b r > - [ n e t ] e 1 0 0 0 / e 1 0 0 0 e : i m p l e m e n t s i m p l e i n t e r r u p t m o d e r a t i o n ( A n d y G o s p o d a r e k ) [ 5 8 6 4 1 6 ] b r > - [ v i r t ] d o n t c o m p u t e p v c l o c k a d j u s t m e n t s i f w e t r u s t t s c ( G l a u b e r C o s t a ) [ 5 7 0 8 2 4 ] b r > - [ v i r t ] a d d a g l o b a l s y n c h r o n i z a t i o n p o i n t f o r p v c l o c k ( G l a u b e r C o s t a ) [ 5 7 0 8 2 4 ] b r > - [ v i r t ] e n a b l e p v c l o c k f l a g s i n v c p u _ t i m e _ i n f o s t r u c t u r e ( G l a u b e r C o s t a ) [ 5 7 0 8 2 4 ] b r > - [ m i s c ] a d d a t o m i c 6 4 _ c m p x c g h t o x 8 6 _ 6 4 i n c l u d e f i l e s ( G l a u b e r C o s t a ) [ 5 7 0 8 2 4 ] b r > - [ x 8 6 ] g r a b a t o m i c 6 4 t y p e s f r o m u p s t r e a m ( G l a u b e r C o s t a ) [ 5 7 0 8 2 4 ] b r > - [ p c i ] c l e a n u p e r r o r r e t u r n f o r p c i x g e t / s e t m m r b c c a l l s ( D e a n N e l s o n ) [ 5 7 8 4 9 2 ] b r > - [ p c i ] f i x p c i x a c c e s s o f P C I _ X _ C M D g e t / s e t m m r b c c a l l s ( D e a n N e l s o n ) [ 5 7 8 4 9 2 ] b r > - [ p c i ] f i x r e t u r n v a l u e f r o m p c i x _ g e t _ m a x _ m m r b c ( ) ( D e a n N e l s o n ) [ 5 7 8 4 9 2 ] b r > - [ p c i ] p r e p a r e f o r b a c k p o r t o f u p s t r e a m f i x e s a n d c l e a n u p ( D e a n N e l s o n ) [ 5 7 8 4 9 2 ] b r > - [ n e t ] i p v 6 : f i x m o r e m e m o r y l e a k s w h e n n d i s c _ i n i t f a i l s ( A m e r i g o W a n g ) [ 5 5 5 3 3 8 ] b r > - [ x e n ] b r i n g b a c k V M X E / S V M E f l a g s ( A n d r e w J o n e s ) [ 5 7 0 0 9 1 ] b r > b r > [ 2 . 6 . 1 8 - 2 0 1 . e l 5 ] b r > - [ s 3 9 0 ] q d i o : c o n t i n u e p o l l i n g f o r b u f f e r s t a t e E R R O R ( H e n d r i k B r u e c k n e r ) [ 5 6 5 5 3 1 ] b r > - [ p c i ] a c p i p h p : f i x m i s s i n g a c p i p h p _ g l u e _ e x i t ( P r a r i t B h a r g a v a ) [ 5 1 5 5 5 6 ] b r > - [ n e t ] c n i c : F i x c r a s h d u r i n g b n x 2 x M T U c h a n g e ( S t a n i s l a w G r u s z k a ) [ 5 8 2 3 6 7 ] b r > - [ n e t ] b x n 2 x : a d d d y n a m i c l r o d i s a b l e s u p p o r t ( S t a n i s l a w G r u s z k a ) [ 5 8 2 3 6 7 ] b r > - [ n e t ] i m p l e m e n t d e v _ d i s a b l e _ l r o a p i f o r R H E L 5 ( S t a n i s l a w G r u s z k a ) [ 5 8 2 3 6 7 ] b r > b r > [ 2 . 6 . 1 8 - 2 0 0 . e l 5 ] b r > - [ f s ] g e t r u s a g e : f i l l r u _ m a x r s s v a l u e ( A m e r i g o W a n g ) [ 4 6 6 1 5 7 ] b r > - [ n e t ] b o n d i n g : f i x b r o k e n m u l t i c a s t w i t h r o u n d - r o b i n m o d e ( A n d y G o s p o d a r e k ) [ 5 7 0 6 4 5 ] b r > - [ u s b ] i n p u t : f i x k e y b o a r d L E D s o n a l l t h e t i m e ( P e t e Z a i t c e v ) [ 5 1 3 9 3 4 ] b r > - [ x 8 6 _ 6 4 ] f i x t i m e d r i f t d u e t o f a u l t y l o s t t i c k t r a c k i n g ( U l r i c h O b e r g f e l l ) [ 5 7 9 7 1 1 ] b r > - [ c c i s s ] r e m o v e e x t r a n e o u s p r i n t k ( T o m a s H e n z l ) [ 5 8 2 4 6 5 ] b r > - [ s u n r p c ] f i x A U T H _ S Y S u s i n g s e c = s y s e x p o r t o p t i o n ( S a c h i n P r a b h u ) [ 5 7 3 6 5 2 ] b r > - [ m i s c ] f i x i t i m e r s p e r i o d i c t i c s p r e c i s i o n ( S t a n i s l a w G r u s z k a ) [ 4 4 1 1 3 4 ] b r > - [ n e t ] t g 3 : f i x I N T x f a l l b a c k w h e n M S I f a i l s ( S t e v e B e s t ) [ 5 8 7 6 6 6 ] b r > - [ f s ] q u o t a : f i x p o s s i b l e i n f i n i t e l o o p i n q u o t a c o d e ( E r i c S a n d e e n ) [ 5 4 6 0 6 0 ] b r > - [ m i s c ] a d d { t h r e a d , c o r e } _ s i b l i n g s _ l i s t t o / s y s ( P r a r i t B h a r g a v a ) [ 5 7 0 6 1 0 ] b r > - [ m i s c ] a d d / s y s / d e v i c e s / s y s t e m / n o d e / n o d e X / c p u l i s t f i l e s ( P r a r i t B h a r g a v a ) [ 5 7 2 2 8 5 ] b r > - [ n e t ] t u n : o r p h a n a n s k b o n t x ( M i c h a e l S . T s i r k i n ) [ 5 8 4 4 1 2 ] b r > - [ e d a c ] f i x p a n i c w h e n a c o r r e c t e d e r r o r h a p p e n s o n i 5 0 0 0 ( M a u r o C a r v a l h o C h e h a b ) [ 5 3 3 3 9 1 ] b r > - [ n e t ] i w l w i f i : r e - e n a b l e I W L W I F I _ L E D S ( J o h n L i n v i l l e ) [ 5 8 2 0 0 3 ] b r > - [ n e t ] c a l c T C P s c o n n e c t i o n c l o s e t h r e s h o l d a s t i m e v a l u e ( J i r i P i r k o ) [ 5 8 2 7 2 2 ] b r > - [ n e t ] s c h e d : f i x S F Q q d i s c c r a s h w / l i m i t o f 2 p a c k e t s ( J i r i P i r k o ) [ 5 7 9 7 7 4 ] b r > - [ n e t ] m i s s e d a n d r e o r d e r e d c h e c k s i n { a r p , i p , i p 6 } _ t a b l e s ( J i r i P i r k o ) [ 5 5 4 5 6 3 ] b r > - [ n e t ] n e i g h : f i x s t a t e t r a n s i t i o n s v i a N e t l i n k r e q u e s t ( J i r i P i r k o ) [ 4 8 5 9 0 3 ] b r > - [ n e t ] r o u t e : f i x B U G _ O N i n r t _ s e c r e t _ r e b u i l d _ o n e s h o t ( J i r i O l s a ) [ 5 6 6 1 0 4 ] b r > - [ n e t ] n e t f i l t e r : f i x v m a l l o c E N O M E M c a u s e d b y i p t a b l e s ( J i r i O l s a ) [ 5 7 0 4 9 1 ] b r > - [ b l o c k ] c c i s s : f i x m u l t i - l i n e p r i n t k l o g l e v e l ( J e r o m e M a r c h a n d ) [ 5 5 6 9 2 1 ] b r > - [ n f s ] r e v e r t r e t c o d e c h e c k i n n f s _ r e v a l i d a t e _ m a p p i n g ( ) ( J e f f L a y t o n ) [ 5 5 7 4 2 3 ] b r > - [ n f s ] d o n t d e c o d e G E T A T T R i f D E L E G R E T U R N r e t u r n e d e r r o r ( J e f f L a y t o n ) [ 5 5 1 0 2 8 ] b r > - [ m d ] d m - l o g : f i x b a d l o g s t a t u s a f t e r f a i l u r e ( J o n a t h a n E B r a s s o w ) [ 5 7 0 5 8 3 ] b r > - [ n e t ] i g m p : f i x i p _ m c _ s f _ a l l o w r a c e ( F l a v i o L e i t n e r ) [ 5 5 2 8 8 6 ] b r > - [ h w m o n ] a d d 0 x p r e f i x t o h e x c o r e t e m p m o d u l e o u t p u t ( D e a n N e l s o n ) [ 5 7 1 8 6 4 ] b r > - [ n e t ] e 1 0 0 0 e : f i x W o L i n i t w h e n W o L d i s a b l e d i n E E P R O M ( D e a n N e l s o n ) [ 5 6 8 5 6 2 ] b r > - [ a t a ] l i b a t a : h a n d l e s e m b s i g n a t u r e ( D a v i d M i l b u r n ) [ 5 3 3 0 9 3 ] b r > - [ a t a ] l i b a t a - a c p i : m i s s i n g _ S D D i s n o t a n e r r o r ( D a v i d M i l b u r n ) [ 5 5 9 8 1 5 ] b r > - [ s c s i ] s g : r a t e l i m i t w a r n i n g ( D o u g L e d f o r d ) [ 5 3 6 9 3 7 ] b r > - [ n e t ] t u n : c h e c k s u p p l e m e n t a l g r o u p s i n T U N / T A P d r i v e r ( D a n n y F e n g ) [ 5 4 0 7 8 6 ] b r > - [ s 3 9 0 ] n s s : a d d m i s s i n g . p r e v i o u s c a l l t o a s m f u n c t i o n ( H e n d r i k B r u e c k n e r ) [ 5 8 1 5 2 2 ] b r > - [ m i s c ] l o c k d e p : d u m p s t a c k w h e n h i t t i n g a l i m i t ( A m e r i g o W a n g ) [ 5 4 6 5 5 4 ] b r > - [ n e t ] i p v 6 : d o n t p a n i c w h e n k m e m _ c a c h e _ c r e a t e f a i l s ( A m e r i g o W a n g ) [ 5 5 5 3 3 8 ] b r > - [ m i s c ] i p c : H A R D _ M S G M A X s h o u l d b e h i g h e r o n 6 4 b i t ( A m e r i g o W a n g ) [ 5 4 8 3 3 4 ] b r > - [ f s ] g f s 2 : m a k e q u o t a f i l e s i z e a m u l t i p l e o f g f s 2 _ q u o t a ( A b h i j i t h D a s ) [ 5 4 6 4 5 5 ] b r > b r > [ 2 . 6 . 1 8 - 1 9 9 . e l 5 ] b r > - [ m m ] f i x h u g e p a g e c o r r u p t i o n u s i n g v m . d r o p _ c a c h e s ( L a r r y W o o d m a n ) [ 5 7 9 4 6 9 ] b r > - [ m i s c ] t a s k s t a t s : e n a b l e C O N F I G _ T A S K _ X A C C T ( J i r i O l s a ) [ 5 1 6 9 6 1 ] b r > - [ m i s c ] t a s k s t a t s : n e w s t r u c t u r e / c m d t o a v o i d K A B I b r e a k ( J i r i O l s a ) [ 5 1 6 9 6 1 ] b r > - [ m i s c ] t a s k s t a t s : c o m m o n f i x f o r K A B I b r e a k a g e ( J i r i O l s a ) [ 5 1 6 9 6 1 ] b r > - [ m i s c ] t a s k s t a t s : u p g r a d e t o v e r s i o n 4 ( J i r i O l s a ) [ 5 1 6 9 6 1 ] b r > - [ m i s c ] f u t e x : h a n d l e f u t e x v a l u e c o r r u p t i o n g r a c e f u l l y ( J e r o m e M a r c h a n d ) [ 4 8 0 3 9 6 ] { C V E - 2 0 1 0 - 0 6 2 2 } b r > - [ m i s c ] f u t e x : h a n d l e u s e r s p a c e c o r r u p t i o n g r a c e f u l l y ( J e r o m e M a r c h a n d ) [ 4 8 0 3 9 6 ] { C V E - 2 0 1 0 - 0 6 2 2 } b r > - [ m i s c ] f u t e x : f i x f a u l t h a n d l i n g i n f u t e x _ l o c k _ p i ( J e r o m e M a r c h a n d ) [ 4 8 0 3 9 6 ] { C V E - 2 0 1 0 - 0 6 2 2 } b r > - [ x 8 6 ] u t r a c e : b l o c k - s t e p f i x ( J e r o m e M a r c h a n d ) [ 4 6 3 9 5 0 ] b r > - [ n f s ] d o n t u n h a s h d e n t r y i n n f s _ l o o k u p _ r e v a l i d a t e ( J e f f L a y t o n ) [ 5 8 2 3 2 1 ] b r > - [ n e t ] s u n r p c : f i x p a n i c w h e n r e l o a d i n g r p c s e c _ g s s _ k r b 5 ( H a r s h u l a J a y a s u r i y a ) [ 5 7 0 0 4 4 ] b r > - [ n e t ] b o n d i n g : f i x u p d a t i n g o f s p e e d / d u p l e x c h a n g e s ( A n d y G o s p o d a r e k ) [ 5 6 7 6 0 4 ] b r > - [ n e t ] e 1 0 0 0 : f i x W o L i n i t w h e n W o L d i s a b l e d i n E E P R O M ( D e a n N e l s o n ) [ 5 6 8 5 6 1 ] b r > - [ a t a ] a h c i : s u p p o r t F I S - b a s e d s w i t c h i n g ( D a v i d M i l b u r n ) [ 4 7 4 2 9 4 ] b r > - [ a u d i t ] m a k e s u r e f i l t e r k e y r u l e s a r e r e p o r t e d ( A l e x a n d e r V i r o ) [ 5 7 9 4 7 9 ] b r > - [ a u d i t ] c l e a n u p r u l e o r d e r i n g , p a r t 2 ( A l e x a n d e r V i r o ) [ 5 7 9 4 7 9 ] b r > - [ a u d i t ] c l e a n u p r u l e o r d e r i n g , p a r t 1 ( A l e x a n d e r V i r o ) [ 5 7 9 4 7 9 ] b r > - [ a u d i t ] f i x s e l i n u x _ a u d i t _ r u l e _ u p d a t e w / a u d i t _ i n o d e _ h a s h ( A l e x a n d e r V i r o ) [ 5 7 9 4 7 9 ] b r > - [ v i r t i o ] f i x G F P f l a g s p a s s e d b y v i r t i o b a l l o o n d r i v e r ( A m i t S h a h ) [ 5 8 4 6 8 3 ] b r > - [ n e t ] s c t p : f i x s k b _ o v e r _ p a n i c w / t o o m a n y u n k n o w n p a r a m s ( N e i l H o r m a n ) [ 5 8 4 6 5 8 ] { C V E - 2 0 1 0 - 1 1 7 3 } b r > - [ x e n ] a r p l o n M M I O a r e a c r a s h e s t h e g u e s t ( P a o l o B o n z i n i ) [ 5 7 2 9 8 2 ] { C V E - 2 0 1 0 - 0 7 3 0 } b r > b r > [ 2 . 6 . 1 8 - 1 9 8 . e l 5 ] b r > - [ a c p i ] w a r n o n h o t - a d d o f m e m o r y e x c e e d i n g 4 G b o u n d a r y ( P r a r i t B h a r g a v a ) [ 5 7 1 5 4 4 ] b r > - [ n e t ] t i p c : f i x v a r i o u s o o p s e s i n u n i n i t i a l i z e d c o d e ( N e i l H o r m a n ) [ 5 5 8 6 9 3 ] { C V E - 2 0 1 0 - 1 1 8 7 } b r > - [ a c p i ] f i x W A R N o n u n r e g i s t e r i n p o w e r m e t e r d r i v e r ( M a t t h e w G a r r e t t ) [ 5 7 6 2 4 6 ] b r > - [ b l o c k ] c f q - i o s c h e d : f i x I O P R I O _ C L A S S _ I D L E a c c o u n t i n g ( J e f f M o y e r ) [ 5 7 4 2 8 5 ] b r > - [ b l o c k ] c f q - i o s c h e d : a s y n c q u e u e a l l o c a t i o n p e r p r i o r i t y ( J e f f M o y e r ) [ 5 7 4 2 8 5 ] b r > - [ b l o c k ] c f q - i o s c h e d : f i x a s y n c q u e u e b e h a v i o u r ( J e f f M o y e r ) [ 5 7 4 2 8 5 ] b r > - [ b l o c k ] c f q - i o s c h e d : p r o p a g a t e d o w n r e q u e s t s y n c f l a g ( J e f f M o y e r ) [ 5 7 4 2 8 5 ] b r > - [ b l o c k ] i n t r o d u c e t h e r q _ i s _ s y n c m a c r o ( J e f f M o y e r ) [ 5 7 4 2 8 5 ] b r > - [ f s ] v f s : f i x L O O K U P _ F O L L O W o n a u t o m o u n t s y m l i n k s ( J e f f L a y t o n ) [ 5 6 7 8 1 6 ] { C V E - 2 0 1 0 - 1 0 8 8 } b r > - [ n f s ] f i x a n o o p s w h e n t r u n c a t i n g a f i l e ( J e f f L a y t o n ) [ 5 6 7 1 9 5 ] { C V E - 2 0 1 0 - 1 0 8 7 } b r > - [ n e t ] b n x 2 : f i x l o s t M S I - X p r o b l e m o n 5 7 0 9 N I C s ( J o h n F e e n e y ) [ 5 1 1 3 6 8 ] b r > - [ m i s c ] m a k e t h e k e y r i n g q u o t a s c o n t r o l l a b l e v i a / p r o c / s y s ( A m e r i g o W a n g ) [ 4 4 1 2 4 3 ] b r > - [ f s ] f i x k e r n e l o o p s w h i l e c o p y i n g f r o m e x t 3 t o g f s 2 ( A b h i j i t h D a s ) [ 5 5 5 7 5 4 ] { C V E - 2 0 1 0 - 1 4 3 6 } b r > b r > [ 2 . 6 . 1 8 - 1 9 7 . e l 5 ] b r > - [ c p u ] f i x b o o t c r a s h i n 3 2 - b i t i n s t a l l o n A M D c p u s ( B h a v n a S a r a t h y ) [ 5 7 5 7 9 9 ] b r > b r > [ 2 . 6 . 1 8 - 1 9 6 . e l 5 ] b r > - [ m m ] f i x b o o t o n s 3 9 0 x a f t e r b o o t m e m o v e r l a p p a t c h ( A m e r i g o W a n g ) [ 5 5 0 9 7 4 ] b r > - [ n e t ] b n x 2 : a v o i d r e s t a r t i n g c n i c i n s o m e c o n t e x t s ( A n d y G o s p o d a r e k ) [ 5 5 4 7 0 6 ] b r > - [ m i s c ] a d d m i s s i n g C V E l a b e l s f o r e n t r i e s i n 2 . 6 . 1 8 - 1 9 5 . e l 5 ( J a r o d W i l s o n ) b r > b r > [ 2 . 6 . 