Ubuntu 12.04 LTS : linux vulnerabilities (USN-1473-1)
2012-06-14T00:00:00
ID UBUNTU_USN-1473-1.NASL Type nessus Reporter Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. Modified 2021-01-02T00:00:00
Description
A flaw was discovered in the Linux kernel's KVM (kernel virtual
machine). An administrative user in the guest OS could leverage this
flaw to cause a denial of service in the host OS. (CVE-2012-2121)
Schacher Raindel discovered a flaw in the Linux kernel's memory
handling when hugetlb is enabled. An unprivileged local attacker could
exploit this flaw to cause a denial of service and potentially gain
higher privileges. (CVE-2012-2133)
Stephan Mueller reported a flaw in the Linux kernel's dl2k network
driver's handling of ioctls. An unprivileged local user could leverage
this flaw to cause a denial of service. (CVE-2012-2313)
Timo Warns reported multiple flaws in the Linux kernel's hfsplus
filesystem. An unprivileged local user could exploit these flaws to
gain root system priviliges. (CVE-2012-2319)
Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver
handling of cliprect on 32 bit systems. An unprivileged local attacker
could leverage this flaw to cause a denial of service or potentially
gain root privileges. (CVE-2012-2383)
Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver
handling of buffer_count on 32 bit systems. An unprivileged local
attacker could leverage this flaw to cause a denial of service or
potentially gain root privileges. (CVE-2012-2384).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1473-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(59495);
script_version("1.10");
script_cvs_date("Date: 2019/09/19 12:54:28");
script_cve_id("CVE-2012-2121", "CVE-2012-2133", "CVE-2012-2313", "CVE-2012-2319", "CVE-2012-2383", "CVE-2012-2384");
script_bugtraq_id(53162, 53233, 53401, 53965, 53971);
script_xref(name:"USN", value:"1473-1");
script_name(english:"Ubuntu 12.04 LTS : linux vulnerabilities (USN-1473-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"A flaw was discovered in the Linux kernel's KVM (kernel virtual
machine). An administrative user in the guest OS could leverage this
flaw to cause a denial of service in the host OS. (CVE-2012-2121)
Schacher Raindel discovered a flaw in the Linux kernel's memory
handling when hugetlb is enabled. An unprivileged local attacker could
exploit this flaw to cause a denial of service and potentially gain
higher privileges. (CVE-2012-2133)
Stephan Mueller reported a flaw in the Linux kernel's dl2k network
driver's handling of ioctls. An unprivileged local user could leverage
this flaw to cause a denial of service. (CVE-2012-2313)
Timo Warns reported multiple flaws in the Linux kernel's hfsplus
filesystem. An unprivileged local user could exploit these flaws to
gain root system priviliges. (CVE-2012-2319)
Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver
handling of cliprect on 32 bit systems. An unprivileged local attacker
could leverage this flaw to cause a denial of service or potentially
gain root privileges. (CVE-2012-2383)
Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver
handling of buffer_count on 32 bit systems. An unprivileged local
attacker could leverage this flaw to cause a denial of service or
potentially gain root privileges. (CVE-2012-2384).
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://usn.ubuntu.com/1473-1/"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:12.04:-:lts");
script_set_attribute(attribute:"vuln_publication_date", value:"2012/05/17");
script_set_attribute(attribute:"patch_publication_date", value:"2012/06/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/06/14");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl", "linux_alt_patch_detect.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("ksplice.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! preg(pattern:"^(12\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 12.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
if (get_one_kb_item("Host/ksplice/kernel-cves"))
{
rm_kb_item(name:"Host/uptrack-uname-r");
cve_list = make_list("CVE-2012-2121", "CVE-2012-2133", "CVE-2012-2313", "CVE-2012-2319", "CVE-2012-2383", "CVE-2012-2384");
if (ksplice_cves_check(cve_list))
{
audit(AUDIT_PATCH_INSTALLED, "KSplice hotfix for USN-1473-1");
}
else
{
_ubuntu_report = ksplice_reporting_text();
}
}
flag = 0;
if (ubuntu_check(osver:"12.04", pkgname:"linux-image-3.2.0-25-generic", pkgver:"3.2.0-25.40")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"linux-image-3.2.0-25-generic-pae", pkgver:"3.2.0-25.40")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"linux-image-3.2.0-25-highbank", pkgver:"3.2.0-25.40")) flag++;
if (ubuntu_check(osver:"12.04", pkgname:"linux-image-3.2.0-25-virtual", pkgver:"3.2.0-25.40")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-3.2-generic / linux-image-3.2-generic-pae / etc");
}
{"id": "UBUNTU_USN-1473-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-1473-1)", "description": "A flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker could\nexploit this flaw to cause a denial of service and potentially gain\nhigher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local attacker\ncould leverage this flaw to cause a denial of service or potentially\ngain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2012-06-14T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://www.tenable.com/plugins/nessus/59495", "reporter": "Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/1473-1/"], "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "type": "nessus", "lastseen": "2021-01-01T06:37:59", "edition": 26, "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "ubuntu", "idList": ["USN-1473-1", "USN-1493-1", "USN-1474-1", "USN-1491-1", "USN-1492-1", "USN-1490-1", "USN-1471-1", "USN-1488-1", "USN-1476-1", "USN-1472-1"]}, {"type": "openvas", "idList": ["OPENVAS:841044", "OPENVAS:841040", "OPENVAS:1361412562310841042", "OPENVAS:841050", "OPENVAS:1361412562310841038", "OPENVAS:1361412562310841044", "OPENVAS:1361412562310841040", "OPENVAS:841042", "OPENVAS:1361412562310841050", "OPENVAS:841038"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28266", "SECURITYVULNS:VULN:12462", "SECURITYVULNS:VULN:12376", "SECURITYVULNS:DOC:28264"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1490-1.NASL", "UBUNTU_USN-1492-1.NASL", "UBUNTU_USN-1471-1.NASL", "UBUNTU_USN-1491-1.NASL", "UBUNTU_USN-1476-1.NASL", "UBUNTU_USN-1493-1.NASL", "UBUNTU_USN-1474-1.NASL", "SUSE_11_KERNEL-120523.NASL", "UBUNTU_USN-1488-1.NASL", "UBUNTU_USN-1472-1.NASL"]}, {"type": "cve", "idList": ["CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2133", "CVE-2012-2121", "CVE-2012-2383", "CVE-2012-2319"]}, {"type": "suse", "idList": ["SUSE-SU-2012:0736-1", "SUSE-SU-2012:0689-1"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1174-1", "ELSA-2012-1304"]}, {"type": "amazon", "idList": ["ALAS-2012-133"]}, {"type": "centos", "idList": ["CESA-2012:1174", "CESA-2012:1304"]}, {"type": "redhat", "idList": ["RHSA-2012:1174", "RHSA-2012:1304", "RHSA-2012:1481"]}], "modified": "2021-01-01T06:37:59", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2021-01-01T06:37:59", "rev": 2}, "vulnersScore": 7.1}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1473-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59495);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_bugtraq_id(53162, 53233, 53401, 53965, 53971);\n script_xref(name:\"USN\", value:\"1473-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-1473-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker could\nexploit this flaw to cause a denial of service and potentially gain\nhigher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local attacker\ncould leverage this flaw to cause a denial of service or potentially\ngain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1473-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1473-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-25-generic\", pkgver:\"3.2.0-25.40\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-25-generic-pae\", pkgver:\"3.2.0-25.40\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-25-highbank\", pkgver:\"3.2.0-25.40\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-25-virtual\", pkgver:\"3.2.0-25.40\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "59495", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "scheme": null}
{"ubuntu": [{"lastseen": "2020-07-02T11:38:33", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). \nAn administrative user in the guest OS could leverage this flaw to cause a \ndenial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory handling \nwhen hugetlb is enabled. An unprivileged local attacker could exploit this \nflaw to cause a denial of service and potentially gain higher privileges. \n(CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of cliprect on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of buffer_count on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2384)", "edition": 5, "modified": "2012-06-13T00:00:00", "published": "2012-06-13T00:00:00", "id": "USN-1474-1", "href": "https://ubuntu.com/security/notices/USN-1474-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:38:04", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). \nAn administrative user in the guest OS could leverage this flaw to cause a \ndenial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory handling \nwhen hugetlb is enabled. An unprivileged local attacker could exploit this \nflaw to cause a denial of service and potentially gain higher privileges. \n(CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of cliprect on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of buffer_count on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2384)", "edition": 5, "modified": "2012-06-13T00:00:00", "published": "2012-06-13T00:00:00", "id": "USN-1473-1", "href": "https://ubuntu.com/security/notices/USN-1473-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:31:56", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. \nA remote NFS server (attacker) could exploit this flaw to cause a denial of \nservice. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual machine). \nAn administrative user in the guest OS could leverage this flaw to cause a \ndenial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory handling \nwhen hugetlb is enabled. An unprivileged local attacker could exploit this \nflaw to cause a denial of service and potentially gain higher privileges. \n(CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of cliprect on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of buffer_count on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2384)", "edition": 5, "modified": "2012-06-15T00:00:00", "published": "2012-06-15T00:00:00", "id": "USN-1476-1", "href": "https://ubuntu.com/security/notices/USN-1476-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:30:18", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. \nA remote NFS server (attacker) could exploit this flaw to cause a denial of \nservice. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual machine). \nAn administrative user in the guest OS could leverage this flaw to cause a \ndenial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory handling \nwhen hugetlb is enabled. An unprivileged local attacker could exploit this \nflaw to cause a denial of service and potentially gain higher privileges. \n(CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of cliprect on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of buffer_count on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2384)", "edition": 5, "modified": "2012-06-12T00:00:00", "published": "2012-06-12T00:00:00", "id": "USN-1471-1", "href": "https://ubuntu.com/security/notices/USN-1471-1", "title": "Linux kernel (Oneiric backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:25:14", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. \nA remote NFS server (attacker) could exploit this flaw to cause a denial of \nservice. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual machine). \nAn administrative user in the guest OS could leverage this flaw to cause a \ndenial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory handling \nwhen hugetlb is enabled. An unprivileged local attacker could exploit this \nflaw to cause a denial of service and potentially gain higher privileges. \n(CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of cliprect on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver \nhandling of buffer_count on 32 bit systems. An unprivileged local attacker \ncould leverage this flaw to cause a denial of service or potentially gain \nroot privileges. (CVE-2012-2384)", "edition": 5, "modified": "2012-06-12T00:00:00", "published": "2012-06-12T00:00:00", "id": "USN-1472-1", "href": "https://ubuntu.com/security/notices/USN-1472-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:23:32", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2319", "CVE-2012-2313"], "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)", "edition": 5, "modified": "2012-06-29T00:00:00", "published": "2012-06-29T00:00:00", "id": "USN-1492-1", "href": "https://ubuntu.com/security/notices/USN-1492-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:25:48", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2319", "CVE-2012-2313"], "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)", "edition": 5, "modified": "2012-06-29T00:00:00", "published": "2012-06-29T00:00:00", "id": "USN-1491-1", "href": "https://ubuntu.com/security/notices/USN-1491-1", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:34:26", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2319", "CVE-2012-2313"], "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)", "edition": 5, "modified": "2012-06-29T00:00:00", "published": "2012-06-29T00:00:00", "id": "USN-1493-1", "href": "https://ubuntu.com/security/notices/USN-1493-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:35:20", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2375", "CVE-2012-2319", "CVE-2012-2313"], "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)\n\nA flaw was discovered in the Linux kernel's NFSv4 (Network file system) \nhandling of ACLs (access control lists). A remote NFS server (attacker) \ncould cause a denial of service (OOPS). (CVE-2012-2375)", "edition": 5, "modified": "2012-06-29T00:00:00", "published": "2012-06-29T00:00:00", "id": "USN-1490-1", "href": "https://ubuntu.com/security/notices/USN-1490-1", "title": "Linux kernel (Natty backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T01:39:20", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2375", "CVE-2012-2319", "CVE-2012-2313"], "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's \nhandling of ioctls. An unprivileged local user could leverage this flaw to \ncause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus \nfilesystem. An unprivileged local user could exploit these flaws to gain \nroot system priviliges. (CVE-2012-2319)\n\nA flaw was discovered in the Linux kernel's NFSv4 (Network file system) \nhandling of ACLs (access control lists). A remote NFS server (attacker) \ncould cause a denial of service (OOPS). (CVE-2012-2375)", "edition": 5, "modified": "2012-06-29T00:00:00", "published": "2012-06-29T00:00:00", "id": "USN-1488-1", "href": "https://ubuntu.com/security/notices/USN-1488-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-01T06:37:59", "description": "A flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker\ncould exploit this flaw to cause a denial of service and potentially\ngain higher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could\nleverage this flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384)", "edition": 24, "published": "2012-06-14T00:00:00", "title": "USN-1474-1 : linux-ti-omap4 vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux"], "id": "UBUNTU_USN-1474-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59496", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1474-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59496);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2016/12/01 20:56:51 $\");\n\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_xref(name:\"USN\", value:\"1474-1\");\n\n script_name(english:\"USN-1474-1 : linux-ti-omap4 vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"A flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker\ncould exploit this flaw to cause a denial of service and potentially\ngain higher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could\nleverage this flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1474-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/13\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/14\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-1414-omap4\", pkgver:\"3.2.0-1414.19\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:ubuntu_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:37:59", "description": "Andy Adamson discovered a flaw in the Linux kernel's NFSv4\nimplementation. A remote NFS server (attacker) could exploit this\nflaw to cause a denial of service. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker\ncould exploit this flaw to cause a denial of service and potentially\ngain higher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could\nleverage this flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384)", "edition": 24, "published": "2012-06-18T00:00:00", "title": "USN-1476-1 : linux-ti-omap4 vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux"], "id": "UBUNTU_USN-1476-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59553", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1476-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59553);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/12/01 20:56:51 $\");\n\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_xref(name:\"USN\", value:\"1476-1\");\n\n script_name(english:\"USN-1476-1 : linux-ti-omap4 vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"Andy Adamson discovered a flaw in the Linux kernel's NFSv4\nimplementation. A remote NFS server (attacker) could exploit this\nflaw to cause a denial of service. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker\ncould exploit this flaw to cause a denial of service and potentially\ngain higher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could\nleverage this flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1476-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/15\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/18\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-1211-omap4\", pkgver:\"3.0.0-1211.23\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:ubuntu_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:37:58", "description": "Andy Adamson discovered a flaw in the Linux kernel's NFSv4\nimplementation. A remote NFS server (attacker) could exploit this flaw\nto cause a denial of service. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker could\nexploit this flaw to cause a denial of service and potentially gain\nhigher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local attacker\ncould leverage this flaw to cause a denial of service or potentially\ngain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-06-13T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1471-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server"], "id": "UBUNTU_USN-1471-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59475", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1471-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59475);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_bugtraq_id(53401);\n script_xref(name:\"USN\", value:\"1471-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1471-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andy Adamson discovered a flaw in the Linux kernel's NFSv4\nimplementation. A remote NFS server (attacker) could exploit this flaw\nto cause a denial of service. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker could\nexploit this flaw to cause a denial of service and potentially gain\nhigher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local attacker\ncould leverage this flaw to cause a denial of service or potentially\ngain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1471-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1471-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-21-generic\", pkgver:\"3.0.0-21.35~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-21-generic-pae\", pkgver:\"3.0.0-21.35~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-21-server\", pkgver:\"3.0.0-21.35~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-21-virtual\", pkgver:\"3.0.0-21.35~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:37:59", "description": "Andy Adamson discovered a flaw in the Linux kernel's NFSv4\nimplementation. A remote NFS server (attacker) could exploit this flaw\nto cause a denial of service. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker could\nexploit this flaw to cause a denial of service and potentially gain\nhigher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local attacker\ncould leverage this flaw to cause a denial of service or potentially\ngain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-06-13T00:00:00", "title": "Ubuntu 11.10 : linux vulnerabilities (USN-1472-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server"], "id": "UBUNTU_USN-1472-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59476", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1472-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59476);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_bugtraq_id(53401);\n script_xref(name:\"USN\", value:\"1472-1\");\n\n script_name(english:\"Ubuntu 11.10 : linux vulnerabilities (USN-1472-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andy Adamson discovered a flaw in the Linux kernel's NFSv4\nimplementation. A remote NFS server (attacker) could exploit this flaw\nto cause a denial of service. (CVE-2011-4131)\n\nA flaw was discovered in the Linux kernel's KVM (kernel virtual\nmachine). An administrative user in the guest OS could leverage this\nflaw to cause a denial of service in the host OS. (CVE-2012-2121)\n\nSchacher Raindel discovered a flaw in the Linux kernel's memory\nhandling when hugetlb is enabled. An unprivileged local attacker could\nexploit this flaw to cause a denial of service and potentially gain\nhigher privileges. (CVE-2012-2133)\n\nStephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of cliprect on 32 bit systems. An unprivileged local attacker\ncould leverage this flaw to cause a denial of service or potentially\ngain root privileges. (CVE-2012-2383)\n\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\nhandling of buffer_count on 32 bit systems. An unprivileged local\nattacker could leverage this flaw to cause a denial of service or\npotentially gain root privileges. (CVE-2012-2384).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1472-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1472-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-21-generic\", pkgver:\"3.0.0-21.35\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-21-generic-pae\", pkgver:\"3.0.0-21.35\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-21-server\", pkgver:\"3.0.0-21.35\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-21-virtual\", pkgver:\"3.0.0-21.35\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T18:35:47", "description": "The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.31, fixing\nmany bugs and security issues.\n\nVarious security and bug fixes contained in the Linux 3.0 stable\nreleases 3.0.27 up to 3.0.31 have been included, but are not\nexplicitly listed below.\n\nThe following notable security issues have been fixed :\n\n - The dl2k network card driver lacked permission handling\n for some ethtool ioctls, which could allow local\n attackers to start/stop the network card.\n (CVE-2012-2313)\n\n - A use after free bug in hugetlb support could be used by\n local attackers to crash the system. (CVE-2012-2133)\n\n - Various leaks in namespace handling over fork where\n fixed, which could be exploited by e.g. vsftpd access by\n remote users. (CVE-2012-2127)\n\n - A memory corruption when mounting a hfsplus filesystem\n was fixed that could be used by local attackers able to\n mount filesystem to crash the system. (CVE-2012-2319)\n\nThe following non security bugs have been fixed by this update :\n\n - BTRFS\n\n - Partial revert of truncation improvements.\n\n - Fix eof while discarding extents.\n\n - Check return value of bio_alloc() properly.\n\n - Return void from clear_state_bit.\n\n - Avoid possible use-after-free in clear_extent_bit().\n\n - Make free_ipath() deal gracefully with NULL pointers.\n\n - Do not call free_extent_buffer twice in iterate_irefs.\n\n - Add missing read locks in backref.c.\n\n - Fix max chunk size check in chunk allocator.\n\n - Double unlock bug in error handling.\n\n - Do not return EINTR.\n\n - Fix btrfs_ioctl_dev_info() crash on missing device.\n\n - Fix that check_int_data mount option was ignored.\n\n - Do not mount when we have a sectorsize unequal to\n PAGE_SIZE.\n\n - Avoid possible use-after-free in clear_extent_bit().\n\n - Retrurn void from clear_state_bit.\n\n - Fix typo in free-space-cache.c.\n\n - Remove the ideal caching code.\n\n - Remove search_start and search_end from find_free_extent\n and callers.\n\n - Adjust the write_lock_level as we unlock.\n\n - Actually call btrfs_init_lockdep.\n\n - Fix regression in scrub path resolving.\n\n - Show useful info in space reservation tracepoint.\n\n - Flush out and clean up any block device pages during\n mount.\n\n - Fix deadlock during allocating chunks.\n\n - Fix race between direct io and autodefrag.\n\n - Fix the mismatch of page->mapping.\n\n - Fix recursive defragment with autodefrag option.\n\n - Add a check to decide if we should defrag the range.\n\n - Do not bother to defrag an extent if it is a big real\n extent.\n\n - Update to the right index of defragment.\n\n - Fix use-after-free in __btrfs_end_transaction.\n\n - Stop silently switching single chunks to raid0 on\n balance.\n\n - Add wrappers for working with alloc profiles.\n\n - Make profile_is_valid() check more strict.\n\n - Move alloc_profile_is_valid() to volumes.c.\n\n - Add get_restripe_target() helper.\n\n - Add __get_block_group_index() helper.\n\n - Improve the logic in btrfs_can_relocate().\n\n - Validate target profiles only if we are going to use\n them.\n\n - Allow dup for data chunks in mixed mode.\n\n - Fix memory leak in resolver code.\n\n - Fix infinite loop in btrfs_shrink_device().\n\n - Error handling locking fixu.\n\n - Fix uninit variable in repair_eb_io_failure.\n\n - Always store the mirror we read the eb from.\n\n - Do not count CRC or header errors twice while scrubbing.\n\n - Do not start delalloc inodes during sync.\n\n - Fix repair code for RAID10.\n\n - Prevent root_list corruption.\n\n - Fix block_rsv and space_info lock ordering.\n\n - Fix space checking during fs resize.\n\n - Avoid deadlocks from GFP_KERNEL allocations during\n btrfs_real_readdir().\n\n - Reduce lock contention during extent insertion.\n\n - Add properly locking around add_root_to_dirty_list().\n\n - Fix mismatching struct members in ioctl.h.\n\n - netfilter :\n\n - nf_conntrack: make event callback registration per\n netns.\n\n - DRM :\n\n - edid: Add a workaround for 1366x768 HD panel.\n\n - edid: Add extra_modes.\n\n - edid: Add packed attribute to new gtf2 and cvt structs.\n\n - edid: Add the reduced blanking DMT modes to the DMT list\n\n - edid: Allow drm_mode_find_dmt to hunt for\n reduced-blanking modes.\n\n - edid: Do drm_dmt_modes_for_range() for all range\n descriptor types.\n\n - edid: Document drm_mode_find_dmt.\n\n - edid: Fix some comment typos in the DMT mode list\n\n - edid: Generate modes from extra_modes for range\n descriptors\n\n - edid: Give the est3 mode struct a real name.\n\n - edid: Remove a misleading comment.\n\n - edid: Rewrite drm_mode_find_dmt search loop.\n\n - edid: Update range descriptor struct for EDID 1.4\n\n - edid: add missing NULL checks.\n\n - edid: s/drm_gtf_modes_for_range/drm_dmt_modes_for_range/\n\n - Fix kABI for drm EDID improvement patches.\n\n - Fix the case where multiple modes are returned from EDID\n\n - i915: Add more standard modes to LVDS output.\n\n - i915: Disable LVDS at mode change.\n\n - i915: add Ivy Bridge GT2 Server entries.\n\n - i915: delay drm_irq_install() at resume.\n\n - EDD: Check for correct EDD 3.0 length.\n\n - XEN\n\n - blkfront: make blkif_io_lock spinlock per-device.\n\n - blkback: streamline main processing loop (fate#309305).\n\n - blkback: Implement discard requests handling\n (fate#309305).\n\n - blkback: Enhance discard support with secure erasing\n support (fate#309305).\n\n - blkfront: Handle discard requests (fate#309305).\n\n - blkfront: Enhance discard support with secure erasing\n support (fate#309305).\n\n - blkif: support discard (fate#309305).\n\n - blkif: Enhance discard support with secure erasing\n support (fate#309305).\n\n - xen/smpboot: adjust ordering of operations.\n\n - x86-64: provide a memset() that can deal with 4Gb or\n above at a time.\n\n - Update Xen patches to 3.0.27.\n\n - Update Xen patches to 3.0.31.\n\n - xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53.\n\n - xen/gntdev: fix multi-page slot allocation.\n\n - TG3\n\n - Avoid panic from reserved statblk field access.\n\n - Fix 5717 serdes powerdown problem.\n\n - Fix RSS ring refill race condition.\n\n - Fix single-vector MSI-X code.\n\n - fix ipv6 header length computation.\n\n - S/390\n\n - dasd: Fix I/O stall when reserving dasds.\n\n - af_iucv: detect down state of HS transport interface\n (LTC#80859).\n\n - af_iucv: allow shutdown for HS transport sockets\n (LTC#80860).\n\n - mm: s390: Fix BUG by using __set_page_dirty_no_writeback\n on swap.\n\n - qeth: Improve OSA Express 4 blkt defaults (LTC#80325).\n\n - zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl\n (LTC#80378).\n\n - zfcpdump: Implement async sdias event processing\n (LTC#81330).\n\n - ALSA\n\n - hda: Always resume the codec immediately.\n\n - hda: Add Creative CA0132 HDA codec support.\n\n - hda: Fix error handling in patch_ca0132.c.\n\n - hda: Add the support for Creative SoundCore3D.\n\n - OTHER\n\n - ixgbe: fix ring assignment issues for SR-IOV and drop\n cases.\n\n - ixgbe: add missing rtnl_lock in PM resume path.\n\n - MCE, AMD: Drop too granulary family model checks.\n\n - EDAC, MCE, AMD: Print CPU number when reporting the\n error.\n\n - EDAC, MCE, AMD: Print valid addr when reporting an\n error.\n\n - libata: skip old error history when counting probe\n trials.\n\n - x86: kdb: restore kdb stack trace.\n\n - ehea: fix allmulticast support,\n\n - ehea: fix promiscuous mode.\n\n - ehea: only register irq after setting up ports.\n\n - ehea: fix losing of NEQ events when one event occurred\n early.\n\n - scsi: Silence unnecessary warnings about ioctl to\n partition.\n\n - scsi_dh_rdac: Update match function to check page C8.\n\n - scsi_dh_rdac: Add new NetApp IDs.\n\n - bluetooth: Add support for Foxconn/Hon Hai AR5BBU22\n 0489:E03C.\n\n - x86/amd: Add missing feature flag for fam15h models\n 10h-1fh processors.\n\n - x86: Report cpb and eff_freq_ro flags correctly.\n\n - x86, amd: Fix up numa_node information for AMD CPU\n family 15h model 0-0fh northbridge functions.