1 8 - 1 9 5 . e l 5 ] b r > - [ r e d h a t ] m a k e s h a 5 1 2 h m a c s i g f a i l u r e m o r e o b v i o u s ( J a r o d W i l s o n ) b r > - [ m m ] k e e p g e t _ u n m a p p e d _ a r e a _ p r o t f u n c t i o n a l ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] s w i t c h d o _ b r k t o g e t _ u n m a p p e d _ a r e a ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] t a k e a r c h _ m m a p _ c h e c k i n t o g e t _ u n m a p p e d _ a r e a ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] g e t r i d o f o p e n - c o d i n g i n i a 6 4 _ b r k ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] u n i f y s y s _ m m a p * f u n c t i o n s ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] k i l l a n c i e n t c r u f t i n s 3 9 0 c o m p a t m m a p ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] f i x p g o f f i n h a v e t o r e l o c a t e c a s e o f m r e m a p ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] f i x t h e a r c h c h e c k s i n M R E M A P _ F I X E D c a s e ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] f i x c h e c k s f o r e x p a n d - i n - p l a c e m r e m a p ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] a d d n e w v m a _ e x p a n d a b l e h e l p e r f u n c t i o n ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] m o v e M R E M A P _ F I X E D i n t o i t s o w n h e a d e r ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ m m ] m o v e l o c a t i n g v m a c o d e a n d c h e c k s o n i t ( D a n n y F e n g ) [ 5 5 6 7 1 0 ] { C V E - 2 0 1 0 - 0 2 9 1 } b r > - [ i s c s i ] f i x s l o w f a i l o v e r t i m e s ( M i k e C h r i s t i e ) [ 5 7 0 6 8 1 ] b r > - [ m i s c ] k e r n e l : f i x e l f l o a d D o S o n x 8 6 _ 6 4 ( D a n n y F e n g ) [ 5 6 0 5 5 3 ] { C V E - 2 0 1 0 - 0 3 0 7 } b r > - [ n e t l i n k ] c o n n e c t o r : d e l e t e b u g g y n o t i f i c a t i o n c o d e ( J i r i O l s a ) [ 5 6 1 6 8 5 ] { C V E - 2 0 1 0 - 0 4 1 0 } b r > - [ s o u n d ] h d a _ i n t e l : a v o i d d i v i d e b y z e r o i n a z x d e v i c e s ( J a r o s l a v K y s e l a ) [ 5 6 7 1 7 2 ] { C V E - 2 0 1 0 - 1 0 8 5 } b r > - [ d v b ] f i x e n d l e s s l o o p w h e n d e c o d i n g U L E a t d v b - c o r e ( M a u r o C a r v a l h o C h e h a b ) [ 5 6 9 2 4 2 ] { C V E - 2 0 1 0 - 1 0 8 6 } b r > - [ s c s i ] f n i c : f i x t x q u e u e h a n d l i n g ( M i k e C h r i s t i e ) [ 5 7 6 7 0 9 ] b r > - [ f u s i o n ] m p t s a s : f i x e v e n t _ d a t a a l i g n m e n t ( T o m a s H e n z l ) [ 5 7 0 0 0 0 ] b r > - [ e d a c ] f i x i n t e r n a l e r r o r m e s s a g e i n a m d 6 4 _ e d a c d r i v e r ( B h a v n a S a r a t h y ) [ 5 6 9 9 3 8 ] b r > - [ f s ] r e m o v e u n n e c c e s s a r y f _ e p _ l o c k f r o m f a s y n c _ h e l p e r ( L a c h l a n M c I l r o y ) [ 5 6 7 4 7 9 ] b r > - [ x 8 6 _ 6 4 ] f i x f l o a t i n g p o i n t s t a t e c o r r u p t i o n a f t e r s i g n a l ( O l e g N e s t e r o v ) [ 5 6 0 8 9 1 ] b r > - [ m m ] d o n t l e t r e s e r v e d m e m o r y o v e r l a p b o o t m e m _ m a p ( A m e r i g o W a n g ) [ 5 5 0 9 7 4 ] b r > - [ s 3 9 0 ] k e r n e l : c o r r e c t T L B f l u s h o f p a g e t a b l e e n t r i e s ( H e n d r i k B r u e c k n e r ) [ 5 4 5 5 2 7 ] b r > - [ x e n ] i o m m u : c l e a r I O - A P I C p i n s o n b o o t a n d s h u t d o w n ( P a o l o B o n z i n i ) [ 5 4 8 2 0 1 ] b r > - [ x e n ] v t d : f i x i o a p i c p i n a r r a y ( D o n D u g g e r ) [ 5 6 3 5 4 6 ] b r > - [ x e n ] s e t h y p e r v i s o r p r e s e n t C P U I D b i t ( P a o l o B o n z i n i ) [ 5 7 3 7 7 1 ] b r > b r > [ 2 . 6 . 1 8 - 1 9 4 . e l 5 ] b r > - [ n e t ] m l x 4 : p a s s a t t r i b u t e s d o w n t o v l a n i n t e r f a c e s ( D o u g L e d f o r d ) [ 5 7 3 0 9 8 ] b r > - [ b l o c k ] c f q - i o s c h e d : f i x s e q u e n t i a l r e a d p e r f r e g r e s s i o n ( J e f f M o y e r ) [ 5 7 1 8 1 8 ] b r > b r > [ 2 . 6 . 1 8 - 1 9 3 . e l 5 ] b r > - [ f s ] g f s 2 : l o c k i n g f i x f o r p o t e n t i a l d o s ( S t e v e n W h i t e h o u s e ) [ 5 7 2 3 9 0 ] { C V E - 2 0 1 0 - 0 7 2 7 } b r > - [ a c p i ] p o w e r _ m e t e r : a v o i d o o p s o n d r i v e r l o a d ( M a t t h e w G a r r e t t ) [ 5 6 6 5 7 5 ] b r > - [ n e t ] r 8 1 6 9 : f i x a s s i g n m e n t s i n b a c k p o r t e d n e t _ d e v i c e _ o p s ( I v a n V e c e r a ) [ 5 6 8 0 4 0 ] b r > - [ n e t ] v i r t i o _ n e t : r e f i l l r x b u f f e r o n o u t - o f - m e m o r y ( H e r b e r t X u ) [ 5 5 4 0 7 8 ] b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 3 2 9 6 . h t m l \" > C V E - 2 0 1 0 - 3 2 9 6 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 3 8 7 7 . h t m l \" > C V E - 2 0 1 0 - 3 8 7 7 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 0 7 2 . h t m l \" > C V E - 2 0 1 0 - 4 0 7 2 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 0 7 3 . h t m l \" > C V E - 2 0 1 0 - 4 0 7 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 0 7 5 . h t m l \" > C V E - 2 0 1 0 - 4 0 7 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 0 8 0 . h t m l \" > C V E - 2 0 1 0 - 4 0 8 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 0 8 1 . h t m l \" > C V E - 2 0 1 0 - 4 0 8 1 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 1 5 8 . h t m l \" > C V E - 2 0 1 0 - 4 1 5 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 2 3 8 . h t m l \" > C V E - 2 0 1 0 - 4 2 3 8 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 2 4 3 . h t m l \" > C V E - 2 0 1 0 - 4 2 4 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 2 5 5 . h t m l \" > C V E - 2 0 1 0 - 4 2 5 5 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 2 6 3 . h t m l \" > C V E - 2 0 1 0 - 4 2 6 3 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 3 4 3 . h t m l \" > C V E - 2 0 1 0 - 4 3 4 3 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i 3 8 6 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . s r c . r p m / t d > t d > 8 3 c 4 0 6 8 8 4 9 5 a 7 3 7 1 1 7 4 a 6 c 4 d 1 e 8 2 0 7 f 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 1 . 4 . 8 - 2 . e l 5 . s r c . r p m / t d > t d > 4 a 3 c 5 e a a 8 f 8 1 9 b e a a b 8 8 3 c d 2 e 9 5 1 5 f 4 a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 2 3 c e 9 8 3 0 3 1 c b 8 b 6 8 4 5 1 e 2 7 f a d 6 1 1 7 4 3 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 6 8 6 . r p m / t d > t d > a d 9 9 0 d 6 4 3 4 e 7 e 6 8 9 f 4 9 9 b 8 3 c 5 6 c d 2 6 5 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - P A E - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 6 8 6 . r p m / t d > t d > 9 b a d 6 3 4 4 8 2 7 2 2 0 e 4 e b a 2 0 0 6 4 1 1 9 d 2 c 4 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - P A E - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 7 6 7 d 6 6 7 f 3 6 b e 6 2 f 9 b 1 2 a e 2 3 1 e 9 4 5 d f 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 6 8 6 . r p m / t d > t d > 0 0 8 0 3 f 4 7 a d b 5 1 b 2 0 9 0 b f 8 1 d 0 c 5 6 b 0 b c 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 6 8 6 . r p m / t d > t d > 5 c 6 9 f 5 f 8 6 3 9 7 5 a a 3 f 6 f 4 e 5 0 3 4 9 5 8 4 b 5 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 6 8 6 . r p m / t d > t d > 2 0 0 2 1 1 9 a f 0 0 6 9 d 7 0 4 7 f 8 9 9 4 6 e 8 0 2 9 2 b 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 2 3 8 . e l 5 . n o a r c h . r p m / t d > t d > 5 4 c 2 f 3 2 f b b e 5 b d d 2 d c b c b 5 7 3 d 5 d 6 d c 4 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 3 8 6 . r p m / t d > t d > 0 f 0 2 6 7 2 7 7 c e e f d b b 0 5 f a 4 f 1 8 4 7 7 2 6 e d c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 6 8 6 . r p m / t d > t d > 5 f b c b f 7 6 d 3 3 1 3 9 f 5 1 3 f 8 8 2 7 b 9 3 1 5 8 6 7 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i 6 8 6 . r p m / t d > t d > 7 c a 3 c b f f 5 b 3 8 9 c 8 7 8 8 2 a 5 0 3 e 5 f 7 6 a 0 2 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 1 . 4 . 8 - 2 . e l 5 . i 6 8 6 . r p m / t d > t d > 5 5 d 3 b d 5 b 5 f 9 1 3 9 e 8 2 1 d 3 2 e 2 f f 8 a 6 3 4 c 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 P A E - 1 . 4 . 8 - 2 . e l 5 . i 6 8 6 . r p m / t d > t d > 3 5 2 0 a 2 9 3 6 6 6 3 3 c f c 0 a 2 5 8 e a 1 a 7 d 2 8 f 0 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 d e b u g - 1 . 4 . 8 - 2 . e l 5 . i 6 8 6 . r p m / t d > t d > 3 4 5 d e b 8 f c e 6 3 c f 3 e 3 1 f 0 0 1 b 0 4 4 3 8 4 f 1 e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 x e n - 1 . 4 . 8 - 2 . e l 5 . i 6 8 6 . r p m / t d > t d > f 3 c 0 6 3 7 0 4 9 f 2 6 5 e 7 d c 7 1 1 4 0 1 6 4 e 3 7 2 5 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 6 d 9 6 9 7 b 3 f 2 8 f 1 7 6 8 8 e 8 9 6 7 4 a 0 7 9 2 1 8 7 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 P A E - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 2 9 1 d f 0 8 1 3 6 4 f 6 6 6 3 0 8 4 9 a 2 1 3 e 4 f b 6 b a d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 4 b 5 b 3 1 2 f 9 f c 7 6 b 6 9 f 3 8 8 7 d 9 a 5 d c 0 2 0 a c / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . i 6 8 6 . r p m / t d > t d > 8 d 1 d 4 3 f 1 6 f 1 b 6 b a 8 9 9 f 7 3 9 9 a 3 9 f 9 6 8 6 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i a 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . s r c . r p m / t d > t d > 8 3 c 4 0 6 8 8 4 9 5 a 7 3 7 1 1 7 4 a 6 c 4 d 1 e 8 2 0 7 f 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 1 . 4 . 8 - 2 . e l 5 . s r c . r p m / t d > t d > 4 a 3 c 5 e a a 8 f 8 1 9 b e a a b 8 8 3 c d 2 e 9 5 1 5 f 4 a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 2 3 c e 9 8 3 0 3 1 c b 8 b 6 8 4 5 1 e 2 7 f a d 6 1 1 7 4 3 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i a 6 4 . r p m / t d > t d > 4 9 7 8 3 0 2 d 8 d e 7 0 8 a c 2 1 8 6 e 7 5 c 2 a 0 1 d 8 5 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i a 6 4 . r p m / t d > t d > e 0 0 6 c e e c 6 a f 1 d d 3 3 f 8 b 7 f 6 3 e 2 4 c d 0 2 9 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i a 6 4 . r p m / t d > t d > 1 e 1 e a 9 2 9 c c 9 4 1 9 a a 9 a 0 6 0 d a 8 c 2 9 e f 3 f 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i a 6 4 . r p m / t d > t d > d 6 7 b 3 0 e e e 4 0 2 2 6 1 c 0 b 2 3 9 7 0 f d c a c 3 6 0 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 2 3 8 . e l 5 . n o a r c h . r p m / t d > t d > 5 4 c 2 f 3 2 f b b e 5 b d d 2 d c b c b 5 7 3 d 5 d 6 d c 4 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i a 6 4 . r p m / t d > t d > 3 2 3 9 3 6 5 f e 8 a c 4 9 7 2 9 1 d 6 f e 0 9 f 2 9 b f 1 b f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i a 6 4 . r p m / t d > t d > 1 5 0 7 7 a f 8 c f 2 c c c 2 6 c 3 0 f f f 6 9 4 1 6 5 0 a 9 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . i a 6 4 . r p m / t d > t d > c c f 4 0 9 f 7 6 b 6 d 3 d 5 d 0 7 b 7 3 3 1 6 5 b d c 0 b a d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 1 . 4 . 8 - 2 . e l 5 . i a 6 4 . r p m / t d > t d > d b d 5 a 0 a d 6 e 7 5 8 4 e 6 1 d 7 c 0 b c b 3 e e 3 3 5 7 3 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 d e b u g - 1 . 4 . 8 - 2 . e l 5 . i a 6 4 . r p m / t d > t d > c 5 1 2 e b 1 5 0 3 5 6 1 5 a 2 a 0 e 4 3 2 f 8 8 c d f a 5 4 6 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 x e n - 1 . 4 . 8 - 2 . e l 5 . i a 6 4 . r p m / t d > t d > d 4 a e b e 1 7 9 2 4 7 6 8 d 9 0 1 f 5 8 8 4 4 a 5 c 3 4 5 0 e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > 8 1 4 4 5 3 6 f 8 a 2 2 e c 9 f e 4 9 f 6 f f 4 9 b 6 e e e 7 7 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > 2 d 6 3 2 8 0 e a d 1 2 9 d e b 6 1 c c c 0 1 7 6 d c b 9 a 6 c / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . i a 6 4 . r p m / t d > t d > 9 a 9 8 6 c 6 d c 8 1 a 9 c 7 d a a f a 8 b 0 a 9 e 8 7 0 4 8 a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . s r c . r p m / t d > t d > 8 3 c 4 0 6 8 8 4 9 5 a 7 3 7 1 1 7 4 a 6 c 4 d 1 e 8 2 0 7 f 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 1 . 4 . 8 - 2 . e l 5 . s r c . r p m / t d > t d > 4 a 3 c 5 e a a 8 f 8 1 9 b e a a b 8 8 3 c d 2 e 9 5 1 5 f 4 a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . s r c . r p m / t d > t d > 2 3 c e 9 8 3 0 3 1 c b 8 b 6 8 4 5 1 e 2 7 f a d 6 1 1 7 4 3 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > b 5 2 c a d 0 5 7 7 c 0 0 0 9 9 4 c 7 f 8 c 9 e 4 e 3 0 f 7 e 7 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - 2 . 6 . 1 8 - 2 3 8 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 7 c f 7 5 3 b f e 7 b 6 d 3 2 3 f d 3 f 6 2 8 f 8 f b c 9 1 7 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e b u g - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 6 9 e a a 1 6 9 8 7 8 0 a 9 9 a e f 0 7 3 3 4 0 4 b a f a b 3 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > a e f 4 9 f e a 7 c f b 4 3 3 2 d 0 e e f a e b e c c c c a f d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - d o c - 2 . 6 . 1 8 - 2 3 8 . e l 5 . n o a r c h . r p m / t d > t d > 5 4 c 2 f 3 2 f b b e 5 b d d 2 d c b c b 5 7 3 d 5 d 6 d c 4 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - h e a d e r s - 2 . 6 . 1 8 - 2 3 8 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > e 9 c 8 6 3 9 a 2 3 b a 8 4 f 8 6 2 9 0 3 5 6 f 7 7 e 7 4 8 6 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - 2 . 6 . 1 8 - 2 3 8 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > a 1 2 b c 2 2 d 7 e 1 f 6 5 1 1 3 8 1 5 5 1 6 b b 9 e 3 6 d a 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - x e n - d e v e l - 2 . 6 . 1 8 - 2 3 8 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 8 2 7 5 6 3 8 6 0 8 f 1 e 1 6 b 9 c 9 a 2 1 e 6 a 8 7 5 3 f b 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 1 4 8 2 - 1 . h t m l \" > E L S A - 2 0 1 7 - 1 4 8 2 - 1 / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 1 . 4 . 8 - 2 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 9 4 d 6 3 3 8 a 7 d 1 b e b a 5 9 8 2 5 6 7 9 8 8 4 d c c 6 2 b / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 d e b u g - 1 . 4 . 8 - 2 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > c 1 4 7 9 e 6 3 0 8 d 8 9 7 e 1 d 5 0 a 7 a c c 7 e 1 1 1 1 8 7 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o c f s 2 - 2 . 6 . 1 8 - 2 3 8 . e l 5 x e n - 1 . 4 . 8 - 2 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 7 8 8 a 3 c 3 8 5 b 0 7 d c 1 6 9 a 9 0 d 3 7 2 3 3 9 7 a c f f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 5 8 6 d 5 9 8 3 6 a 0 9 b c e d 3 3 0 9 9 0 c 2 e d 0 5 c 7 4 e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 d e b u g - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 0 7 d e 5 2 a 3 8 a 4 d a e 4 e c 7 0 4 d 3 f e a a 4 f a 4 4 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > o r a c l e a s m - 2 . 6 . 1 8 - 2 3 8 . e l 5 x e n - 2 . 0 . 