\n\n - x86/PCI: amd: Kill misleading message about enablement\n of IO access to PCI ECS.\n\n - cdc-wdm: fix race leading leading to memory corruption.\n\n - tlan: add cast needed for proper 64 bit operation.\n\n - bonding:update speed/duplex for NETDEV_CHANGE.\n\n - bonding: comparing a u8 with -1 is always false.\n\n - bonding: start slaves with link down for ARP monitor.\n\n - bonding: do not increase rx_dropped after processing\n LACPDUs\n\n - x86: fix the initialization of physnode_map.\n\n - sched,rt: fix isolated CPUs leaving root_task_group\n indefinitely throttled.\n\n - Fix SLE11-SP1->SLE11-SP2 interrupt latency regression.\n Note that this change trades an approximately 400%\n latency regression fix for power consumption progression\n that skew removal bought (at high cost).\n\n - Revert mainline 0209f649 - rcu: limit rcu_node\n leaf-level fanout.\n\n - md: fix possible corruption of array metadata on\n shutdown.\n\n - md/bitmap: prevent bitmap_daemon_work running while\n initialising bitmap.\n\n - md: ensure changes to write-mostly are reflected in\n metadata.\n\n - cciss: Add IRQF_SHARED back in for the non-MSI(X)\n interrupt handler.\n\n - procfs, namespace, pid_ns: fix leakage upon fork()\n failure.\n\n - mqueue: fix a vfsmount longterm reference leak.\n\n - procfs: fix a vfsmount longterm reference leak.\n\n - scsi_dh_alua: Optimize stpg command.\n\n - scsi_dh_alua: Store pref bit from RTPG.\n\n - scsi_dh_alua: set_params interface.\n\n - uwb: fix error handling.\n\n - uwb: fix use of del_timer_sync() in interrupt.\n\n - usbhid: fix error handling of not enough bandwidth.\n\n - mm: Improve preservation of page-age information\n\n - pagecache limit: Fix the shmem deadlock.\n\n - USB: sierra: add support for Sierra Wireless MC7710.\n\n - USB: fix resource leak in xhci power loss path.\n\n - x86/iommu/intel: Fix identity mapping for sandy bridge.\n\n - ipv6: Check dest prefix length on original route not\n copied one in rt6_alloc_cow().\n\n - ipv6: do not use inetpeer to store metrics for routes.\n\n - ipv6: fix problem with expired dst cache.\n\n - ipv6: unshare inetpeers.\n\n - bridge: correct IPv6 checksum after pull.\n\n - scsi: storvsc: Account for in-transit packets in the\n RESET path.\n\n -\n patches.fixes/mm-mempolicy.c-fix-pgoff-in-mbind-vma-merg\n e.patch :\n\n -\n patches.fixes/mm-mempolicy.c-refix-mbind_range-vma-issue\n .patch: Fix vma merging issue during mbind affecting\n JVMs.\n\n - ACPI, APEI: Fix incorrect APEI register bit width check\n and usage.\n\n - vmxnet3: cap copy length at size of skb to prevent\n dropped frames on tx.\n\n - rt2x00: rt2x00dev: move rfkill_polling register to\n proper place.\n\n - pagecache: fix the BUG_ON safety belt\n\n - pagecache: Fixed the GFP_NOWAIT is zero and not suitable\n for tests bug\n\n - igb: reset PHY after recovering from PHY power down.\n\n - igb: fix rtnl race in PM resume path.\n\n - watchdog: iTCO_wdt.c - problems with newer hardware due\n to SMI clearing.\n\n - watchdog: iTCO_wdt.c - problems with newer hardware due\n to SMI clearing redhat#727875).\n\n - cfq-iosched: Reduce linked group count upon group\n destruction.\n\n - cdc_ether: Ignore bogus union descriptor for RNDIS\n devices.\n\n - sys_poll: fix incorrect type for timeout parameter.\n\n - staging:rts_pstor:Avoid 'Bad target number' message when\n probing driver.\n\n - staging:rts_pstor:Complete scanning_done variable.\n\n - staging:rts_pstor:Fix SDIO issue.\n\n - staging:rts_pstor: Fix a bug that a MMCPlus card ca not\n be accessed.\n\n - staging:rts_pstor: Fix a miswriting.\n\n - staging:rts_pstor:Fix possible panic by NULL pointer\n dereference.\n\n - staging:rts_pstor: fix thread synchronization flow.\n\n - freezer:do not unnecessarily set PF_NOFREEZE explicitly.\n\n - staging:rts_pstor: off by one in for loop.\n\n - patches.suse/cgroup-disable-memcg-when-low-lowmem.patch:\n fix typo: use if defined(CONFIG_) rather than if CONFIG_", "edition": 17, "published": "2013-01-25T00:00:00", "title": "SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 6338 / 6345 / 6349)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2127", "CVE-2012-2313"], "modified": "2013-01-25T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:11:kernel-trace-extra", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel"], "id": "SUSE_11_KERNEL-120523.NASL", "href": "https://www.tenable.com/plugins/nessus/64174", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64174);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2012-2127\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\");\n\n script_name(english:\"SuSE 11.2 Security Update : Linux Kernel (SAT Patch Numbers 6338 / 6345 / 6349)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 SP2 kernel was updated to 3.0.31, fixing\nmany bugs and security issues.\n\nVarious security and bug fixes contained in the Linux 3.0 stable\nreleases 3.0.27 up to 3.0.31 have been included, but are not\nexplicitly listed below.\n\nThe following notable security issues have been fixed :\n\n - The dl2k network card driver lacked permission handling\n for some ethtool ioctls, which could allow local\n attackers to start/stop the network card.\n (CVE-2012-2313)\n\n - A use after free bug in hugetlb support could be used by\n local attackers to crash the system. (CVE-2012-2133)\n\n - Various leaks in namespace handling over fork where\n fixed, which could be exploited by e.g. vsftpd access by\n remote users. (CVE-2012-2127)\n\n - A memory corruption when mounting a hfsplus filesystem\n was fixed that could be used by local attackers able to\n mount filesystem to crash the system. (CVE-2012-2319)\n\nThe following non security bugs have been fixed by this update :\n\n - BTRFS\n\n - Partial revert of truncation improvements.\n\n - Fix eof while discarding extents.\n\n - Check return value of bio_alloc() properly.\n\n - Return void from clear_state_bit.\n\n - Avoid possible use-after-free in clear_extent_bit().\n\n - Make free_ipath() deal gracefully with NULL pointers.\n\n - Do not call free_extent_buffer twice in iterate_irefs.\n\n - Add missing read locks in backref.c.\n\n - Fix max chunk size check in chunk allocator.\n\n - Double unlock bug in error handling.\n\n - Do not return EINTR.\n\n - Fix btrfs_ioctl_dev_info() crash on missing device.\n\n - Fix that check_int_data mount option was ignored.\n\n - Do not mount when we have a sectorsize unequal to\n PAGE_SIZE.\n\n - Avoid possible use-after-free in clear_extent_bit().\n\n - Retrurn void from clear_state_bit.\n\n - Fix typo in free-space-cache.c.\n\n - Remove the ideal caching code.\n\n - Remove search_start and search_end from find_free_extent\n and callers.\n\n - Adjust the write_lock_level as we unlock.\n\n - Actually call btrfs_init_lockdep.\n\n - Fix regression in scrub path resolving.\n\n - Show useful info in space reservation tracepoint.\n\n - Flush out and clean up any block device pages during\n mount.\n\n - Fix deadlock during allocating chunks.\n\n - Fix race between direct io and autodefrag.\n\n - Fix the mismatch of page->mapping.\n\n - Fix recursive defragment with autodefrag option.\n\n - Add a check to decide if we should defrag the range.\n\n - Do not bother to defrag an extent if it is a big real\n extent.\n\n - Update to the right index of defragment.\n\n - Fix use-after-free in __btrfs_end_transaction.\n\n - Stop silently switching single chunks to raid0 on\n balance.\n\n - Add wrappers for working with alloc profiles.\n\n - Make profile_is_valid() check more strict.\n\n - Move alloc_profile_is_valid() to volumes.c.\n\n - Add get_restripe_target() helper.\n\n - Add __get_block_group_index() helper.\n\n - Improve the logic in btrfs_can_relocate().\n\n - Validate target profiles only if we are going to use\n them.\n\n - Allow dup for data chunks in mixed mode.\n\n - Fix memory leak in resolver code.\n\n - Fix infinite loop in btrfs_shrink_device().\n\n - Error handling locking fixu.\n\n - Fix uninit variable in repair_eb_io_failure.\n\n - Always store the mirror we read the eb from.\n\n - Do not count CRC or header errors twice while scrubbing.\n\n - Do not start delalloc inodes during sync.\n\n - Fix repair code for RAID10.\n\n - Prevent root_list corruption.\n\n - Fix block_rsv and space_info lock ordering.\n\n - Fix space checking during fs resize.\n\n - Avoid deadlocks from GFP_KERNEL allocations during\n btrfs_real_readdir().\n\n - Reduce lock contention during extent insertion.\n\n - Add properly locking around add_root_to_dirty_list().\n\n - Fix mismatching struct members in ioctl.h.\n\n - netfilter :\n\n - nf_conntrack: make event callback registration per\n netns.\n\n - DRM :\n\n - edid: Add a workaround for 1366x768 HD panel.\n\n - edid: Add extra_modes.\n\n - edid: Add packed attribute to new gtf2 and cvt structs.\n\n - edid: Add the reduced blanking DMT modes to the DMT list\n\n - edid: Allow drm_mode_find_dmt to hunt for\n reduced-blanking modes.\n\n - edid: Do drm_dmt_modes_for_range() for all range\n descriptor types.\n\n - edid: Document drm_mode_find_dmt.\n\n - edid: Fix some comment typos in the DMT mode list\n\n - edid: Generate modes from extra_modes for range\n descriptors\n\n - edid: Give the est3 mode struct a real name.\n\n - edid: Remove a misleading comment.\n\n - edid: Rewrite drm_mode_find_dmt search loop.\n\n - edid: Update range descriptor struct for EDID 1.4\n\n - edid: add missing NULL checks.\n\n - edid: s/drm_gtf_modes_for_range/drm_dmt_modes_for_range/\n\n - Fix kABI for drm EDID improvement patches.\n\n - Fix the case where multiple modes are returned from EDID\n\n - i915: Add more standard modes to LVDS output.\n\n - i915: Disable LVDS at mode change.\n\n - i915: add Ivy Bridge GT2 Server entries.\n\n - i915: delay drm_irq_install() at resume.\n\n - EDD: Check for correct EDD 3.0 length.\n\n - XEN\n\n - blkfront: make blkif_io_lock spinlock per-device.\n\n - blkback: streamline main processing loop (fate#309305).\n\n - blkback: Implement discard requests handling\n (fate#309305).\n\n - blkback: Enhance discard support with secure erasing\n support (fate#309305).\n\n - blkfront: Handle discard requests (fate#309305).\n\n - blkfront: Enhance discard support with secure erasing\n support (fate#309305).\n\n - blkif: support discard (fate#309305).\n\n - blkif: Enhance discard support with secure erasing\n support (fate#309305).\n\n - xen/smpboot: adjust ordering of operations.\n\n - x86-64: provide a memset() that can deal with 4Gb or\n above at a time.\n\n - Update Xen patches to 3.0.27.\n\n - Update Xen patches to 3.0.31.\n\n - xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53.\n\n - xen/gntdev: fix multi-page slot allocation.\n\n - TG3\n\n - Avoid panic from reserved statblk field access.\n\n - Fix 5717 serdes powerdown problem.\n\n - Fix RSS ring refill race condition.\n\n - Fix single-vector MSI-X code.\n\n - fix ipv6 header length computation.\n\n - S/390\n\n - dasd: Fix I/O stall when reserving dasds.\n\n - af_iucv: detect down state of HS transport interface\n (LTC#80859).\n\n - af_iucv: allow shutdown for HS transport sockets\n (LTC#80860).\n\n - mm: s390: Fix BUG by using __set_page_dirty_no_writeback\n on swap.\n\n - qeth: Improve OSA Express 4 blkt defaults (LTC#80325).\n\n - zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl\n (LTC#80378).\n\n - zfcpdump: Implement async sdias event processing\n (LTC#81330).\n\n - ALSA\n\n - hda: Always resume the codec immediately.\n\n - hda: Add Creative CA0132 HDA codec support.\n\n - hda: Fix error handling in patch_ca0132.c.\n\n - hda: Add the support for Creative SoundCore3D.\n\n - OTHER\n\n - ixgbe: fix ring assignment issues for SR-IOV and drop\n cases.\n\n - ixgbe: add missing rtnl_lock in PM resume path.\n\n - MCE, AMD: Drop too granulary family model checks.\n\n - EDAC, MCE, AMD: Print CPU number when reporting the\n error.\n\n - EDAC, MCE, AMD: Print valid addr when reporting an\n error.\n\n - libata: skip old error history when counting probe\n trials.\n\n - x86: kdb: restore kdb stack trace.\n\n - ehea: fix allmulticast support,\n\n - ehea: fix promiscuous mode.\n\n - ehea: only register irq after setting up ports.\n\n - ehea: fix losing of NEQ events when one event occurred\n early.\n\n - scsi: Silence unnecessary warnings about ioctl to\n partition.\n\n - scsi_dh_rdac: Update match function to check page C8.\n\n - scsi_dh_rdac: Add new NetApp IDs.\n\n - bluetooth: Add support for Foxconn/Hon Hai AR5BBU22\n 0489:E03C.\n\n - x86/amd: Add missing feature flag for fam15h models\n 10h-1fh processors.\n\n - x86: Report cpb and eff_freq_ro flags correctly.\n\n - x86, amd: Fix up numa_node information for AMD CPU\n family 15h model 0-0fh northbridge functions.\n\n - x86/PCI: amd: Kill misleading message about enablement\n of IO access to PCI ECS.\n\n - cdc-wdm: fix race leading leading to memory corruption.\n\n - tlan: add cast needed for proper 64 bit operation.\n\n - bonding:update speed/duplex for NETDEV_CHANGE.\n\n - bonding: comparing a u8 with -1 is always false.\n\n - bonding: start slaves with link down for ARP monitor.\n\n - bonding: do not increase rx_dropped after processing\n LACPDUs\n\n - x86: fix the initialization of physnode_map.\n\n - sched,rt: fix isolated CPUs leaving root_task_group\n indefinitely throttled.\n\n - Fix SLE11-SP1->SLE11-SP2 interrupt latency regression.\n Note that this change trades an approximately 400%\n latency regression fix for power consumption progression\n that skew removal bought (at high cost).\n\n - Revert mainline 0209f649 - rcu: limit rcu_node\n leaf-level fanout.\n\n - md: fix possible corruption of array metadata on\n shutdown.\n\n - md/bitmap: prevent bitmap_daemon_work running while\n initialising bitmap.\n\n - md: ensure changes to write-mostly are reflected in\n metadata.\n\n - cciss: Add IRQF_SHARED back in for the non-MSI(X)\n interrupt handler.\n\n - procfs, namespace, pid_ns: fix leakage upon fork()\n failure.\n\n - mqueue: fix a vfsmount longterm reference leak.\n\n - procfs: fix a vfsmount longterm reference leak.\n\n - scsi_dh_alua: Optimize stpg command.\n\n - scsi_dh_alua: Store pref bit from RTPG.\n\n - scsi_dh_alua: set_params interface.\n\n - uwb: fix error handling.\n\n - uwb: fix use of del_timer_sync() in interrupt.\n\n - usbhid: fix error handling of not enough bandwidth.\n\n - mm: Improve preservation of page-age information\n\n - pagecache limit: Fix the shmem deadlock.\n\n - USB: sierra: add support for Sierra Wireless MC7710.\n\n - USB: fix resource leak in xhci power loss path.\n\n - x86/iommu/intel: Fix identity mapping for sandy bridge.\n\n - ipv6: Check dest prefix length on original route not\n copied one in rt6_alloc_cow().\n\n - ipv6: do not use inetpeer to store metrics for routes.\n\n - ipv6: fix problem with expired dst cache.\n\n - ipv6: unshare inetpeers.\n\n - bridge: correct IPv6 checksum after pull.\n\n - scsi: storvsc: Account for in-transit packets in the\n RESET path.\n\n -\n patches.fixes/mm-mempolicy.c-fix-pgoff-in-mbind-vma-merg\n e.patch :\n\n -\n patches.fixes/mm-mempolicy.c-refix-mbind_range-vma-issue\n .patch: Fix vma merging issue during mbind affecting\n JVMs.\n\n - ACPI, APEI: Fix incorrect APEI register bit width check\n and usage.\n\n - vmxnet3: cap copy length at size of skb to prevent\n dropped frames on tx.\n\n - rt2x00: rt2x00dev: move rfkill_polling register to\n proper place.\n\n - pagecache: fix the BUG_ON safety belt\n\n - pagecache: Fixed the GFP_NOWAIT is zero and not suitable\n for tests bug\n\n - igb: reset PHY after recovering from PHY power down.\n\n - igb: fix rtnl race in PM resume path.\n\n - watchdog: iTCO_wdt.c - problems with newer hardware due\n to SMI clearing.\n\n - watchdog: iTCO_wdt.c - problems with newer hardware due\n to SMI clearing redhat#727875).\n\n - cfq-iosched: Reduce linked group count upon group\n destruction.\n\n - cdc_ether: Ignore bogus union descriptor for RNDIS\n devices.\n\n - sys_poll: fix incorrect type for timeout parameter.\n\n - staging:rts_pstor:Avoid 'Bad target number' message when\n probing driver.\n\n - staging:rts_pstor:Complete scanning_done variable.\n\n - staging:rts_pstor:Fix SDIO issue.\n\n - staging:rts_pstor: Fix a bug that a MMCPlus card ca not\n be accessed.\n\n - staging:rts_pstor: Fix a miswriting.\n\n - staging:rts_pstor:Fix possible panic by NULL pointer\n dereference.\n\n - staging:rts_pstor: fix thread synchronization flow.\n\n - freezer:do not unnecessarily set PF_NOFREEZE explicitly.\n\n - staging:rts_pstor: off by one in for loop.\n\n - patches.suse/cgroup-disable-memcg-when-low-lowmem.patch:\n fix typo: use if defined(CONFIG_) rather than if CONFIG_\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=704280\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=708836\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=718521\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=721857\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=725592\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=732296\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=738528\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=738644\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=743232\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=744758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=745088\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=746938\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=748112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=748463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=748806\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=748859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=750426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=751550\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752022\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=752634\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=753172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=753698\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754085\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=754969\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=755178\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=755537\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=755758\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=755812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=756236\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=756821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=756840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=756940\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757202\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757205\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757289\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757373\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757517\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757783\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=757950\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758104\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758540\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=758833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759340\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=759971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=760015\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=760279\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=760346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=760974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=761158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=761387\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=761772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762329\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=762424\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2127.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2133.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2313.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-2319.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 6338 / 6345 / 6349 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-extra-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-extra-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-source-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-syms-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-extra-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-extra-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-extra-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-source-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-syms-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"kernel-default-man-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.31-0.9.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.31-0.