5 - 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > c 1 7 0 5 d 0 9 7 7 d 7 0 3 d e 1 e 6 e a 5 c a 9 7 d 5 3 a b 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2011-01-20T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2011-0017.html", "cvelist": ["CVE-2010-0307", "CVE-2010-2942", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-2066", "CVE-2010-4081", "CVE-2010-1641", "CVE-2010-2248", "CVE-2010-4073", "CVE-2010-2226", "CVE-2010-0410", "CVE-2010-4072", "CVE-2010-0730", "CVE-2010-2492", "CVE-2010-2521", "CVE-2010-4083", "CVE-2010-1437", "CVE-2010-3859", "CVE-2010-3086", "CVE-2010-0727", "CVE-2010-1187", "CVE-2010-4080", "CVE-2010-2963", "CVE-2010-0291", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-4158", "CVE-2010-2070", "CVE-2010-2524", "CVE-2010-3296", "CVE-2010-1084", "CVE-2010-3015", "CVE-2010-2938", "CVE-2010-4247", "CVE-2010-4263", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-4243", "CVE-2010-3066", "CVE-2010-2240", "CVE-2010-1083", "CVE-2010-3081", "CVE-2010-0622", "CVE-2010-3067", "CVE-2010-3699", "CVE-2010-4238", "CVE-2010-1085", "CVE-2010-1086", "CVE-2010-1436", "CVE-2010-4255", "CVE-2010-1173", "CVE-2010-1088", "CVE-2010-1087", "CVE-2010-4075"], "lastseen": "2018-04-04T13:07:17"}, {"id": "ELSA-2010-2008", "type": "oraclelinux", "title": "Unbreakable enterprise kernel security update", "description": "[2.6.32-100.20.1.el5]\n- [fs] xfs: return inode fork offset in bulkstat for fsr (Dave Chinner)\n- [fs] xfs: always use iget in bulkstat (Dave Chinner) {CVE-2010-2943}\n- [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) {CVE-2\n010-2943}\n- [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner) {CVE-2\n010-2943}\n- [net] net sched: fix some kernel memory leaks (Eric Dumazet) {CVE-2010-2942}\n- [fs] ocfs2: Don't walk off the end of fast symlinks (Joel Becker) ", "published": "2010-10-04T00:00:00", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-2008.html", "cvelist": ["CVE-2010-2942", "CVE-2010-2943"], "lastseen": "2016-09-04T11:16:24"}, {"id": "ELSA-2010-0723", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "[2.6.18-194.17.1.0.1.el5]\r\n- [xen] check to see if hypervisor supports memory reservation change\r\n (Chuck Anderson) [orabug 7556514]\r\n- Add entropy support to igb (John Sobecki) [orabug 7607479]\r\n- [nfs] convert ENETUNREACH to ENOTCONN [orabug 7689332]\r\n- [NET] Add xen pv/bonding netconsole support (Tina Yang) [orabug 6993043]\r\n [bz 7258]\r\n- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]\r\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\r\n- [nfsd] fix failure of file creation from hpux client (Wen gang Wang)\r\n [orabug 7579314]\r\n- [qla] fix qla not to query hccr (Guru Anbalagane) [Orabug 8746702]\r\n- [net] bonding: fix xen+bonding+netconsole panic issue (Joe Jin) \r\n [orabug 9504524]\r\n- [rds] Patch rds to 1.4.2-14 (Andy Grover) [orabug 9471572, 9344105]\r\n RDS: Fix BUG_ONs to not fire when in a tasklet\r\n ipoib: Fix lockup of the tx queue\r\n RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)\r\n RDS: Properly unmap when getting a remote access error (Tina Yang)\r\n RDS: Fix locking in rds_send_drop_to()\r\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\r\n NUMA-aware (John Sobecki, Chris Mason, Herbert van den Bergh)\r\n [orabug 9245919]\r\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\r\n [orabug 9107465]\r\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\r\n [orabug 9764220]\r\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\r\n- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,\r\n Guru Anbalagane) [orabug 6124033]\r\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\r\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\r\n \n[2.6.18-194.17.1.el5]\r\n- Syncing following patch from branched build:\r\n- [misc] make compat_alloc_user_space() incorporate the access_ok() \r\n (Don Howard) [634463 634464] {CVE-2010-3081}\r\n \n[2.6.18-194.16.1.el5]\r\n- [fs] xfs: fix missing untrusted inode lookup tag (Dave Chinner) \r\n [624366 607032] {CVE-2010-2943}\r\n \n[2.6.18-194.15.1.el5]\r\n- [net] cxgb3: don't flush workqueue if called from wq (Doug Ledford) \r\n [630978 630124]\r\n- [net] cxgb3: get fatal parity error status on interrupt (Doug Ledford) \r\n [630978 630124]\r\n- [net] cxgb3: clear fatal parity error register on init (Doug Ledford) \r\n [630978 630124]\r\n- [net] cxgb3: add define for fatal parity error bit (Doug Ledford) \r\n [630978 630124]\r\n \n[2.6.18-194.14.1.el5]\r\n- [s390] dasd: force online does not work (Hendrik Brueckner) [627194 619466]\r\n- [s390] dasd: allocate fallback cqr for reserve/release (Hendrik Brueckner) \r\n [627195 619465]\r\n- [fs] xfs: fix untrusted inode number lookup (Dave Chinner) [629219 624862]\r\n- [net] sched: fix some kernel memory leaks (Jiri Pirko) [624904 624638] \r\n {CVE-2010-2942}\r\n- [usb] fix usbfs information leak (Eugene Teo) [566628 566629] {CVE-2010-1083}\r\n- [fs] xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED (Dave Chinner)\r\n [624366 607032] {CVE-2010-2943}\r\n- [fs] xfs: validate untrusted inode numbers during lookup (Dave Chinner) \r\n [624366 607032] {CVE-2010-2943}\r\n- [fs] xfs: always use iget in bulkstat (Dave Chinner) [624366 607032] \r\n {CVE-2010-2943}\r\n \n[2.6.18-194.13.1.el5]\r\n- [xen] fix guest crash on non-EPT machine may crash host (Paolo Bonzini) \r\n [621429 621430] {CVE-2010-2938}\r\n- [fs] ext4: consolidate in_range definitions (Eric Sandeen) [624331 624332] \r\n {CVE-2010-3015}\r\n- [mm] add option to skip ZERO_PAGE mmap of /dev/zero (Larry Woodman) \r\n [623141 619541]\r\n- [net] bonding: check if clients MAC addr has changed (Flavio Leitner) \r\n [623143 610234]\r\n- [net] sctp: fix length checks (Neil Horman) [624369 605305]\r\n- [xen] bring back VMXE/SVME flags (Andrew Jones) [624365 570091]\r\n- Syncing following patches from branched builds:\r\n- [mm] accept an abutting stack segment (Jiri Pirko) [607857 607858] \r\n {CVE-2010-2240}\r\n- [mm] pass correct mm when growing stack (Jiri Pirko) [607857 607858] \r\n {CVE-2010-2240}\r\n- [mm] fix up some user-visible effects of stack guard page (Jiri Pirko) \r\n [607857 607858] {CVE-2010-2240}\r\n- [mm] fix page table unmap for stack guard page properly (Jiri Pirko) \r\n [607857 607858] {CVE-2010-2240}\r\n- [mm] fix missing unmap for stack guard page failure case (Jiri Pirko)\r\n [607857 607858] {CVE-2010-2240}\r\n- [mm] keep a guard page below a grow-down stack segment (Jiri Pirko) \r\n [607857 607858] {CVE-2010-2240} ", "published": "2010-09-29T00:00:00", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0723.html", "cvelist": ["CVE-2010-2942", "CVE-2010-2492", "CVE-2010-2943", "CVE-2010-3015", "CVE-2010-2938", "CVE-2010-2240", "CVE-2010-1083", "CVE-2010-3081", "CVE-2010-2798"], "lastseen": "2016-09-04T11:17:04"}, {"id": "ELSA-2011-0421", "type": "oraclelinux", "title": "kernel security and bug fix update", "description": "[2.6.32-71.24.1.el6]\n- [fs] Revert '[fs] inotify: stop kernel memory leak on file creation failure' (Eric Paris) [656831 656832] {CVE-2010-4250}\n[2.6.32-71.23.1.el6]\n- [x86] Revert '[x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs' (Frank Arnold) [683813 652208]\n[2.6.32-71.22.1.el6]\n- rebuild\n[2.6.32-71.21.1.el6]\n- [netdrv] ixgbe: limit VF access to network traffic (Frantisek Hrbata) [684129 678717]\n- [netdrv] ixgbe: work around for DDP last buffer size (Frantisek Hrbata) [684129 678717]\n- [net] gro: reset dev and skb_iff on skb reuse (Andy Gospodarek) [688311 681970]\n- [x86] mtrr: Assume SYS_CFG[Tom2ForceMemTypeWB] exists on all future AMD CPUs (Frank Arnold) [683813 652208]\n- [virt] virtio_net: Add schedule check to napi_enable call (Michael S. Tsirkin) [684268 676579]\n- [s390x] mm: add devmem_is_allowed() for STRICT_DEVMEM checking (Hendrik Brueckner) [684267 647365]\n- [powerpc] Don't use kernel stack with translation off (Steve Best) [684266 628951]\n- [powerpc] Initialise paca->kstack before early_setup_secondary (Steve Best) [684266 628951]\n[2.6.32-71.20.1.el6]\n- [dvb] kernel: av7110 negative array offset (Mauro Carvalho Chehab) [672403 672404] {CVE-2011-0521}\n- [fs] sunrpc: Correct a misapplied patch (J. Bruce Fields) [678094 678146] {CVE-2011-0714}\n- [netdrv] orinoco: fix TKIP countermeasure behaviour (Stanislaw Gruszka) [667908 667909] {CVE-2010-4648}\n- [kernel] /proc/vmcore: speed up access to vmcore file (Neil Horman) [683442 672937]\n- [netdrv] cnic: Fix big endian bug (Steve Best) [678484 676640]\n- [scsi] fcoe: drop FCoE LOGO in FIP mode (Mike Christie) [683814 668114]\n- [s390x] remove task_show_regs (Danny Feng) [677854 677855] {CVE-2011-0710}\n- [ib] cm: Bump reference count on cm_id before invoking callback (Doug Ledford) [676190 676191] {CVE-2011-0695}\n- [rdma] cm: Fix crash in request handlers (Doug Ledford) [676190 676191] {CVE-2011-0695}\n- [net] bridge: Fix mglist corruption that leads to memory corruption (Herbert Xu) [678172 659421] {CVE-2011-0716}\n- [netdrv] r8169: use RxFIFO overflow workaround and prevent RxFIFO induced infinite loops (Ivan Vecera) [680080 630810]\n- [s390x] kernel: nohz vs cpu hotplug system hang (Hendrik Brueckner) [683815 668470]\n- [netdrv] cxgb3/cxgb3_main.c: prevent reading uninitialized stack memory (Doug Ledford) [633156 633157] {CVE-2010-3296}\n- [configs] redhat: added CONFIG_SECURITY_DMESG_RESTRICT option (Frantisek Hrbata) [683822 653245]\n- [kernel] restrict unprivileged access to kernel syslog (Frantisek Hrbata) [683822 653245]\n- [fs] cifs: allow matching of tcp sessions in CifsNew state (Jeff Layton) [683812 629085]\n- [fs] cifs: fix potential double put of TCP session reference (Jeff Layton) [683812 629085]\n- [fs] cifs: prevent possible memory corruption in cifs_demultiplex_thread (Jeff Layton) [683812 629085]\n- [fs] cifs: eliminate some more premature cifsd exits (Jeff Layton) [683812 629085]\n- [fs] cifs: prevent cifsd from exiting prematurely (Jeff Layton) [683812 629085]\n- [fs] CIFS: Make cifs_convert_address() take a const src pointer and a length (Jeff Layton) [683812 629085]\n- [kdump] kexec: accelerate vmcore copies by marking oldmem in /proc/vmcore as cached (Neil Horman) [683445 641315]\n- [virt] KVM: VMX: Disallow NMI while blocked by STI (Avi Kivity) [683783 616296]\n- [virt] kvm: write protect memory after slot swap (Michael S. Tsirkin) [683781 647367]\n[2.6.32-71.19.1.el6]\n- [crypto] sha-s390: Reset index after processing partial block (Herbert Xu) [678996 626515]\n- [net] clear heap allocations for privileged ethtool actions (Jiri Pirko) [672434 672435] {CVE-2010-4655}\n- [usb] iowarrior: don't trust report_size for buffer size (Don Zickus) [672421 672422] {CVE-2010-4656}\n- [virt] virtio: console: Wake up outvq on host notifications (Amit Shah) [678558 643750]\n- [fs] inotify: stop kernel memory leak on file creation failure (Eric Paris) [656831 656832] {CVE-2010-4250}\n- [net] sctp: fix kernel panic resulting from mishandling of icmp dest unreachable msg (Neil Horman) [667028 667029] {CVE-2010-4526}\n- [mm] install_special_mapping skips security_file_mmap check (Frantisek Hrbata) [662198 662199] {CVE-2010-4346}\n- [kdump] vt-d: Handle previous faults after enabling fault handling (Takao Indoh) [678485 617137]\n- [kdump] Enable the intr-remap fault handling after local apic setup (Takao Indoh) [678485 617137]\n- [kdump] vt-d: Fix the vt-d fault handling irq migration in the x2apic mode (Takao Indoh) [678485 617137]\n- [kdump] vt-d: Quirk for masking vtd spec errors to platform error handling logic (Takao Indoh) [678485 617137]\n- [virt] virtio: console: Don't block entire guest if host doesn't read data (Amit Shah) [678562 643751]\n- [virt] virtio: console: Prevent userspace from submitting NULL buffers (Amit Shah) [678559 635535]\n- [virt] virtio: console: Fix poll blocking even though there is data to read (Amit Shah) [678561 634232]", "published": "2011-04-07T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2011-0421.html", "cvelist": ["CVE-2011-0521", "CVE-2010-4346", "CVE-2011-0695", "CVE-2011-1478", "CVE-2010-4656", "CVE-2010-3296", "CVE-2010-4526", "CVE-2011-0710", "CVE-2010-4648", "CVE-2011-0716", "CVE-2010-4250", "CVE-2011-0714", "CVE-2010-4655"], "lastseen": "2016-09-04T11:17:15"}, {"id": "ELSA-2010-0898", "type": "oraclelinux", "title": "kvm security update", "description": "[kvm-83-164.0.1.el5_5.25]\n- Added kvm-add-oracle-workaround-for-libvirt-bug.patch\n- Added kvm-add-oracle-workaround-for-libvirt-bug.patch\n[kvm-83-164.el5_5.25]\n- Adding load_gs_index to kmod symbol greylist\n- Related: bz#639886\n (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z])\n[kvm-83-164.el5_5.24]\n- Updated kversion to 2.6.18-194.17.1.el5 to match build root\n- kvm.spec: fix ./configure arguments\n (ensure spice, kvm-cap-pit and kvm-cap-device-assignment are always enabled)\n- kvm-kernel-KVM-Fix-fs-gs-reload-oops-with-invalid-ldt.patch [bz#639886]\n- Resolves: bz#639886\n (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.5.z])\n- CVE: CVE-2010-3698", "published": "2010-12-06T00:00:00", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2010-0898.html", "cvelist": ["CVE-2010-3698"], "lastseen": "2016-09-04T11:17:07"}, {"id": "ELSA-2011-0028", "type": "oraclelinux", "title": "kvm security and bug fix update", "description": "[kvm-83-224.0.1]\n- Added kvm-add-oracle-workaround-for-libvirt-bug.patch\n- Added kvm-Introduce-oel-machine-type.patch\n[kvm-83-224.el5]\n- kvm-kernel-KVM-x86-zero-kvm_vcpu_events-interrupt.pad.patch [bz#665407]\n- Resolves: bz#665407\n (kvm_vcpu_events.interrupt.pad must be zeroed)\n- CVE: CVE-2010-4525\n[kvm-83-223.el5]\n- Updated kversion to 2.6.18-237.el to match build root\n- Reverting patches for bz#608709 as they are not complete\n - kvm-kernel-Revert-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#608709]\n - kvm-kernel-Revert-KVM-Don-t-spin-on-virt-instruction-faults-dur.patch [bz#608709]\n- bz#608709: reboot(RB_AUTOBOOT) fails if kvm instance is running\n- Related: bz#661117\n[kvm-83-222.el5]\n- kvm-kernel-kvm-change-signed-int-to-unsigned-in-mmu_shrink.patch [bz#661117]\n- Resolves: bz#661117\n ([RHEL5.6 CC] mmu_shrink patch)\n[kvm-83-221.el5]\n- Updated kversion to 2.6.18-236.el to match build root\n- kvm-kernel-KVM-Don-t-spin-on-virt-instruction-faults-during-reb.patch [bz#608709]\n- kvm-kernel-KVM-VMX-Return-0-from-a-failed-VMREAD.patch [bz#608709]\n- Resolves: bz#608709\n (reboot(RB_AUTOBOOT) fails if kvm instance is running)\n[kvm-83-220.el5]\n- Updated kversion to 2.6.18-235.el to match build root\n- kvm-load-registers-after-restoring-pvclock-msrs.patch [bz#655990]\n- Resolves: bz#655990\n (clock drift when migrating a guest between mis-matched CPU clock speed)\n[kvm-83-219.el5]\n- kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems-additional-f.patch [bz#642659]\n- Resolves: bz#642659\n (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.)\n[kvm-83-218.el5]\n- kvm-vnc-fix-key-event-processing.patch [bz#643317]\n- Resolves: bz#643317\n ('sendkey ctrl-alt-delete' dont work via VNC)\n[kvm-83-217.el5]\n- kvm-kernel-fix-null-pointer-dereference.patch [bz#570532]\n- Resolves: bz#570532\n (CVE-2010-0435 kvm: vmx null pointer dereference)\n- CVE: CVE-2010-0435\n[kvm-83-216.el5]\n- Updated kversion to 2.6.18-233.el to match build root\n- kvm-kernel-KVM-fix-AMD-initial-TSC-offset-problems.patch [bz#642659]\n- Resolves: bz#642659\n (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.)\n[kvm-83-215.el5]\n- Reverts previous patch (it doesnt build)\n- kvm-kernel-Revert-KVM-fix-AMD-initial-TSC-bugs.patch [bz#642659]\n- Related: bz#642659\n (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.)\n[kvm-83-214.el5]\n- kvm-kernel-KVM-fix-AMD-initial-TSC-bugs.patch [bz#642659]\n- Resolves: bz#642659\n (TSC offset of virtual machines is not initialized correctly by 'kvm_amd' kernel module.)\n[kvm-83-213.el5]\n- kvm-No-need-to-iterate-if-we-already-are-over-the-limit.patch [bz#513765 bz#589017]\n- kvm-don-t-care-about-TLB-handling.patch [bz#513765 bz#589017]\n- kvm-Fix-transferred-memory-calculation.patch [bz#513765 bz#589017]\n- kvm-Maintaing-number-of-dirty-pages.patch [bz#513765 bz#589017]\n- kvm-Exit-loop-if-we-have-been-there-too-long.patch [bz#513765 bz#589017]\n- kvm-Change-calculation-to-exit-live-migration.patch [bz#513765 bz#589017]\n- Resolves: bz#513765\n (Large guest ( 256G RAM + 16 vcpu ) hang during live migration)\n- Resolves: bz#589017\n ([rhel5.5] [kvm] dead lock in qemu during off-line migration)\n[kvm-83-212.el5]\n- kvm-implement-dummy-PnP-support.patch [bz#652671]\n- Resolves: bz#652671\n (If VM boot seq. is set up as nc (PXE then disk) the VM is always stuck on trying to PXE boot)\n[kvm-83-211.el5]\n- Dont try build kvmctl\n- Resolves: bz#632707\n[kvm-83-210.el5]\n- Adding load_gs_index to kmod symbol greylist\n- Related: bz#639887\n (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.6])\n[kvm-83-209.el5]\n- kvm-kernel-KVM-Fix-fs-gs-reload-oops-with-invalid-ldt.patch [bz#639887]\n- Resolves: bz#639887\n (CVE-2010-3698 kvm: invalid selector in fs/gs causes kernel panic [rhel-5.6])\n[kvm-83-208.el5]\n- Updated kversion to 2.6.18-232.el5 to match build root\n- kvm-kernel-KVM-x86-fix-information-leak-to-userland.patch [bz#649929]\n- Resolves: bz#649929\n (CVE-2010-3881 kvm: arch/x86/kvm/x86.c: reading uninitialized stack memory [5.6])\n- kvm-usb-linux-increase-buffer-for-USB-control-requests.patch [bz#627343]\n- kvm-e1000-Fix-TCP-checksum-overflow-with-TSO.patch [bz#648328]\n- kvm-fix-help-string-to-reflect-the-fact-that-cpu-topolog.patch [bz#611785]\n- kvm-VGA-Don-t-register-deprecated-VBE-range.patch [bz#651715]\n- Resolves: bz#611785\n ([RFE] Support cores/sockets/threads topology configuration)\n- Resolves: bz#627343\n (husb: ctrl buffer too small error received for passthrough usb device, fixed upstream)\n- Resolves: bz#648328\n (TCP checksum overflows in qemus e1000 emulation code when TSO is enabled in guest OS)\n- Resolves: bz#651715\n (qemu-kvm aborted when installing the driver for the newly hotplugged rtl8139 nic)\n[kvm-83-207.el5]\n- kvm-Add-drive-readonly-option-to-help-output.patch [bz#645798]\n- Resolves: bz#645798\n (Add drive readonly option to help output)\n[kvm-83-206.el5]\n- Updated kversion to 2.6.18-227.el5 to match build root\n- spec: fix/hack dependencies of kvm-kmod-debug\n- Resolves: bz#643272\n- create qemu user/group on %post\n- Resolves: bz#643525\n[kvm-83-205.el5]\n- Require right gcrypt version\n- Resolves: bz#503118\n- spec: fix the kmod kernel version checking code\n- Resolves: bz#637267\n- spec: fix module dir name on %install\n- Resolves: bz#517565\n- Build kmod-kvm for kernel-debug too\n- Resolves: bz#517565\n[kvm-83-204.el5]\n- kvm-don-t-link-qemu-tools-against-spice-libs.patch [bz#514578]\n- kvm-block-Fix-image-re-open-in-bdrv_commit.patch [bz#640949]\n- Resolves: bz#514578\n (kvm-qemu-img subpackage has dependency on qspice-libs)\n- Resolves: bz#640949\n (Can not commit copy-on-write images data to raw backing-image)\n[kvm-83-203.el5]\n- Updated kversion to 2.6.18-226.el5 to match build root\n- Add pci_get_domain_bus_and_slot to kmod symbol greylist\n- Related: bz#539642\n (use native pci_get_bus_and_slot function)\n[kvm-83-202.el5]\n- kvm-fix-and-on-russian-keymap.patch [bz#580637]\n- Resolves: bz#580637\n (Incorrect russian vnc keymap)\n[kvm-83-201.el5]\n- kvm-kernel-KVM-Fix-reboot-on-Intel-hosts.patch [bz#608709]\n- Resolves: bz#608709\n (reboot(RB_AUTOBOOT) fails if kvm instance is running)\n- kvm-kmod-move-cancel_work_sync-availability-test-to-conf.patch [bz#539642]\n- kvm-kmod-use-native-pci_get_bus_and_slot-if-available.patch [bz#539642]\n- Resolves: bz#539642\n (use native pci_get_bus_and_slot function)\n[kvm-83-200.el5]\n- Updated kversion to 2.6.18-225.el5 to match build root\n- kvm-qemu-fix-unsafe-ring-handling.patch [bz#568817]\n- CVE: CVE-2010-0431\n- Resolves: bz#568817\n (CVE-2010-0431 qemu: Insufficient guest provided pointers validation)\n[kvm-83-199.el5]\n- Updated kversion to 2.6.18-221.el5 to match build root\n- kvm-kernel-KVM-Prevent-kvm_init-from-corrupting-debugfs-structu.patch [bz#619268]\n- Resolves: bz#619268\n (rmmod kvm modules cause host kernel panic)\n[kvm-83-198.el5]\n- run 'make sync' before final ./configure line on build\n- Resolves: bz#632707\n (fix kvm build warnings and enable -Werror)\n[kvm-83-197.el5]\n- Updated kversion to 2.6.18-219.el5 to match build root\n- kvm-kill-bogus-return-ret-on-spawn_thread.patch [bz#632707]\n- kvm-virtio-net-fix-format-strings-on-virtio_net_receive2.patch [bz#632707]\n- kvm-kvmtrace-check-for-ftruncate-errors.patch [bz#632707]\n- Add --enable-werror to ./configure command-line [bz#632707]\n- Add ./configure arguments: --enable-kvm-cap-pit --enable-kvm-cap-device-assignment\n- Remove duplicate --enable-spice arg from ./configure \n- Resolves: bz#632707\n (fix kvm build warnings and enable -Werror)\n[kvm-83-196.el5]\n- Updated kversion to 2.6.18-215.el5 to match build root\n- kvm-introduce-__rhel5-marker-into-the-migration-save-dat.patch [bz#603026]\n- kvm-block-raw-posix-Factor-out-cdrom_probe_device.patch [bz#609472]\n- kvm-raw-posix-Detect-CDROM-via-ioctl-on-linux.patch [bz#609472]\n- kvm-raw-posix-Don-t-use-file-name-for-host_cdrom-detecti.patch [bz#609472]\n- Resolves: bz#603026\n (CPU save version is now 9, but the format is _very_ different from non-RHEL5 version 9)\n- Resolves: bz#609472\n (qemu-kvm misclassifies a /dev/cd*/* disk device as a CD-ROM)\n[kvm-83-195.el5]\n- Updated kversion to 2.6.18-211.el5 to match build root\n- kvm-use-native-cancel_work_sync-function-if-available.patch [bz#629334]\n- Resolves: bz#629334\n (use native cancel_work_sync() function)\n[kvm-83-194.el5]\n- Updated kversion to 2.6.18-212.el5 to match build root\n- kvm-Add-cache-unsafe-parameter-to-drive.patch [bz#623484]\n- kvm-qemu-img-convert-Use-cache-unsafe-for-output-image.patch [bz#623484]\n- kvm-fix-cancel_work_sync-conflict-on-compat-code.patch [bz#629333]\n- kvm-bz-547276-e1000-secrc-support.patch [bz#547276]\n- kvm-Use-native-smp_call_function_single-on-RHEL-5.5.patch [bz#533078]\n- kvm-use-native-smp_call_function_many.patch [bz#533078]\n- kvm-qemu-don-t-strip-qemu-img-and-qemu-io-in-make-instal.patch [bz#606394]\n- Resolves: bz#533078\n (use native smp_call_function_many/single functions)\n- Resolves: bz#547276\n (Vmcore cannot be captured by netdump when RHEL3.9 was installed as guest OS on KVM.)\n- Resolves: bz#606394\n ([kvm] debug-info missing from kvm-qemu-img-83-164.el5_5.12)\n- Resolves: bz#623484\n (KVM: qemu-img convert poor performance ( on NFS storage ))\n- Resolves: bz#629333\n (fix build against kernel-devel-2.6.18-214.el5.x86_64: (cancel_work_sync() conflict))\n[kvm-83-193.el5]\n- kvm-virtio-net-correct-packet-length-checks.patch [bz#606238]\n- kvm-Fix-segfault-in-mmio-subpage-handling-code.patch [bz#619413]\n- Resolves: bz#606238\n (Virtio: Transfer file caused guest in same vlan abnormally quit)\n- Resolves: bz#619413\n (CVE-2010-2784 qemu: insufficient constraints checking in exec.c:subpage_register() [rhel-5.6])\n[kvm-83-192.el5]\n- kvm-Fix-changing-password-using-monitor-over-VNC.patch [bz#569743]\n- kvm-qcow2-Fix-qemu-img-check-segfault-on-corrupted-image.patch [bz#606434]\n- kvm-qcow2-Don-t-try-to-check-tables-that-couldn-t-be-loa.patch [bz#606434]\n- kvm-qemu-img-check-Distinguish-different-kinds-of-errors.patch [bz#606651]\n- kvm-qcow2-Change-check-to-distinguish-error-cases.patch [bz#606651]\n- Resolves: bz#569743\n (Change vnc password caused 'Segmentation fault')\n- Resolves: bz#606434\n ([kvm] segmentation fault when running qemu-img check on faulty image)\n- Resolves: bz#606651\n ([kvm] qemu image check returns cluster errors when using virtIO block (thinly provisioned) during e_no_space events (along with EIO errors))\n[kvm-83-191.el5]\n- kvm-kernel-KVM-MMU-fix-conflict-access-permissions-in-direct-sp.patch [bz#615225]\n- Resolves: bz#615225\n (KVM uses wrong permissions for large guest pages)\n[kvm-83-190.el5]\n- kvm-New-slots-need-dirty-tracking-enabled-when-migrating.patch [bz#567046]\n- Resolves: bz#567046\n (SPICE - race in KVM/Spice would cause migration to fail (slots are not registered properly?))\n[kvm-83-189.el5]\n- kvm-Monitor-Check-for-error-in-do_change.patch [bz#611982]\n- Resolves: bz#611982\n (Monitor doesnt check for 'change' command failure)\n[kvm-83-188.el5]\n- kvm-qcow2-Fix-access-after-end-of-array.patch [bz#605701]\n- kvm-qcow2-Don-t-ignore-immediate-read-write-failures.patch [bz#605701]\n- kvm-qcow2-Return-0-errno-in-write_l2_entries.patch [bz#605701]\n- kvm-qcow2-Fix-error-return-code-in-qcow2_alloc_cluster_l.patch [bz#605701]\n- kvm-qcow2-Return-0-errno-in-write_l1_entry.patch [bz#605701]\n- kvm-qcow2-Return-0-errno-in-l2_allocate.patch [bz#605701]\n- kvm-qcow2-Allow-qcow2_get_cluster_offset-to-return-error.patch [bz#605701]\n- kvm-qcow2-Change-l2_load-to-return-0-errno.patch [bz#605701]\n- kvm-qcow2-Return-right-error-code-in-write_refcount_bloc.patch [bz#605701]\n- kvm-qcow2-Fix-corruption-after-error-in-update_refcount.patch [bz#605701]\n- kvm-qcow2-Clear-L2-table-cache-after-write-error.patch [bz#605701]\n- kvm-qcow2-Fix-error-handlin g - i n - l 2 _ a l l o c a t e . p a t c h [ b z # 6 0 5 7 0 1 ] b r > - k v m - q c o w 2 - R e s t o r e - L 1 - e n t r y - o n - l 2 _ a l l o c a t e - f a i l u r e . p a t c h [ b z # 6 0 5 7 0 1 ] b r > - k v m - q c o w 2 - A l l o w - g e t _ r e f c o u n t - t o - r e t u r n - e r r o r s . p a t c h [ b z # 6 0 5 7 0 1 ] b r > - k v m - q c o w 2 - A l l o w - a l l o c _ c l u s t e r s _ n o r e f - t o - r e t u r n - e r r o r s . p a t c h [ b z # 6 0 5 7 0 1 ] b r > - k v m - q c o w 2 - R e t u r n - r e a l - e r r o r - c o d e - i n - l o a d _ r e f c o u n t _ b l o c k . p a t c h [ b z # 6 0 5 7 0 1 ] b r > - k v m - b l o c k - A d d - b d r v _ - p - w r i t e _ s y n c . p a t c h [ b z # 5 7 2 8 2 5 ] b r > - k v m - q c o w 2 - U s e - b d r v _ - p - w r i t e _ s y n c - f o r - m e t a d a t a - w r i t e s . p a t c h [ b z # 5 7 2 8 2 5 ] b r > - R e s o l v e s : b z # 5 7 2 8 2 5 b r > ( q c o w 2 i m a g e c o r r u p t i o n w h e n u s i n g c a c h e = w r i t e b a c k ) b r > - R e s o l v e s : b z # 6 0 5 7 0 1 b r > ( B a c k p o r t q c o w 2 f i x e s t o R H E L 5 ) b r > b r > [ k v m - 8 3 - 1 8 7 . e l 5 ] b r > - k v m - E r r o r - c h e c k i n g . p a t c h [ b z # 5 8 7 0 4 9 ] b r > - k v m - A v o i d - t h u n d e r i n g - h e r d - p r o b l e m . p a t c h [ b z # 5 8 7 0 4 9 ] b r > - R e s o l v e s : b z # 5 8 7 0 4 9 b r > ( q e m u p o s i x _ a i o u s e p t h r e a d _ c o n d _ s i g n a l i n s t e a d o f b r o a d c a s t t o p r e v e n t l o c k s t o r m ) b r > b r > [ k v m - 8 3 - 1 8 6 . e l 5 ] b r > - U p d a t e d k v e r s i o n t o 2 . 6 . 1 8 - 2 0 3 . e l 5 t o m a t c h b u i l d r o o t b r > - k v m - k e r n e l - K V M - K e e p - s l o t - I D - i n - m e m o r y - s l o t - s t r u c t u r e . p a t c h [ b z # 6 0 6 9 5 3 ] b r > - k v m - k e r n e l - K V M - P r e v e n t - i n t e r n a l - s l o t s - f r o m - b e i n g - C O W e d . p a t c h [ b z # 6 0 6 9 5 3 ] b r > - R e s o l v e s : b z # 6 0 6 9 5 3 b r > ( f o r k c a u s e s t r o u b l e f o r v c p u t h r e a d s ) b r > b r > [ k v m - 8 3 - 1 8 5 . e l 5 ] b r > - k v m - t u r n - o f f - k v m c l o c k - w h e n - r e s e t t i n g - c p u . p a t c h [ b z # 5 8 8 8 7 8 ] b r > - k v m - r a w - p o s i x - U s e - p r e a d - p w r i t e - i n s t e a d - o f - l s e e k - r e a d - w r i . p a t c h [ b z # 6 0 0 3 7 5 ] b r > - k v m - b l o c k - C a c h e - t o t a l _ s e c t o r s - t o - r e d u c e - b d r v _ g e t l e n g t h - c . p a t c h [ b z # 6 0 0 3 7 5 ] b r > - R e s o l v e s : b z # 5 8 8 8 7 8 b r > ( R e b o o t i n g a k e r n e l w i t h k v m c l o c k e n a b l e d , i n t o a k e r n e l w i t h k v m c l o c k d i s a b l e d , c a u s e s r a n d o m c r a s h e s ) b r > - R e s o l v e s : b z # 6 0 0 3 7 5 b r > ( E x c e s s i v e l s e e k ( ) c a u s e s s e v e r e p e r f o r m a n c e i s s u e s w i t h v m d i s k i m a g e s o v e r N F S ) b r > b r > [ k v m - 8 3 - 1 8 4 . e l 5 ] b r > - k v m - v i r t i o - n e t - t r u n c a t i n g - p a c k e t . p a t c h [ b z # 6 0 6 2 3 8 ] b r > - R e s o l v e s : b z # 6 0 6 2 3 8 b r > ( V i r t i o : T r a n s f e r f i l e c a u s e d g u e s t i n s a m e v l a n a b n o r m a l l y q u i t ) b r > b r > [ k v m - 8 3 - 1 8 3 . e l 5 ] b r > - k v m - v i r t i o - b l k . c - a v o i d - z e r o - e v e r y - r e q u e s t - s t r u c t u r e . p a t c h [ b z # 5 9 8 0 4 2 ] b r > - k v m - q e m u - i o - O p e n - f i l e s - r e a d - w r i t e - a g a i n . p a t c h [ b z # 6 0 1 4 9 4 ] b r > - R e s o l v e s : b z # 5 9 8 0 4 2 b r > ( v i r t i o - b l k : A v o i d z e r o i n g e v e r y r e q u e s t s t r u c t u r e ) b r > - R e s o l v e s : b z # 6 0 1 4 9 4 b r > ( q e m u - i o : N o p e r m i s s i o n t o w r i t e i m a g e ) b r > b r > [ k v m - 8 3 - 1 8 2 . e l 5 ] b r > - k v m - k e r n e l - K V M - F i x - w a l l c l o c k - v e r s i o n - w r i t i n g - r a c e . p a t c h [ b z # 5 9 2 0 2 1 ] b r > - R e s o l v e s : b z # 5 9 2 0 2 1 b r > ( r a c e c o n d i t i o n i n p v c l o c k w a l l c l o c k c a l c u l a t i o n ) b r > - k v m - q c o w 2 - F i x - c o r r u p t i o n - a f t e r - r e f b l o c k - a l l o c a t i o n . p a t c h [ b z # 5 9 8 4 8 8 ] b r > - R e s o l v e s : b z # 5 9 8 4 8 8 b r > ( q c o w 2 c o r r u p t i o n b u g i n r e f c o u n t t a b l e g r o w t h ) b r > b r > [ k v m - 8 3 - 1 8 1 . e l 5 ] b r > - k v m - k e r n e l - K V M - M M U - b a i l - o u t - p a g e w a l k - o n - k v m _ r e a d _ g u e s t - e r r o r . p a t c h [ b z # 5 8 8 2 5 1 ] b r > - R e s o l v e s : b z # 5 8 8 2 5 1 b r > ( k v m s p i n n i n g u p d a t i n g a g u e s t p t e , u n k i l l a b l e ) b r > - k v m - q e m u - i m g - r e b a s e - F i x - o u t p u t - i m a g e - c o r r u p t i o n . p a t c h [ b z # 5 8 7 2 7 8 ] b r > - k v m - b l o c k - F i x - b d r v _ c o m m i t . p a t c h [ b z # 5 8 7 6 0 4 ] b r > - R e s o l v e s : b z # 5 8 7 2 7 8 b r > ( A f t e r r e - b a s e s n a p s h o t , t h e f i l e i n t h e s n a p s h o t d i s a p p e a r e d ) b r > - R e s o l v e s : b z # 5 8 7 6 0 4 b r > ( Q c o w 2 s n a p s h o t g o t c o r r u p t i o n a f t e r c o m m i t u s i n g b l o c k d e v i