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:38:01", "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-07-01T00:00:00", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-1492-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2319", "CVE-2012-2313"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia"], "id": "UBUNTU_USN-1492-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59815", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1492-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59815);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-2313\", \"CVE-2012-2319\");\n script_xref(name:\"USN\", value:\"1492-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerabilities (USN-1492-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1492-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-2313\", \"CVE-2012-2319\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1492-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-41-386\", pkgver:\"2.6.32-41.91\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-41-generic\", pkgver:\"2.6.32-41.91\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-41-generic-pae\", pkgver:\"2.6.32-41.91\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-41-lpia\", pkgver:\"2.6.32-41.91\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-41-preempt\", pkgver:\"2.6.32-41.91\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-41-server\", pkgver:\"2.6.32-41.91\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-41-versatile\", pkgver:\"2.6.32-41.91\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-41-virtual\", pkgver:\"2.6.32-41.91\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:38:01", "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-07-01T00:00:00", "title": "Ubuntu 8.04 LTS : linux vulnerabilities (USN-1493-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2319", "CVE-2012-2313"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia"], "id": "UBUNTU_USN-1493-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59816", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1493-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59816);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-2313\", \"CVE-2012-2319\");\n script_xref(name:\"USN\", value:\"1493-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS : linux vulnerabilities (USN-1493-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1493-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-2313\", \"CVE-2012-2319\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1493-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-386\", pkgver:\"2.6.24-31.102\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-generic\", pkgver:\"2.6.24-31.102\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-lpia\", pkgver:\"2.6.24-31.102\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-lpiacompat\", pkgver:\"2.6.24-31.102\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-openvz\", pkgver:\"2.6.24-31.102\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-rt\", pkgver:\"2.6.24-31.102\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-server\", pkgver:\"2.6.24-31.102\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-virtual\", pkgver:\"2.6.24-31.102\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-xen\", pkgver:\"2.6.24-31.102\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:38:01", "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-07-01T00:00:00", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1491-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2319", "CVE-2012-2313"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2"], "id": "UBUNTU_USN-1491-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59814", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1491-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59814);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-2313\", \"CVE-2012-2319\");\n script_xref(name:\"USN\", value:\"1491-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1491-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1491-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-2313\", \"CVE-2012-2319\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1491-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-345-ec2\", pkgver:\"2.6.32-345.50\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:38:00", "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nA flaw was discovered in the Linux kernel's NFSv4 (Network file\nsystem) handling of ACLs (access control lists). A remote NFS server\n(attacker) could cause a denial of service (OOPS). (CVE-2012-2375).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-07-01T00:00:00", "title": "Ubuntu 11.04 : linux vulnerabilities (USN-1488-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2375", "CVE-2012-2319", "CVE-2012-2313"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:11.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1488-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59811", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1488-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59811);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2375\");\n script_xref(name:\"USN\", value:\"1488-1\");\n\n script_name(english:\"Ubuntu 11.04 : linux vulnerabilities (USN-1488-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nA flaw was discovered in the Linux kernel's NFSv4 (Network file\nsystem) handling of ACLs (access control lists). A remote NFS server\n(attacker) could cause a denial of service (OOPS). (CVE-2012-2375).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1488-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2375\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1488-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-15-generic\", pkgver:\"2.6.38-15.61\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-15-generic-pae\", pkgver:\"2.6.38-15.61\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-15-server\", pkgver:\"2.6.38-15.61\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-15-versatile\", pkgver:\"2.6.38-15.61\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-15-virtual\", pkgver:\"2.6.38-15.61\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:38:00", "description": "Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nA flaw was discovered in the Linux kernel's NFSv4 (Network file\nsystem) handling of ACLs (access control lists). A remote NFS server\n(attacker) could cause a denial of service (OOPS). (CVE-2012-2375).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-07-01T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1490-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2375", "CVE-2012-2319", "CVE-2012-2313"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1490-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59813", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1490-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59813);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2375\");\n script_xref(name:\"USN\", value:\"1490-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1490-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stephan Mueller reported a flaw in the Linux kernel's dl2k network\ndriver's handling of ioctls. An unprivileged local user could leverage\nthis flaw to cause a denial of service. (CVE-2012-2313)\n\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\nfilesystem. An unprivileged local user could exploit these flaws to\ngain root system priviliges. (CVE-2012-2319)\n\nA flaw was discovered in the Linux kernel's NFSv4 (Network file\nsystem) handling of ACLs (access control lists). A remote NFS server\n(attacker) could cause a denial of service (OOPS). (CVE-2012-2375).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1490-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/07/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2012-2313\", \"CVE-2012-2319\", \"CVE-2012-2375\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1490-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-15-generic\", pkgver:\"2.6.38-15.61~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-15-generic-pae\", pkgver:\"2.6.38-15.61~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-15-server\", pkgver:\"2.6.38-15.61~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-15-virtual\", pkgver:\"2.6.38-15.61~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "==========================================================================\r\nUbuntu Security Notice USN-1473-1\r\nJune 13, 2012\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nA flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\r\nAn administrative user in the guest OS could leverage this flaw to cause a\r\ndenial of service in the host OS. (CVE-2012-2121)\r\n\r\nSchacher Raindel discovered a flaw in the Linux kernel's memory handling\r\nwhen hugetlb is enabled. An unprivileged local attacker could exploit this\r\nflaw to cause a denial of service and potentially gain higher privileges.\r\n(CVE-2012-2133)\r\n\r\nStephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\r\nhandling of ioctls. An unprivileged local user could leverage this flaw to\r\ncause a denial of service. (CVE-2012-2313)\r\n\r\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\r\nfilesystem. An unprivileged local user could exploit these flaws to gain\r\nroot system priviliges. (CVE-2012-2319)\r\n\r\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\r\nhandling of cliprect on 32 bit systems. An unprivileged local attacker\r\ncould leverage this flaw to cause a denial of service or potentially gain\r\nroot privileges. (CVE-2012-2383)\r\n\r\nXi Wang discovered a flaw in the Linux kernel's i915 graphics driver\r\nhandling of buffer_count on 32 bit systems. An unprivileged local attacker\r\ncould leverage this flaw to cause a denial of service or potentially gain\r\nroot privileges. (CVE-2012-2384)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.04 LTS:\r\n linux-image-3.2.0-25-generic 3.2.0-25.40\r\n linux-image-3.2.0-25-generic-pae 3.2.0-25.40\r\n linux-image-3.2.0-25-highbank 3.2.0-25.40\r\n linux-image-3.2.0-25-omap 3.2.0-25.40\r\n linux-image-3.2.0-25-powerpc-smp 3.2.0-25.40\r\n linux-image-3.2.0-25-powerpc64-smp 3.2.0-25.40\r\n linux-image-3.2.0-25-virtual 3.2.0-25.40\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages (e.g. linux-generic,\r\nlinux-server, linux-powerpc), a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1473-1\r\n CVE-2012-2121, CVE-2012-2133, CVE-2012-2313, CVE-2012-2319,\r\n CVE-2012-2383, CVE-2012-2384\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.2.0-25.40\r\n", "edition": 