c e ) b r > b r > [ k v m - 8 3 - 1 8 0 . e l 5 ] b r > - k v m - q e m u - i m g - o p e n - f i l e - t o - b e - r e b a s e d - w i t h - r e a d - w r i t e - p e r . p a t c h [ b z # 5 8 7 6 0 5 ] b r > - R e s o l v e s : b z # 5 8 7 6 0 5 b r > ( F a i l e d t o r e - b a s e q c o w 2 s n a p s h o t ) b r > b r > [ k v m - 8 3 - 1 7 9 . e l 5 ] b r > - R e n u m b e r k v m m o d u l e p a t c h e s f r o m 5 0 1 - 6 2 5 t o 1 5 0 1 - 1 6 2 5 b r > ( s o t h e u s e r s p a c e p a t c h n u m b e r s c a n u s e s l o t s 5 0 1 t o 1 5 0 0 ) b r > - k v m - q c o w 2 - E x p o r t - s y n c h r o n o u s - q c o w _ r e a d - w r i t e - t o - a v o i d - b r . p a t c h [ b z # 5 4 2 9 5 4 ] b r > - R e s o l v e s : b z # 5 4 2 9 5 4 b r > ( G u e s t s u f f e r s k e r n e l p a n i c w h e n s a v e s n a p s h o t t h e n r e s t a r t g u e s t ) b r > b r > [ k v m - 8 3 - 1 7 8 . e l 5 ] b r > - R e m o v e b i o s - n o h o t p l u g . b i n f r o m p a c k a g e b r > - R e l a t e d : b z # 4 9 8 7 7 4 b r > ( Q E M U : T o o m a n y d e v i c e s a r e a v a i l a b l e f o r u n p l u g i n W i n d o w s X P ( a n d w e d o n t s u p p o r t t h a t ) ) b r > b r > [ k v m - 8 3 - 1 7 7 . e l 5 ] b r > - k v m - B a i l - o u t - w h e n - V C P U _ C R E A T E - f a i l s . p a t c h [ b z # 5 8 7 6 6 1 ] b r > - R e s o l v e s : b z # 5 8 7 6 6 1 b r > ( F i x s e g f a u l t w h e n c r e a t i n g m o r e v c p u s t h a n a l l o w e d . ) b r > b r > [ k v m - 8 3 - 1 7 6 . e l 5 ] b r > - k v m - R e v e r t - f i x - w r o n g - a c p i - m a p p i n g - r h e l 5 . x - k v m - u s e r s p a c e . p a t c h [ b z # 5 7 6 5 5 4 ] b r > - p a t c h c a u s e s i s s u e s w h e n u s i n g S p i c e w i t h o u t Q X L o n s o m e g u e s t O S e s b r > [ b z # 5 8 1 7 5 8 c o m m e n t 8 ] b r > - R e l a t e d : b z # 5 7 6 5 5 4 b r > ( W i n 7 / 3 2 s t u c k o n 1 0 0 % C P U ( i n t e s t i n g V D I d r i v e r u n c l a s s i f i e d W H Q L t e s t s ) ) b r > b r > [ k v m - 8 3 - 1 7 5 . e l 5 ] b r > - k v m - k e r n e l - E P T - a c c e s s e d - b i t - e m u l a t i o n - f i x e d . p a t c h [ b z # 5 8 2 0 3 8 ] b r > - R e s o l v e s : b z # 5 8 2 0 3 8 b r > ( b a c k p o r t E P T a c c e s s e d b i t e m u l a t i o n ) b r > b r > [ k v m - 8 3 - 1 7 4 . e l 5 ] b r > - k v m - k e r n e l - R e v e r t - E P T - a c c e s s e d - b i t - e m u l a t i o n . p a t c h [ b z # 5 8 2 0 3 8 ] b r > ( p a t c h f a i l s t o b u i l d ) b r > - R e l a t e d : b z # 5 8 2 0 3 8 b r > ( b a c k p o r t E P T a c c e s s e d b i t e m u l a t i o n ) b r > b r > [ k v m - 8 3 - 1 7 3 . e l 5 ] b r > - k v m - k e r n e l - E P T - a c c e s s e d - b i t - e m u l a t i o n . p a t c h [ b z # 5 8 2 0 3 8 ] b r > - R e s o l v e s : b z # 5 8 2 0 3 8 b r > ( b a c k p o r t E P T a c c e s s e d b i t e m u l a t i o n ) b r > b r > [ k v m - 8 3 - 1 7 2 . e l 5 ] b r > - k v m - q c o w 2 - R e m o v e - a b o r t - o n - f r e e _ c l u s t e r s - f a i l u r e . p a t c h [ b z # 5 8 3 9 4 7 ] b r > - R e s o l v e s : b z # 5 8 3 9 4 7 b r > ( G u e s t a b o r t e d w h e n m a k e g u e s t s t o p o n w r i t e e r r o r ) b r > b r > [ k v m - 8 3 - 1 7 1 . e l 5 ] b r > - k v m - p c n e t - m a k e - s u b s y s t e m - v e n d o r - i d - m a t c h - h a r d w a r e . p a t c h [ b z # 5 2 1 2 4 7 ] b r > - k v m - r e a d - o n l y - a d d - R O - f e a t u r e - m a c r o . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - P a s s - t h e - r e a d - o n l y - a t t r i b u t e - t o - t h e - G u e s t . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - B D R V _ O _ F L A G S - c h a n g e s - d e f a u l t - n o w - i s - r e a d - o . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - q e m u - i m g - A l l o w - o p e n i n g - a n - i m a g e - w i t h - r e a d - . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - A d d e d - r e a d o n l y - o p t i o n - t o - d r i v e - s - c o m m a n d - l . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - M a k e - C D R O M - a - r e a d - o n l y - d r i v e . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - D i s a b l e - f a l l - b a c k - t o - r e a d - o n l y . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - O p e n - b a c k i n g - f i l e - r e a d - o n l y - w h e r e - p o s s i b l e . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - d o n - t - r e l y - o n - C D R O M - h i n t - f o r - r e a d _ o n l y - a t t . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - o p e n - f o r - r e a d - o n l y - w h e r e - p o s s i b l e . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - k v m - r e a d - o n l y - a l l o w - r e a d - o n l y - C D R O M - w i t h - a n y - i n t e r f a c e . p a t c h [ b z # 5 1 0 6 3 0 ] b r > - R e s o l v e s : b z # 5 1 0 6 3 0 b r > ( - d r i v e a r g h a s n o w a y t o r e q u e s t a r e a d o n l y d i s k ) b r > - R e s o l v e s : b z # 5 2 1 2 4 7 b r > ( e m u l a t e d p c n e t n i c i n q e m u - k v m h a s w r o n g P C I s u b s y s t e m I D f o r W i n d o w s X P d r i v e r ) b r > b r > [ k v m - 8 3 - 1 7 0 . e l 5 ] b r > - k v m - f i x - w r o n g - a c p i - m a p p i n g - r h e l 5 . x - k v m - u s e r s p a c e . p a t c h [ b z # 5 7 6 5 5 4 ] b r > - R e s o l v e s : b z # 5 7 6 5 5 4 b r > ( W i n 7 / 3 2 s t u c k o n 1 0 0 % C P U ( i n t e s t i n g V D I d r i v e r u n c l a s s i f i e d W H Q L t e s t s ) ) b r > b r > [ k v m - 8 3 - 1 6 9 . e l 5 ] b r > - k v m - q c o w 2 - F a c t o r - n e x t _ r e f c o u n t _ t a b l e _ s i z e - o u t . p a t c h [ b z # 5 7 7 2 2 5 ] b r > - k v m - q c o w 2 - R e w r i t e - a l l o c _ r e f c o u n t _ b l o c k - g r o w _ r e f c o u n t _ t a b . p a t c h [ b z # 5 7 7 2 2 5 ] b r > - k v m - q c o w 2 - M o r e - c h e c k s - f o r - q e m u - i m g - c h e c k . p a t c h [ b z # 5 7 7 2 2 5 ] b r > - R e s o l v e s : b z # 5 7 7 2 2 5 b r > ( q c o w 2 c o r r u p t i o n w i t h I / O e r r o r d u r i n g r e f c o u n t b l o c k a l l o c a t i o n ) b r > - A d d e d r e g i s t e r _ k p r o b e a n d u n r e g i s t e r _ k p r o b e t o t h e i g n o r e d k s y m s l i s t b r > - R e s o l v e s : b z # 5 8 0 4 1 0 b r > ( F a i l e d t o i n s t a l l k v m f o r f a i l e d d e p e n d e n c i e s : k s y m ) b r > b r > [ k v m - 8 3 - 1 6 8 . e l 5 ] b r > - F i x b u i l d w a r n i n g s : b r > - k v m - R e v e r t - a v o i d - l e a v i n g - o r p h a n e d - s w a p c a c h e - i n - k s m . p a t c h [ b z # 5 7 5 5 8 5 ] b r > - R e l a t e d : b z # 5 7 5 5 8 5 b r > ( m e m o r y r e p o r t e d a s u s e d ( b y S w a p C a c h e a n d b y C a c h e ) t h o u g h n o p r o c e s s h o l d s i t . ) b r > - k v m - a v o i d - l e a v i n g - o r p h a n e d - s w a p c a c h e - i n - k s m - v 2 . p a t c h . p a t c h [ b z # 5 7 5 5 8 5 ] b r > - R e s o l v e s : b z # 5 7 5 5 8 5 b r > ( m e m o r y r e p o r t e d a s u s e d ( b y S w a p C a c h e a n d b y C a c h e ) t h o u g h n o p r o c e s s h o l d s i t . ) b r > b r > [ k v m - 8 3 - 1 6 7 . e l 5 ] b r > - k v m - a v o i d - l e a v i n g - o r p h a n e d - s w a p c a c h e - i n - k s m . p a t c h [ b z # 5 7 5 5 8 5 ] b r > - R e s o l v e s : b z # 5 7 5 5 8 5 b r > ( m e m o r y r e p o r t e d a s u s e d ( b y S w a p C a c h e a n d b y C a c h e ) t h o u g h n o p r o c e s s h o l d s i t . ) b r > b r > [ k v m - 8 3 - 1 6 6 . e l 5 ] b r > - k v m - B u i l d - a n - a d d i t i o n a l - b i o s - w i t h o u t - h o t p l u g - s u p p o r t . p a t c h [ b z # 4 9 8 7 7 4 ] b r > - R e s o l v e s : b z # 4 9 8 7 7 4 b r > ( Q E M U : T o o m a n y d e v i c e s a r e a v a i l a b l e f o r u n p l u g i n W i n d o w s X P ( a n d w e d o n t s u p p o r t t h a t ) ) b r > b r > [ k v m - 8 3 - 1 6 5 . e l 5 ] b r > - U p d a t e d k v e r s i o n t o 2 . 6 . 1 8 - 1 9 4 . e l 5 t o m a t c h b u i l d r o o t b r > - k v m - k e r n e l - a c c o u n t - o n l y - f o r - I R Q - i n j e c t e d - i n t o - v c p u 0 . p a t c h [ b z # 5 5 5 7 2 7 ] b r > - k v m - k e r n e l - B a c k p o r t - K V M - f i x - i r q _ s o u r c e _ i d - s i z e - v e r i f i c a t i o n . p a t c h [ b z # 5 2 0 5 7 2 ] b r > - k v m - k e r n e l - K V M - x 8 6 - d i s a b l e - p a r a v i r t - m m u - r e p o r t i n g . p a t c h [ b z # 5 7 4 6 2 1 ] b r > - R e s o l v e s : b z # 5 2 0 5 7 2 b r > ( S R - I O V - - G u e s t e x i t a n d h o s t h a n g o n i f b o o t V M w i t h 8 V F s a s s i g n e d ) b r > - R e s o l v e s : b z # 5 5 5 7 2 7 b r > ( T i m e d r i f t i n w i n 2 k 3 - 6 4 b i t a n d w i n 2 k 8 - 6 4 b i t s m p g u e s t ) b r > - R e s o l v e s : b z # 5 7 4 6 2 1 b r > ( L i n u x p v m m u g u e s t s ( F C 1 1 , F C 1 2 , e t c ) c r a s h o n b o o t o n A M D h o s t s w i t h N P T d i s a b l e d ) b r > - k v m - k b d - l e d s - i n f r a s t r u c t u r e . p a t c h [ b z # 5 1 7 8 1 4 ] b r > - k v m - k b d - l e d s - p s - 2 - k b d . p a t c h [ b z # 5 1 7 8 1 4 ] b r > - k v m - k b d - l e d s - u s b - k b d . p a t c h [ b z # 5 1 7 8 1 4 ] b r > - k v m - k b d - k e d s - v n c . p a t c h [ b z # 5 1 7 8 1 4 ] b r > - R e s o l v e s : b z # 5 1 7 8 1 4 b r > ( C a p s L o c k t h e k e y s a p p e a r a n c e o f g u e s t i s n o t s y n c h r o n o u s a s h o s t s - - v i e w k v m w i t h v n c ) b r > / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 0 - 4 5 2 5 . h t m l \" > C V E - 2 0 1 0 - 4 5 2 5 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i 3 8 6 ) / t d > t d > k v m - 8 3 - 2 2 4 . 0 . 1 . e l 5 . s r c . r p m / t d > t d > 1 5 f 4 2 8 9 e c b 6 0 4 7 9 7 d a b 0 0 c c 3 f a 4 2 1 2 3 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 0 4 5 4 . h t m l \" > E L S A - 2 0 1 7 - 0 4 5 4 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i a 6 4 ) / t d > t d > k v m - 8 3 - 2 2 4 . 0 . 1 . e l 5 . s r c . r p m / t d > t d > 1 5 f 4 2 8 9 e c b 6 0 4 7 9 7 d a b 0 0 c c 3 f a 4 2 1 2 3 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 0 4 5 4 . h t m l \" > E L S A - 2 0 1 7 - 0 4 5 4 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( x 8 6 _ 6 4 ) / t d > t d > k v m - 8 3 - 2 2 4 . 0 . 1 . e l 5 . s r c . r p m / t d > t d > 1 5 f 4 2 8 9 e c b 6 0 4 7 9 7 d a b 0 0 c c 3 f a 4 2 1 2 3 c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 0 4 5 4 . h t m l \" > E L S A - 2 0 1 7 - 0 4 5 4 / a > / t d > / t r > t r > t d > / t d > t d > k m o d - k v m - 8 3 - 2 2 4 . 0 . 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 0 5 9 6 0 9 5 d b e d 7 e 8 e 4 5 3 1 5 1 f 6 9 9 0 6 8 b a c 8 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 0 4 5 4 . h t m l \" > E L S A - 2 0 1 7 - 0 4 5 4 / a > / t d > / t r > t r > t d > / t d > t d > k m o d - k v m - d e b u g - 8 3 - 2 2 4 . 0 . 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > f 4 8 3 7 e 7 b 2 5 f 3 4 5 e 1 6 e 9 4 c 7 f 6 7 8 b f c 7 3 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 0 4 5 4 . h t m l \" > E L S A - 2 0 1 7 - 0 4 5 4 / a > / t d > / t r > t r > t d > / t d > t d > k v m - 8 3 - 2 2 4 . 0 . 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > a 3 9 5 9 9 6 4 6 e e 4 d c 8 e e 2 f e 9 b d d 1 4 8 2 a c 0 0 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 0 4 5 4 . h t m l \" > E L S A - 2 0 1 7 - 0 4 5 4 / a > / t d > / t r > t r > t d > / t d > t d > k v m - q e m u - i m g - 8 3 - 2 2 4 . 0 . 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > d 1 7 6 2 5 8 5 8 7 4 9 6 0 7 4 9 f a a a 7 6 a 1 2 7 4 4 1 4 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 0 4 5 4 . h t m l \" > E L S A - 2 0 1 7 - 0 4 5 4 / a > / t d > / t r > t r > t d > / t d > t d > k v m - t o o l s - 8 3 - 2 2 4 . 0 . 1 . e l 5 . x 8 6 _ 6 4 . r p m / t d > t d > 9 e 5 0 a e 8 8 d 1 0 5 2 4 f 2 f 2 e e e f 9 0 e d 4 2 9 5 b d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 0 4 5 4 . h t m l \" > E L S A - 2 0 1 7 - 0 4 5 4 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2011-01-20T00:00:00", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2011-0028.html", "cvelist": ["CVE-2010-3881", "CVE-2010-2784", "CVE-2010-0435", "CVE-2010-4525", "CVE-2010-3698", "CVE-2010-0431"], "lastseen": "2018-04-04T13:07:58"}], "suse": [{"id": "SUSE-SA:2011:015", "type": "suse", "title": "remote denial of service in kernel", "description": "This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2011-03-24T16:29:15", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2011-03/msg00005.html", "cvelist": ["CVE-2010-4242", "CVE-2011-0521", "CVE-2010-4163", "CVE-2010-4529", "CVE-2010-4668", "CVE-2010-4527", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-4526", "CVE-2011-0711", "CVE-2011-0710", "CVE-2010-4248", "CVE-2010-4342", "CVE-2010-1173", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4655", "CVE-2010-4076"], "lastseen": "2016-09-04T11:35:39"}, {"id": "SUSE-SA:2011:008", "type": "suse", "title": "local privilege escalation, remote denial of in kernel", "description": "This patch updates the SUSE Linux Enterprise Server 9 kernel to fix various security issues and some bugs.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2011-02-11T13:07:24", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00002.html", "cvelist": ["CVE-2010-4242", "CVE-2010-4081", "CVE-2010-4529", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-2946", "CVE-2010-4527", "CVE-2010-4083", "CVE-2010-3310", "CVE-2010-4158", "CVE-2010-3850", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3848", "CVE-2010-4157", "CVE-2010-4342", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3849"], "lastseen": "2016-09-04T12:25:43"}, {"id": "SUSE-SA:2011:002", "type": "suse", "title": "potential local privilege escalation in kernel", "description": "This update of the openSUSE 11.2 kernel fixes various bugs and lots of security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2011-01-03T15:33:25", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html", "cvelist": ["CVE-2010-4163", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4165", "CVE-2010-3437", "CVE-2010-4082", "CVE-2010-4080", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4160", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-4078", "CVE-2010-4175", "CVE-2010-3861"], "lastseen": "2016-09-04T12:09:51"}, {"id": "SUSE-SA:2010:060", "type": "suse", "title": "remote denial of service in kernel", "description": "This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2010-12-14T13:42:46", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00004.html", "cvelist": ["CVE-2010-2942", "CVE-2010-4081", "CVE-2010-2248", "CVE-2010-4073", "CVE-2010-2226", "CVE-2010-4072", "CVE-2010-2946", "CVE-2010-3437", "CVE-2010-4083", "CVE-2010-3086", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-3442", "CVE-2010-4157", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-4078"], "lastseen": "2016-09-04T12:14:17"}, {"id": "SUSE-SA:2011:001", "type": "suse", "title": "local privilege escalation, remote denial of in kernel", "description": "The openSUSE 11.3 kernel was updated to fix various bugs and security issues. Following security issues have been fixed: CVE-2010-4347: A local user could inject ACPI code into the kernel via the world-writable \"custom_debug\" file, allowing local privilege escalation.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2011-01-03T15:33:10", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html", "cvelist": ["CVE-2010-4163", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4165", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-0435", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-4158", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4347", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-4175", "CVE-2010-3861"], "lastseen": "2016-09-04T12:46:49"}, {"id": "SUSE-SA:2011:007", "type": "suse", "title": "remote denial of service, local privilege in kernel-rt", "description": "This update to the SUSE Linux Enterprise 11 SP 1 Realtime Extension kernel brings various bug and lots of security fixes.\n#### Solution\nPlease install the updated packages.", "published": "2011-02-07T11:58:56", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html", "cvelist": ["CVE-2010-2942", "CVE-2010-4163", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-2226", "CVE-2010-4165", "CVE-2010-2960", "CVE-2010-4072", "CVE-2010-3881", "CVE-2010-2955", "CVE-2010-2946", "CVE-2010-3437", "CVE-2010-4083", "CVE-2010-4082", "CVE-2010-4080", "CVE-2010-4169", "CVE-2010-3310", "CVE-2010-2959", "CVE-2010-4158", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3015", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-3442", "CVE-2010-3848", "CVE-2010-2954", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-3081", "CVE-2010-4347", "CVE-2010-3067", "CVE-2010-2803", "CVE-2010-3084", "CVE-2010-4164", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3432", "CVE-2010-3298", "CVE-2010-4078", "CVE-2010-3849", "CVE-2010-3079", "CVE-2010-4175", "CVE-2010-3861", "CVE-2010-3301"], "lastseen": "2016-09-04T12:15:22"}, {"id": "SUSE-SA:2010:044", "type": "suse", "title": "local privilege escalation in kernel", "description": "This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several critical security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2010-09-23T16:31:13", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00009.html", "cvelist": ["CVE-2010-3078", "CVE-2010-3297", "CVE-2010-2955", "CVE-2010-2959", "CVE-2010-3081", "CVE-2010-3301"], "lastseen": "2016-09-04T12:47:17"}, {"id": "SUSE-SA:2010:047", "type": "suse", "title": "local privilege escalation in kernel", "description": "This update of the openSUSE 11.3 kernel fixes two local root exploits, various other security issues and some bugs. Following security issues are fixed by this update: CVE-2010-3301: Mismatch between 32bit and 64bit register usage in the system call entry path could be used by local attackers to gain root privileges. This problem only affects x86_64 kernels. CVE-2010-3081: Incorrect buffer handling in the biarch-compat buffer handling could be used by local attackers to gain root privileges. This problem affects foremost x86_64, or potentially other biarch platforms, like PowerPC and S390x. CVE-2010-3084: A buffer overflow in the ETHTOOL_GRXCLSRLALL code could be used to crash the kernel or potentially execute code. CVE-2010-2955: A kernel information leak via the WEXT ioctl was fixed. CVE-2010-2960: The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel expects that a certain parent session keyring exists, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a KEYCTL_SESSION_TO_PARENT argument to the keyctl function. CVE-2010-3080: A double free in an alsa error path was fixed, which could lead to kernel crashes. CVE-2010-3079: Fixed a ftrace NULL pointer dereference problem which could lead to kernel crashes. CVE-2010-3298: Fixed a kernel information leak in the net/usb/hso driver. CVE-2010-3296: Fixed a kernel information leak in the cxgb3 driver. CVE-2010-3297: Fixed a kernel information leak in the net/eql driver.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2010-09-23T16:37:53", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00012.html", "cvelist": ["CVE-2010-3297", "CVE-2010-2960", "CVE-2010-2955", "CVE-2010-2959", "CVE-2010-3296", "CVE-2010-3081", "CVE-2010-3084", "CVE-2010-3080", "CVE-2010-3298", "CVE-2010-3079", "CVE-2010-3301"], "lastseen": "2016-09-04T11:54:56"}, {"id": "SUSE-SA:2010:050", "type": "suse", "title": "local privilege escalation in kernel", "description": "This SUSE Linux Enterprise 11 Service Pack 1 kernel contains various security fixes and lots of other bugfixes.\n#### Solution\nThere is no known workaround, please install the update packages.", "published": "2010-10-13T18:00:32", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html", "cvelist": ["CVE-2010-3078", "CVE-2010-3297", "CVE-2010-2960", "CVE-2010-3310", "CVE-2010-3296", "CVE-2010-2954", "CVE-2010-3081", "CVE-2010-2962", "CVE-2010-3080", "CVE-2010-3298", "CVE-2010-3079"], "lastseen": "2016-09-04T12:08:53"}, {"id": "SUSE-SA:2010:054", "type": "suse", "title": "local privilege escalation in kernel", "description": "This security update of the SUSE Linux Enterprise 11 GA and openSUSE 11.1 kernel updates the kernel to 2.6.27.54 and fixes various security issues and other bugs.\n#### Solution\nThere is no workaround, please install the fixed packages.", "published": "2010-11-03T13:13:23", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00000.html", "cvelist": ["CVE-2010-2942", "CVE-2010-3078", "CVE-2010-3297", "CVE-2010-2955", "CVE-2010-2946", "CVE-2010-3310", "CVE-2010-3296", "CVE-2010-3015", "CVE-2010-2954", "CVE-2010-2803", "CVE-2010-2798", "CVE-2010-3080"], "lastseen": "2016-09-04T12:32:26"}], "debian": [{"id": "DSA-2153", "type": "debian", "title": "linux-2.6 -- privilege escalation/denial of service/information leak", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2010-0435](<https://security-tracker.debian.org/tracker/CVE-2010-0435>)\n\nGleb Napatov reported an issue in the KVM subsystem that allows virtual machines to cause a denial of service of the host machine by executing mov to/from DR instructions.\n\n * [CVE-2010-3699](<https://security-tracker.debian.org/tracker/CVE-2010-3699>)\n\nKeir Fraser provided a fix for an issue in the Xen subsystem. A guest can cause a denial of service on the host by retaining a leaked reference to a device. This can result in a zombie domain, xenwatch process hangs, and xm command failures.\n\n * [CVE-2010-4158](<https://security-tracker.debian.org/tracker/CVE-2010-4158>)\n\nDan Rosenberg discovered an issue in the socket filters subsystem, allowing local unprivileged users to obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-4162](<https://security-tracker.debian.org/tracker/CVE-2010-4162>)\n\nDan Rosenberg discovered an overflow issue in the block I/O subsystem that allows local users to map large numbers of pages, resulting in a denial of service due to invocation of the out of memory killer.\n\n * [CVE-2010-4163](<https://security-tracker.debian.org/tracker/CVE-2010-4163>)\n\nDan Rosenberg discovered an issue in the block I/O subsystem. Due to improper validation of iov segments, local users can trigger a kernel panic resulting in a denial of service.\n\n * [CVE-2010-4242](<https://security-tracker.debian.org/tracker/CVE-2010-4242>)\n\nAlan Cox reported an issue in the Bluetooth subsystem. Local users with sufficient permission to access HCI UART devices can cause a denial of service (NULL pointer dereference) due to a missing check for an existing tty write operation.\n\n * [CVE-2010-4243](<https://security-tracker.debian.org/tracker/CVE-2010-4243>)\n\nBrad Spengler reported a denial-of-service issue in the kernel memory accounting system. By passing large argv/envp values to exec, local users can cause the out of memory killer to kill processes owned by other users.\n\n * [CVE-2010-4248](<https://security-tracker.debian.org/tracker/CVE-2010-4248>)\n\nOleg Nesterov reported an issue in the POSIX CPU timers subsystem. Local users can cause a denial of service (Oops) due to incorrect assumptions about thread group leader behavior.\n\n * [CVE-2010-4249](<https://security-tracker.debian.org/tracker/CVE-2010-4249>)\n\nVegard Nossum reported an issue with the UNIX socket garbage collector. Local users can consume all of LOWMEM and decrease system performance by overloading the system with inflight sockets.\n\n * [CVE-2010-4258](<https://security-tracker.debian.org/tracker/CVE-2010-4258>)\n\nNelson Elhage reported an issue in Linux oops handling. Local users may be able to obtain elevated privileges if they are able to trigger an oops with a process' fs set to KERNEL_DS.\n\n * [CVE-2010-4342](<https://security-tracker.debian.org/tracker/CVE-2010-4342>)\n\nNelson Elhage reported an issue in the Econet protocol. Remote attackers can cause a denial of service by sending an Acorn Universal Networking packet over UDP.\n\n * [CVE-2010-4346](<https://security-tracker.debian.org/tracker/CVE-2010-4346>)\n\nTavis Ormandy discovered an issue in the install_special_mapping routine which allows local users to bypass the mmap_min_addr security restriction. Combined with an otherwise low severity local denial of service vulnerability (NULL pointer dereference), a local user could obtain elevated privileges.\n\n * [CVE-2010-4526](<https://security-tracker.debian.org/tracker/CVE-2010-4526>)\n\nEugene Teo reported a race condition in the Linux SCTP implementation. Remote users can cause a denial of service (kernel memory corruption) by transmitting an ICMP unreachable message to a locked socket.\n\n * [CVE-2010-4527](<https://security-tracker.debian.org/tracker/CVE-2010-4527>)\n\nDan Rosenberg reported two issues in the OSS soundcard driver. Local users with access to the device (members of group 'audio' on default Debian installations) may access to sensitive kernel memory or cause a buffer overflow, potentially leading to an escalation of privileges.\n\n * [CVE-2010-4529](<https://security-tracker.debian.org/tracker/CVE-2010-4529>)\n\nDan Rosenberg reported an issue in the Linux kernel IrDA socket implementation on non-x86 architectures. Local users may be able to gain access to sensitive kernel memory via a specially crafted IRLMP_ENUMDEVICES getsockopt call.\n\n * [CVE-2010-4565](<https://security-tracker.debian.org/tracker/CVE-2010-4565>)\n\nDan Rosenberg reported an issue in the Linux CAN protocol implementation. Local users can obtain the address of a kernel heap object which might help facilitate system exploitation.\n\n * [CVE-2010-4649](<https://security-tracker.debian.org/tracker/CVE-2010-4649>)\n\nDan Carpenter reported an issue in the uverb handling of the InfiniBand subsystem. A potential buffer overflow may allow local users to cause a denial of service (memory corruption) by passing in a large cmd.ne value.\n\n * [CVE-2010-4656](<https://security-tracker.debian.org/tracker/CVE-2010-4656>)\n\nKees Cook reported an issue in the driver for I/O-Warrior USB devices. Local users with access to these devices may be able to overrun kernel buffers, resulting in a denial of service or privilege escalation.\n\n * [CVE-2010-4668](<https://security-tracker.debian.org/tracker/CVE-2010-4668>)\n\nDan Rosenberg reported an issue in the block subsystem. A local user can cause a denial of service (kernel panic) by submitting certain 0-length I/O requests.\n\n * [CVE-2011-0521](<https://security-tracker.debian.org/tracker/CVE-2011-0521>)\n\nDan Carpenter reported an issue in the DVB driver for AV7110 cards. Local users can pass a negative info->num value, corrupting kernel memory and causing a denial of service.\n\nFor the stable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny2.\n\nThe following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:\n\n| Debian 5.0 (lenny) \n---|--- \nuser-mode-linux | 2.6.26-1um-2+26lenny2 \n \nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nNote that these updates will not become active until after your system is rebooted.", "published": "2011-01-30T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2153", "cvelist": ["CVE-2010-4242", "CVE-2011-0521", "CVE-2010-4163", "CVE-2010-4529", "CVE-2010-4668", "CVE-2010-4346", "CVE-2010-4527", "CVE-2010-4649", "CVE-2010-0435", "CVE-2010-4656", "CVE-2010-4158", "CVE-2010-4526", "CVE-2010-4162", "CVE-2010-4258", "CVE-2010-4248", "CVE-2010-4243", "CVE-2010-4249", "CVE-2010-4342", "CVE-2010-3699", "CVE-2010-4565"], "lastseen": "2016-09-02T18:26:46"}, {"id": "DSA-2126", "type": "debian", "title": "linux-2.6 -- privilege escalation/denial of service/information leak", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2010-2963](<https://security-tracker.debian.org/tracker/CVE-2010-2963>)\n\nKees Cook discovered an issue in the v4l 32-bit compatibility layer for 64-bit systems that allows local users with /dev/video write permission to overwrite arbitrary kernel memory, potentially leading to a privilege escalation. On Debian systems, access to /dev/video devices is restricted to members of the 'video' group by default.\n\n * [CVE-2010-3067](<https://security-tracker.debian.org/tracker/CVE-2010-3067>)\n\nTavis Ormandy discovered an issue in the io_submit system call. Local users can cause an integer overflow resulting in a denial of service.\n\n * [CVE-2010-3296](<https://security-tracker.debian.org/tracker/CVE-2010-3296>)\n\nDan Rosenberg discovered an issue in the cxgb network driver that allows unprivileged users to obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-3297](<https://security-tracker.debian.org/tracker/CVE-2010-3297>)\n\nDan Rosenberg discovered an issue in the eql network driver that allows local users to obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-3310](<https://security-tracker.debian.org/tracker/CVE-2010-3310>)\n\nDan Rosenberg discovered an issue in the ROSE socket implementation. On systems with a rose device, local users can cause a denial of service (kernel memory corruption).\n\n * [CVE-2010-3432](<https://security-tracker.debian.org/tracker/CVE-2010-3432>)\n\nThomas Dreibholz discovered an issue in the SCTP protocol that permits a remote user to cause a denial of service (kernel panic).\n\n * [CVE-2010-3437](<https://security-tracker.debian.org/tracker/CVE-2010-3437>)\n\nDan Rosenberg discovered an issue in the pktcdvd driver. Local users with permission to open /dev/pktcdvd/control can obtain the contents of sensitive kernel memory or cause a denial of service. By default on Debian systems, this access is restricted to members of the group 'cdrom'.\n\n * [CVE-2010-3442](<https://security-tracker.debian.org/tracker/CVE-2010-3442>)\n\nDan Rosenberg discovered an issue in the ALSA sound system. Local users with permission to open /dev/snd/controlC0 can create an integer overflow condition that causes a denial of service. By default on Debian systems, this access is restricted to members of the group 'audio'.\n\n * [CVE-2010-3448](<https://security-tracker.debian.org/tracker/CVE-2010-3448>)\n\nDan Jacobson reported an issue in the thinkpad-acpi driver. On certain Thinkpad systems, local users can cause a denial of service (X.org crash) by reading /proc/acpi/ibm/video.\n\n * [CVE-2010-3477](<https://security-tracker.debian.org/tracker/CVE-2010-3477>)\n\nJeff Mahoney discovered an issue in the Traffic Policing (act_police) module that allows local users to obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-3705](<https://security-tracker.debian.org/tracker/CVE-2010-3705>)\n\nDan Rosenberg reported an issue in the HMAC processing code in the SCTP protocol that allows remote users to create a denial of service (memory corruption).\n\n * [CVE-2010-3848](<https://security-tracker.debian.org/tracker/CVE-2010-3848>)\n\nNelson Elhage discovered an issue in the Econet protocol. Local users can cause a stack overflow condition with large msg->msgiovlen values that can result in a denial of service or privilege escalation.\n\n * [CVE-2010-3849](<https://security-tracker.debian.org/tracker/CVE-2010-3849>)\n\nNelson Elhage discovered an issue in the Econet protocol. Local users can cause a denial of service (oops) if a NULL remote addr value is passed as a parameter to sendmsg().\n\n * [CVE-2010-3850](<https://security-tracker.debian.org/tracker/CVE-2010-3850>)\n\nNelson Elhage discovered an issue in the Econet protocol. Local users can assign econet addresses to arbitrary interfaces due to a missing capabilities check.\n\n * [CVE-2010-3858](<https://security-tracker.debian.org/tracker/CVE-2010-3858>)\n\nBrad Spengler reported an issue in the setup_arg_pages() function. Due to a bounds-checking failure, local users can create a denial of service (kernel oops).\n\n * [CVE-2010-3859](<https://security-tracker.debian.org/tracker/CVE-2010-3859>)\n\nDan Rosenberg reported an issue in the TIPC protocol. When the tipc module is loaded, local users can gain elevated privileges via the sendmsg() system call.\n\n * [CVE-2010-3873](<https://security-tracker.debian.org/tracker/CVE-2010-3873>)\n\nDan Rosenberg reported an issue in the X.25 network protocol. Local users can cause heap corruption, resulting in a denial of service (kernel panic).\n\n * [CVE-2010-3874](<https://security-tracker.debian.org/tracker/CVE-2010-3874>)\n\nDan Rosenberg discovered an issue in the Control Area Network (CAN) subsystem on 64-bit systems. Local users may be able to cause a denial of service (heap corruption).\n\n * [CVE-2010-3875](<https://security-tracker.debian.org/tracker/CVE-2010-3875>)\n\nVasiliy Kulikov discovered an issue in the AX.25 protocol. Local users can obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-3876](<https://security-tracker.debian.org/tracker/CVE-2010-3876>)\n\nVasiliy Kulikov discovered an issue in the Packet protocol. Local users can obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-3877](<https://security-tracker.debian.org/tracker/CVE-2010-3877>)\n\nVasiliy Kulikov discovered an issue in the TIPC protocol. Local users can obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-3880](<https://security-tracker.debian.org/tracker/CVE-2010-3880>)\n\nNelson Elhage discovered an issue in the INET_DIAG subsystem. Local users can cause the kernel to execute unaudited INET_DIAG bytecode, resulting in a denial of service.\n\n * [CVE-2010-4072](<https://security-tracker.debian.org/tracker/CVE-2010-4072>)\n\nKees Cook discovered an issue in the System V shared memory subsystem. Local users can obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-4073](<https://security-tracker.debian.org/tracker/CVE-2010-4073>)\n\nDan Rosenberg discovered an issue in the System V shared memory subsystem. Local users on 64-bit system can obtain the contents of sensitive kernel memory via the 32-bit compatible semctl() system call.\n\n * [CVE-2010-4074](<https://security-tracker.debian.org/tracker/CVE-2010-4074>)\n\nDan Rosenberg reported issues in the mos7720 and mos7840 drivers for USB serial converter devices. Local users with access to these devices can obtain the contents of sensitive kernel memory.\n\n * [CVE-2010-4078](<https://security-tracker.debian.org/tracker/CVE-2010-4078>)\n\nDan Rosenberg reported an issue in the framebuffer driver for SiS graphics chipsets (sisfb). Local users with access to the framebuffer device can obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.\n\n * [CVE-2010-4079](<https://security-tracker.debian.org/tracker/CVE-2010-4079>)\n\nDan Rosenberg reported an issue in the ivtvfb driver used for the Hauppauge PVR-350 card. Local users with access to the framebuffer device can obtain the contents of sensitive kernel memory via the FBIOGET_VBLANK ioctl.\n\n * [CVE-2010-4080](<https://security-tracker.debian.org/tracker/CVE-2010-4080>)\n\nDan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP audio devices. Local users with access to the audio device can obtain the contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.\n\n * [CVE-2010-4081](<https://security-tracker.debian.org/tracker/CVE-2010-4081>)\n\nDan Rosenberg discovered an issue in the ALSA driver for RME Hammerfall DSP MADI audio devices. Local users with access to the audio device can obtain the contents of sensitive kernel memory via the SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl.\n\n * [CVE-2010-4083](<https://security-tracker.debian.org/tracker/CVE-2010-4083>)\n\nDan Rosenberg discovered an issue in the semctl system call. Local users can obtain the contents of sensitive kernel memory through usage of the semid_ds structure.\n\n * [CVE-2010-4164](<https://security-tracker.debian.org/tracker/CVE-2010-4164>)\n\nDan Rosenberg discovered an issue in the X.25 network protocol. Remote users can achieve a denial of service (infinite loop) by taking advantage of an integer underflow in the facility parsing code.\n\nFor the stable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny1.\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nThe following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:\n\n| Debian 5.0 (lenny) \n---|--- \nuser-mode-linux | 2.6.26-1um-2+26lenny1", "published": "2010-11-26T00:00:00", "cvss": {"score": 8.3, "vector": "AV:ADJACENT_NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2126", "cvelist": ["CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-3437", "CVE-2010-4074", "CVE-2010-4083", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-4080", "CVE-2010-3310", "CVE-2010-2963", "CVE-2010-3877", "CVE-2010-3875", "CVE-2010-3876", "CVE-2010-3296", "CVE-2010-3850", "CVE-2010-3442", "CVE-2010-3705", "CVE-2010-3848", "CVE-2010-4079", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-4164", "CVE-2010-3873", "CVE-2010-3448", "CVE-2010-3432", "CVE-2010-4078", "CVE-2010-3849"], "lastseen": "2016-09-02T18:23:27"}, {"id": "DSA-2264", "type": "debian", "title": "linux-2.6 -- privilege escalation/denial of service/information leak", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems:\n\n * [CVE-2010-2524](<https://security-tracker.debian.org/tracker/CVE-2010-2524>)\n\nDavid Howells reported an issue in the Common Internet File System (CIFS). Local users could cause arbitrary CIFS shares to be mounted by introducing malicious redirects.\n\n * [CVE-2010-3875](<https://security-tracker.debian.org/tracker/CVE-2010-3875>)\n\nVasiliy Kulikov discovered an issue in the Linux implementation of the Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to sensitive kernel memory.\n\n * [CVE-2010-4075](<https://security-tracker.debian.org/tracker/CVE-2010-4075>)\n\nDan Rosenberg reported an issue in the tty layer that may allow local users to obtain access to sensitive kernel memory.\n\n * [CVE-2010-4655](<https://security-tracker.debian.org/tracker/CVE-2010-4655>)\n\nKees Cook discovered several issues in the ethtool interface which may allow local users with the CAP_NET_ADMIN capability to obtain access to sensitive kernel memory.\n\n * [CVE-2011-0695](<https://security-tracker.debian.org/tracker/CVE-2011-0695>)\n\nJens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can exploit a race condition to cause a denial of service (kernel panic).\n\n * [CVE-2011-0710](<https://security-tracker.debian.org/tracker/CVE-2011-0710>)\n\nAl Viro reported an issue in the /proc/<pid>/status interface on the s390 architecture. Local users could gain access to sensitive memory in processes they do not own via the task_show_regs entry.\n\n * [CVE-2011-0711](<https://security-tracker.debian.org/tracker/CVE-2011-0711>)\n\nDan Rosenberg reported an issue in the XFS filesystem. Local users may obtain access to sensitive kernel memory.\n\n * [CVE-2011-0726](<https://security-tracker.debian.org/tracker/CVE-2011-0726>)\n\nKees Cook reported an issue in the /proc/<pid>/stat implementation. Local users could learn the text location of a process, defeating protections provided by address space layout randomization (ASLR).\n\n * [CVE-2011-1010](<https://security-tracker.debian.org/tracker/CVE-2011-1010>)\n\nTimo Warns reported an issue in the Linux support for Mac partition tables. Local users with physical access could cause a denial of service (panic) by adding a storage device with a malicious map_count value.\n\n * [CVE-2011-1012](<https://security-tracker.debian.org/tracker/CVE-2011-1012>)\n\nTimo Warns reported an issue in the Linux support for LDM partition tables. Local users with physical access could cause a denial of service (Oops) by adding a storage device with an invalid VBLK value in the VMDB structure.\n\n * [CVE-2011-1017](<https://security-tracker.debian.org/tracker/CVE-2011-1017>)\n\nTimo Warns reported an issue in the Linux support for LDM partition tables. Users with physical access can gain access to sensitive kernel memory or gain elevated privileges by adding a storage device with a specially crafted LDM partition.\n\n * [CVE-2011-1078](<https://security-tracker.debian.org/tracker/CVE-2011-1078>)\n\nVasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users can obtain access to sensitive kernel memory.\n\n * [CVE-2011-1079](<https://security-tracker.debian.org/tracker/CVE-2011-1079>)\n\nVasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users with the CAP_NET_ADMIN capability can cause a denial of service (kernel Oops).\n\n * [CVE-2011-1080](<https://security-tracker.debian.org/tracker/CVE-2011-1080>)\n\nVasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users can obtain access to sensitive kernel memory.\n\n * [CVE-2011-1090](<https://security-tracker.debian.org/tracker/CVE-2011-1090>)\n\nNeil Horman discovered a memory leak in the setacl() call on NFSv4 filesystems. Local users can exploit this to cause a denial of service (Oops).\n\n * [CVE-2011-1093](<https://security-tracker.debian.org/tracker/CVE-2011-1093>)\n\nJohan Hovold reported an issue in the Datagram Congestion Control Protocol (DCCP) implementation. Remote users could cause a denial of service by sending data after closing a socket.\n\n * [CVE-2011-1160](<https://security-tracker.debian.org/tracker/CVE-2011-1160>)\n\nPeter Huewe reported an issue in the Linux kernel's support for TPM security chips. Local users with permission to open the device can gain access to sensitive kernel memory.\n\n * [CVE-2011-1163](<https://security-tracker.debian.org/tracker/CVE-2011-1163>)\n\nTimo Warns reported an issue in the kernel support for Alpha OSF format disk partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted OSF partition.\n\n * [CVE-2011-1170](<https://security-tracker.debian.org/tracker/CVE-2011-1170>)\n\nVasiliy Kulikov reported an issue in the Netfilter arp table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory.\n\n * [CVE-2011-1171](<https://security-tracker.debian.org/tracker/CVE-2011-1171>)\n\nVasiliy Kulikov reported an issue in the Netfilter IP table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory.\n\n * [CVE-2011-1172](<https://security-tracker.debian.org/tracker/CVE-2011-1172>)\n\nVasiliy Kulikov reported an issue in the Netfilter IP6 table implementation. Local users with the CAP_NET_ADMIN capability can gain access to sensitive kernel memory.\n\n * [CVE-2011-1173](<https://security-tracker.debian.org/tracker/CVE-2011-1173>)\n\nVasiliy Kulikov reported an issue in the Acorn Econet protocol implementation. Local users can obtain access to sensitive kernel memory on systems that use this rare hardware.\n\n * [CVE-2011-1180](<https://security-tracker.debian.org/tracker/CVE-2011-1180>)\n\nDan Rosenberg reported a buffer overflow in the Information Access Service of the IrDA protocol, used for Infrared devices. Remote attackers within IR device range can cause a denial of service or possibly gain elevated privileges.\n\n * [CVE-2011-1182](<https://security-tracker.debian.org/tracker/CVE-2011-1182>)\n\nJulien Tinnes reported an issue in the rt_sigqueueinfo interface. Local users can generate signals with falsified source pid and uid information.\n\n * [CVE-2011-1477](<https://security-tracker.debian.org/tracker/CVE-2011-1477>)\n\nDan Rosenberg reported issues in the Open Sound System driver for cards that include a Yamaha FM synthesizer chip. Local users can cause memory corruption resulting in a denial of service. This issue does not affect official Debian Linux image packages as they no longer provide support for OSS. However, custom kernels built from Debians linux-source-2.6.26 may have enabled this configuration and would therefore be vulnerable.\n\n * [CVE-2011-1493](<https://security-tracker.debian.org/tracker/CVE-2011-1493>)\n\nDan Rosenburg reported two issues in the Linux implementation of the Amateur Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of service by providing specially crafted facilities fields.\n\n * [CVE-2011-1577](<https://security-tracker.debian.org/tracker/CVE-2011-1577>)\n\nTimo Warns reported an issue in the Linux support for GPT partition tables. Local users with physical access could cause a denial of service (Oops) by adding a storage device with a malicious partition table header.\n\n * [CVE-2011-1593](<https://security-tracker.debian.org/tracker/CVE-2011-1593>)\n\nRobert Swiecki reported a signednes issue in the next_pidmap() function, which can be exploited my local users to cause a denial of service.\n\n * [CVE-2011-1598](<https://security-tracker.debian.org/tracker/CVE-2011-1598>)\n\nDave Jones reported an issue in the Broadcast Manager Controller Area Network (CAN/BCM) protocol that may allow local users to cause a NULL pointer dereference, resulting in a denial of service.\n\n * [CVE-2011-1745](<https://security-tracker.debian.org/tracker/CVE-2011-1745>)\n\nVasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian installations, this is exploitable only by users in the video group.\n\n * [CVE-2011-1746](<https://security-tracker.debian.org/tracker/CVE-2011-1746>)\n\nVasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the agp_allocate_memory and agp_create_user_memory. On default Debian installations, this is exploitable only by users in the video group.\n\n * [CVE-2011-1748](<https://security-tracker.debian.org/tracker/CVE-2011-1748>)\n\nOliver Kartkopp reported an issue in the Controller Area Network (CAN) raw socket implementation which permits ocal users to cause a NULL pointer dereference, resulting in a denial of service.\n\n * [CVE-2011-1759](<https://security-tracker.debian.org/tracker/CVE-2011-1759>)\n\nDan Rosenberg reported an issue in the support for executing old ABI binaries on ARM processors. Local users can obtain elevated privileges due to insufficient bounds checking in the semtimedop system call.\n\n * [CVE-2011-1767](<https://security-tracker.debian.org/tracker/CVE-2011-1767>)\n\nAlexecy Dobriyan reported an issue in the GRE over IP implementation. Remote users can cause a denial of service by sending a packet during module initialization.\n\n * [CVE-2011-1768](<https://security-tracker.debian.org/tracker/CVE-2011-1768>)\n\nAlexecy Dobriyan reported an issue in the IP tunnels implementation. Remote users can cause a denial of service by sending a packet during module initialization.\n\n * [CVE-2011-1776](<https://security-tracker.debian.org/tracker/CVE-2011-1776>)\n\nTimo Warns reported an issue in the Linux implementation for GUID partitions. Users with physical access can gain access to sensitive kernel memory by adding a storage device with a specially crafted corrupted invalid partition table.\n\n * [CVE-2011-2022](<https://security-tracker.debian.org/tracker/CVE-2011-2022>)\n\nVasiliy Kulikov reported an issue in the Linux support for AGP devices. Local users can obtain elevated privileges or cause a denial of service due to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian installations, this is exploitable only by users in the video group.\n\n * [CVE-2011-2182](<https://security-tracker.debian.org/tracker/CVE-2011-2182>)\n\nBen Hutchings reported an issue with the fix for [CVE-2011-1017](<https://security-tracker.debian.org/tracker/CVE-2011-1017>) (see above) that made it insufficient to resolve the issue.\n\nFor the oldstable distribution (lenny), this problem has been fixed in version 2.6.26-26lenny3. Updates for arm and hppa are not yet available, but will be released as soon as possible.\n\nThe following matrix lists additional source packages that were rebuilt for compatibility with or to take advantage of this update:\n\n| Debian 5.0 (lenny) \n---|--- \nuser-mode-linux | 2.6.26-1um-2+26lenny3 \n \nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages. These updates will not become active until after your system is rebooted.\n\nNote: Debian carefully tracks all known security issues across every Linux kernel package in all releases under active security support. However, given the high frequency at which low-severity security issues are discovered in the kernel and the resource requirements of doing an update, updates for lower priority issues will normally not be released for all kernels at the same time. Rather, they will be released in a staggered or leap-frog fashion.", "published": "2011-06-18T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://www.debian.org/security/dsa-2264", "cvelist": ["CVE-2011-1017", "CVE-2011-1768", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-1776", "CVE-2011-1767", "CVE-2011-1012", "CVE-2011-1598", "CVE-2010-3875", "CVE-2011-1173", "CVE-2010-2524", "CVE-2011-1759", "CVE-2011-2182", "CVE-2011-0711", "CVE-2011-0710", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-1079", "CVE-2011-1163", "CVE-2011-1093", "CVE-2011-1010", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-1493", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2011-1080", "CVE-2010-4075", "CVE-2010-4655", "CVE-2011-1577"], "lastseen": "2016-09-02T18:30:59"}], "packetstorm": [{"id": "PACKETSTORM:105078", "type": "packetstorm", "title": "Ubuntu Security Notice USN-1202-1", "description": "", "published": "2011-09-14T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://packetstormsecurity.com/files/105078/Ubuntu-Security-Notice-USN-1202-1.html", "cvelist": ["CVE-2010-4242", "CVE-2011-1017", "CVE-2011-0521", "CVE-2010-4163", "CVE-2011-2918", "CVE-2010-4081", "CVE-2010-3297", "CVE-2010-4073", "CVE-2010-4668", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2010-4083", "CVE-2011-1078", "CVE-2010-4082", "CVE-2011-1494", "CVE-2010-4649", "CVE-2011-1478", "CVE-2010-3859", "CVE-2011-1012", "CVE-2011-1598", "CVE-2011-2492", "CVE-2010-4080", "CVE-2010-4169", "CVE-2011-1173", "CVE-2010-4656", "CVE-2011-2699", "CVE-2010-3296", "CVE-2011-0463", "CVE-2011-2484", "CVE-2011-0711", "CVE-2010-4162", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-1079", "CVE-2011-1044", "CVE-2011-1770", "CVE-2011-0712", "CVE-2011-1019", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-1169", "CVE-2011-1013", "CVE-2011-1833", "CVE-2010-3880", "CVE-2010-3874", "CVE-2010-4157", "CVE-2010-4160", "CVE-2011-1093", "CVE-2011-1010", "CVE-2011-1020", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2010-3858", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1082", "CVE-2011-1493", "CVE-2010-4256", "CVE-2011-2534", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-4565", "CVE-2010-4175", "CVE-2011-1080", "CVE-2010-4077", "CVE-2010-4075", "CVE-2010-4655", "CVE-2011-1577", "CVE-2010-4076"], "lastseen": "2016-12-05T22:16:15"}], "vmware": [{"id": "VMSA-2011-0012", "type": "vmware", "title": "VMware ESX third party updates for Service Console packages glibc and dhcp", "description": "a. ESX third party update for Service Console kernel \nThis update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues. \nThe Common Vulnerabilities and Exposures project ( [cve.mitre.org](<http://cve.mitre.org/>)) has assigned the names CVE-2010-1083, CVE-2010-2492, CVE-2010-2798, CVE-2010-2938, CVE-2010-2942, CVE-2010-2943, CVE-2010-3015, CVE-2010-3066, CVE-2010-3067, CVE-2010-3078, CVE-2010-3086, CVE-2010-3296, CVE-2010-3432, CVE-2010-3442, CVE-2010-3477, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3904, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4158, CVE-2010-4161, CVE-2010-4238, CVE-2010-4242, CVE-2010-4243, CVE-2010-4247, CVE-2010-4248, CVE-2010-4249, CVE-2010-4251, CVE-2010-4255, CVE-2010-4263, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4655, CVE-2011-0521, CVE-2011-0710, CVE-2011-1010, CVE-2011-1090 and CVE-2011-1478 to these issues. \nColumn 4 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available. \n\n", "published": "2011-10-12T00:00:00", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "https://www.vmware.com/security/advisories/VMSA-2011-0012.html", "cvelist": ["CVE-2010-4242", "CVE-2010-2942", "CVE-2011-0521", "CVE-2010-3904", "CVE-2010-3078", "CVE-2010-4081", "CVE-2010-3865", "CVE-2010-4073", "CVE-2010-4072", "CVE-2010-4346", "CVE-2011-1658", "CVE-2010-2492", "CVE-2010-4083", "CVE-2010-2943", "CVE-2011-1494", "CVE-2010-0296", "CVE-2011-1478", "CVE-2010-3859", "CVE-2010-3477", "CVE-2010-3086", "CVE-2010-4251", "CVE-2010-4080", "CVE-2010-4343", "CVE-2010-3877", "CVE-2010-4158", "CVE-2010-3876", "CVE-2011-1659", "CVE-2010-3296", "CVE-2010-4526", "CVE-2010-3015", "CVE-2011-0710", "CVE-2011-0281", "CVE-2010-2938", "CVE-2010-4247", "CVE-2010-4263", "CVE-2010-3442", "CVE-2010-4248", "CVE-2011-1495", "CVE-2010-4243", "CVE-2010-3066", "CVE-2011-1071", "CVE-2010-3880", "CVE-2010-1083", "CVE-2010-4249", "CVE-2010-4157", "CVE-2010-4161", "CVE-2011-1010", "CVE-2010-3858", "CVE-2010-3067", "CVE-2010-3699", "CVE-2010-4238", "CVE-2011-0282", "CVE-2011-1095", "CVE-2010-4255", "CVE-2010-2798", "CVE-2010-3432", "CVE-2011-1090", "CVE-2011-0536", "CVE-2010-1323", "CVE-2010-4075", "CVE-2010-4655"], "lastseen": "2016-09-04T11:19:32"}], "exploitdb": [{"id": "EDB-ID:15155", "type": "exploitdb", "title": "XFS Deleted Inode Local Information Disclosure Vulnerability", "description": "XFS Deleted Inode Local Information Disclosure Vulnerability. CVE-2010-2943. Local exploit for linux platform", "published": "2010-09-29T00:00:00", "cvss": {"score": 7.9, "vector": "AV:NETWORK/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:NONE/"}, "href": "https://www.exploit-db.com/exploits/15155/", "cvelist": ["CVE-2010-2943"], "lastseen": "2016-02-01T21:14:16"}, {"id": "EDB-ID:15619", "type": "exploitdb", "title": "Linux Kernel 'setup_arg_pages' Denial of Service Vulnerability", "description": "Linux Kernel 'setup_arg_pages()' Denial of Service Vulnerability. CVE-2010-3858,CVE-2010-4243. Dos exploit for linux platform", "published": "2010-11-26T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/15619/", "cvelist": ["CVE-2010-4243", "CVE-2010-3858"], "lastseen": "2016-02-01T22:11:35"}, {"id": "EDB-ID:15023", "type": "exploitdb", "title": "Linux Kernel < 2.6.36-rc4-git2 - x86_64 ia32syscall Emulation Privilege Escalation", "description": "x86_64 Linux Kernel ia32syscall Emulation Privilege Escalation. CVE-2010-3301. Local exploit for linux platform", "published": "2010-09-16T00:00:00", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.exploit-db.com/exploits/15023/", "cvelist": ["CVE-2010-3301"], "lastseen": "2016-02-01T20:58:56"}], "slackware": [{"id": "SSA-2010-265-01", "type": "slackware", "title": "64-bit kernel", "description": "New kernel packages are available for Slackware x86_64 13.1, and -current to\nfix security issues.\n\n\nHere are the details from the Slackware64 13.1 ChangeLog:\n\npatches/packages/linux-2.6.33.4-2/kernel-firmware-2.6.33.4-noarch-2.txz: Rebuilt.\npatches/packages/linux-2.6.33.4-2/kernel-generic-2.6.33.4-x86_64-2.txz: Rebuilt.\n This kernel has been patched to fix security problems on x86_64:\n 64-bit Compatibility Mode Stack Pointer Underflow (CVE-2010-3081).\n IA32 System Call Entry Point Vulnerability (CVE-2010-3301).\n These vulnerabilities allow local users to gain root privileges.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3081\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3301\n (* Security fix *)\npatches/packages/linux-2.6.33.4-2/kernel-headers-2.6.33.4-x86-2.txz: Rebuilt.\npatches/packages/linux-2.6.33.4-2/kernel-huge-2.6.33.4-x86_64-2.txz: Rebuilt.\n Patched for CVE-2010-3081 and CVE-2010-3301.\n (* Security fix *)\npatches/packages/linux-2.6.33.4-2/kernel-modules-2.6.33.4-x86_64-2.txz: Rebuilt.\npatches/packages/linux-2.6.33.4-2/kernel-source-2.6.33.4-noarch-2.txz: Rebuilt.\n Patched for CVE-2010-3081 and CVE-2010-3301.\n (* Security fix *)\npatches/packages/linux-2.6.33.4-2/kernels/*: Rebuilt.\n Patched for CVE-2010-3081 and CVE-2010-3301.\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated packages for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/linux-2.6.33.4-2/\n\nUpdated packages for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-firmware-2.6.33.4-noarch-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-generic-2.6.33.4-x86_64-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-huge-2.6.33.4-x86_64-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/a/kernel-modules-2.6.33.4-x86_64-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/kernel-headers-2.6.33.4-x86-2.txz\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/k/kernel-source-2.6.33.4-noarch-2.txz\n\n\nMD5 signatures:\n\nSlackware x86_64 13.1 packages:\n3acafe92c2cb76b96d4d92cd0f49bb2e patches/packages/linux-2.6.33.4-2/kernel-firmware-2.6.33.4-noarch-2.txz\n7707cbdfb25b7ef9ece74d594e61933d patches/packages/linux-2.6.33.4-2/kernel-generic-2.6.33.4-x86_64-2.txz\n983269e0d2f825f4d5737f705bdc2998 patches/packages/linux-2.6.33.4-2/kernel-headers-2.6.33.4-x86-2.txz\n0eeb83c2362db0703753ee7bb9955edc patches/packages/linux-2.6.33.4-2/kernel-huge-2.6.33.4-x86_64-2.txz\n3b00e0e1f7a5b935ca519e09ecf79f4a patches/packages/linux-2.6.33.4-2/kernel-modules-2.6.33.4-x86_64-2.txz\n17f2f30749d4bcd55353f8c92f732104 patches/packages/linux-2.6.33.4-2/kernel-source-2.6.33.4-noarch-2.txz\n\nSlackware x86_64 -current packages:\n3acafe92c2cb76b96d4d92cd0f49bb2e a/kernel-firmware-2.6.33.4-noarch-2.txz\n7707cbdfb25b7ef9ece74d594e61933d a/kernel-generic-2.6.33.4-x86_64-2.txz\n0eeb83c2362db0703753ee7bb9955edc a/kernel-huge-2.6.33.4-x86_64-2.txz\n3b00e0e1f7a5b935ca519e09ecf79f4a a/kernel-modules-2.6.33.4-x86_64-2.txz\n983269e0d2f825f4d5737f705bdc2998 d/kernel-headers-2.6.33.4-x86-2.txz\n17f2f30749d4bcd55353f8c92f732104 k/kernel-source-2.6.33.4-noarch-2.txz\n\n\nInstallation instructions:\n\nUpgrade the packages as root:\n > upgradepkg kernel-*txz\n\nThen, make sure that LILO is configured to be using the correct kernel\nfile, and reinstall LILO (run "lilo" as root).\n\n\nNOTE FOR SPEAKUP:\nIf you are using a Speakup kernel, you will need to copy the bzImage file from\nthe kernels/speakup.s/ directory to your /boot directory. Rename bzImage to\nwhatever filename LILO expects in /etc/lilo. Then, run "lilo".", "published": "2010-09-22T13:27:24", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.548585", "cvelist": ["CVE-2010-3081", "CVE-2010-3301"], "lastseen": "2018-02-02T18:11:39"}]}}