1, "modified": "2012-07-09T00:00:00", "published": "2012-07-09T00:00:00", "id": "SECURITYVULNS:DOC:28266", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28266", "title": "[USN-1473-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:47", "bulletinFamily": "software", "cvelist": ["CVE-2012-2375", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383"], "description": "DoS, privilege escalation.", "edition": 1, "modified": "2012-07-09T00:00:00", "published": "2012-07-09T00:00:00", "id": "SECURITYVULNS:VULN:12462", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12462", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:45", "bulletinFamily": "software", "cvelist": ["CVE-2012-2375", "CVE-2012-2319", "CVE-2012-2313"], "description": "==========================================================================\r\nUbuntu Security Notice USN-1488-1\r\nJune 29, 2012\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 11.04\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nStephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\r\nhandling of ioctls. An unprivileged local user could leverage this flaw to\r\ncause a denial of service. (CVE-2012-2313)\r\n\r\nTimo Warns reported multiple flaws in the Linux kernel's hfsplus\r\nfilesystem. An unprivileged local user could exploit these flaws to gain\r\nroot system priviliges. (CVE-2012-2319)\r\n\r\nA flaw was discovered in the Linux kernel's NFSv4 (Network file system)\r\nhandling of ACLs (access control lists). A remote NFS server (attacker)\r\ncould cause a denial of service (OOPS). (CVE-2012-2375)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 11.04:\r\n linux-image-2.6.38-15-generic 2.6.38-15.61\r\n linux-image-2.6.38-15-generic-pae 2.6.38-15.61\r\n linux-image-2.6.38-15-omap 2.6.38-15.61\r\n linux-image-2.6.38-15-powerpc 2.6.38-15.61\r\n linux-image-2.6.38-15-powerpc-smp 2.6.38-15.61\r\n linux-image-2.6.38-15-powerpc64-smp 2.6.38-15.61\r\n linux-image-2.6.38-15-server 2.6.38-15.61\r\n linux-image-2.6.38-15-versatile 2.6.38-15.61\r\n linux-image-2.6.38-15-virtual 2.6.38-15.61\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1488-1\r\n CVE-2012-2313, CVE-2012-2319, CVE-2012-2375\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/2.6.38-15.61\r\n", "edition": 1, "modified": "2012-07-09T00:00:00", "published": "2012-07-09T00:00:00", "id": "SECURITYVULNS:DOC:28264", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28264", "title": "[USN-1488-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:47", "bulletinFamily": "software", "cvelist": ["CVE-2012-2123", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-1601"], "description": "DoS conditions, protection bypass, buffer overflow", "edition": 1, "modified": "2012-05-24T00:00:00", "published": "2012-05-24T00:00:00", "id": "SECURITYVULNS:VULN:12376", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12376", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2017-12-04T11:21:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1474-1", "modified": "2017-12-01T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:841038", "href": "http://plugins.openvas.org/nasl.php?oid=841038", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1474-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1474_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1474-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system priviliges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1474-1\";\ntag_affected = \"linux-ti-omap4 on Ubuntu 12.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1474-1/\");\n script_id(841038);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:46:43 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\",\n \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1474-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1474-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1414-omap4\", ver:\"3.2.0-1414.19\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:21:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1473-1", "modified": "2017-12-01T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:841044", "href": "http://plugins.openvas.org/nasl.php?oid=841044", "type": "openvas", "title": "Ubuntu Update for linux USN-1473-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1473_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1473-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system priviliges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1473-1\";\ntag_affected = \"linux on Ubuntu 12.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1473-1/\");\n script_id(841044);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:47:16 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\",\n \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1473-1\");\n script_name(\"Ubuntu Update for linux USN-1473-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-generic\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-generic-pae\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-highbank\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-omap\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-powerpc-smp\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-powerpc64-smp\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-virtual\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1474-1", "modified": "2019-03-13T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:1361412562310841038", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841038", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1474-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1474_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1474-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1474-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841038\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:46:43 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\",\n \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1474-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1474-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1474-1\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system privileges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1414-omap4\", ver:\"3.2.0-1414.19\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1473-1", "modified": "2019-03-13T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:1361412562310841044", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841044", "type": "openvas", "title": "Ubuntu Update for linux USN-1473-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1473_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1473-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1473-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841044\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:47:16 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\", \"CVE-2012-2319\",\n \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1473-1\");\n script_name(\"Ubuntu Update for linux USN-1473-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1473-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system privileges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-generic\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-generic-pae\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-highbank\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-omap\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-powerpc-smp\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-powerpc64-smp\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-25-virtual\", ver:\"3.2.0-25.40\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1471-1", "modified": "2019-03-13T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:1361412562310841042", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841042", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-oneiric USN-1471-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1471_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-lts-backport-oneiric USN-1471-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1471-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841042\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:47:05 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\",\n \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1471-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-oneiric USN-1471-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1471-1\");\n script_tag(name:\"affected\", value:\"linux-lts-backport-oneiric on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation.\n A remote NFS server (attacker) could exploit this flaw to cause a denial of\n service. (CVE-2011-4131)\n\n A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system privileges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-generic\", ver:\"3.0.0-21.35~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-generic-pae\", ver:\"3.0.0-21.35~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-server\", ver:\"3.0.0-21.35~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-virtual\", ver:\"3.0.0-21.35~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1476-1", "modified": "2019-03-13T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:1361412562310841050", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841050", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1476-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1476_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1476-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1476-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841050\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:42:24 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\",\n \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1476-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1476-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1476-1\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 11.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation.\n A remote NFS server (attacker) could exploit this flaw to cause a denial of\n service. (CVE-2011-4131)\n\n A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system privileges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-1211-omap4\", ver:\"3.0.0-1211.23\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1472-1", "modified": "2019-03-13T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:1361412562310841040", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841040", "type": "openvas", "title": "Ubuntu Update for linux USN-1472-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1472_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1472-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1472-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841040\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:46:53 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\",\n \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1472-1\");\n script_name(\"Ubuntu Update for linux USN-1472-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1472-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 11.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation.\n A remote NFS server (attacker) could exploit this flaw to cause a denial of\n service. (CVE-2011-4131)\n\n A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system privileges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-generic\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-generic-pae\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-omap\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-powerpc\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-powerpc-smp\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-powerpc64-smp\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-server\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-virtual\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:20:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1471-1", "modified": "2017-12-01T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:841042", "href": "http://plugins.openvas.org/nasl.php?oid=841042", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-oneiric USN-1471-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1471_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-lts-backport-oneiric USN-1471-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation.\n A remote NFS server (attacker) could exploit this flaw to cause a denial of\n service. (CVE-2011-4131)\n\n A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system priviliges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1471-1\";\ntag_affected = \"linux-lts-backport-oneiric on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1471-1/\");\n script_id(841042);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:47:05 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\",\n \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1471-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-oneiric USN-1471-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-generic\", ver:\"3.0.0-21.35~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-generic-pae\", ver:\"3.0.0-21.35~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-server\", ver:\"3.0.0-21.35~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-virtual\", ver:\"3.0.0-21.35~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:20:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1472-1", "modified": "2017-12-01T00:00:00", "published": "2012-06-15T00:00:00", "id": "OPENVAS:841040", "href": "http://plugins.openvas.org/nasl.php?oid=841040", "type": "openvas", "title": "Ubuntu Update for linux USN-1472-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1472_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1472-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation.\n A remote NFS server (attacker) could exploit this flaw to cause a denial of\n service. (CVE-2011-4131)\n\n A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system priviliges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1472-1\";\ntag_affected = \"linux on Ubuntu 11.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1472-1/\");\n script_id(841040);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-15 09:46:53 +0530 (Fri, 15 Jun 2012)\");\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\",\n \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1472-1\");\n script_name(\"Ubuntu Update for linux USN-1472-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-generic\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-generic-pae\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-omap\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-powerpc\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-powerpc-smp\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-powerpc64-smp\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-server\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-21-virtual\", ver:\"3.0.0-21.35\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:19:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2383", "CVE-2012-2121"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1476-1", "modified": "2017-12-01T00:00:00", "published": "2012-06-19T00:00:00", "id": "OPENVAS:841050", "href": "http://plugins.openvas.org/nasl.php?oid=841050", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1476-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1476_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1476-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation.\n A remote NFS server (attacker) could exploit this flaw to cause a denial of\n service. (CVE-2011-4131)\n\n A flaw was discovered in the Linux kernel's KVM (kernel virtual machine).\n An administrative user in the guest OS could leverage this flaw to cause a\n denial of service in the host OS. (CVE-2012-2121)\n\n Schacher Raindel discovered a flaw in the Linux kernel's memory handling\n when hugetlb is enabled. An unprivileged local attacker could exploit this\n flaw to cause a denial of service and potentially gain higher privileges.\n (CVE-2012-2133)\n\n Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's\n handling of ioctls. An unprivileged local user could leverage this flaw to\n cause a denial of service. (CVE-2012-2313)\n\n Timo Warns reported multiple flaws in the Linux kernel's hfsplus\n filesystem. An unprivileged local user could exploit these flaws to gain\n root system priviliges. (CVE-2012-2319)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of cliprect on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2383)\n\n Xi Wang discovered a flaw in the Linux kernel's i915 graphics driver\n handling of buffer_count on 32 bit systems. An unprivileged local attacker\n could leverage this flaw to cause a denial of service or potentially gain\n root privileges. (CVE-2012-2384)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1476-1\";\ntag_affected = \"linux-ti-omap4 on Ubuntu 11.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1476-1/\");\n script_id(841050);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-06-19 09:42:24 +0530 (Tue, 19 Jun 2012)\");\n script_cve_id(\"CVE-2011-4131\", \"CVE-2012-2121\", \"CVE-2012-2133\", \"CVE-2012-2313\",\n \"CVE-2012-2319\", \"CVE-2012-2383\", \"CVE-2012-2384\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1476-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1476-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-1211-omap4\", ver:\"3.0.0-1211.23\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2020-12-09T19:47:19", "description": "Multiple buffer overflows in the hfsplus filesystem implementation in the Linux kernel before 3.3.5 allow local users to gain privileges via a crafted HFS plus filesystem, a related issue to CVE-2009-4020.", "edition": 5, "cvss3": {}, "published": "2012-05-17T11:00:00", "title": "CVE-2012-2319", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2319"], "modified": "2015-05-12T01:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.3.3"], "id": "CVE-2012-2319", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2319", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "The KVM implementation in the Linux kernel before 3.3.4 does not properly manage the relationships between memory slots and the iommu, which allows guest OS users to cause a denial of service (memory leak and host OS crash) by leveraging administrative access to the guest OS to conduct hotunplug and hotplug operations on devices.", "edition": 5, "cvss3": {}, "published": "2012-05-17T11:00:00", "title": "CVE-2012-2121", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2121"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.3.3"], "id": "CVE-2012-2121", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2121", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "Use-after-free vulnerability in the Linux kernel before 3.3.6, when huge pages are enabled, allows local users to cause a denial of service (system crash) or possibly gain privileges by interacting with a hugetlbfs filesystem, as demonstrated by a umount operation that triggers improper handling of quota data.", "edition": 5, "cvss3": {}, "published": "2012-07-03T16:40:00", "title": "CVE-2012-2133", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2133"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.3.1"], "id": "CVE-2012-2133", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2133", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.", "edition": 5, "cvss3": {}, "published": "2012-06-13T10:24:00", "title": "CVE-2012-2313", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 1.2, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2313"], "modified": "2016-09-06T13:25:00", "cpe": ["cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux_long_life:5.6", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:redhat:enterprise_linux_server_aus:6.2", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:redhat:enterprise_linux_server_eus:6.1.z", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:novell:suse_linux_enterprise_server:10.0", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:redhat:enterprise_linux_eus:5.6.z", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:redhat:enterprise_linux_server_eus:6.2.z"], "id": "CVE-2012-2313", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2313", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:server:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:5:*:server:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:novell:suse_linux_enterprise_server:10.0:sp4:*:*:ltss:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:5.6.z:*:server:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.2.z:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:client:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.", "edition": 5, "cvss3": {}, "published": "2012-06-13T10:24:00", "title": "CVE-2012-2383", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2383"], "modified": "2016-08-23T02:05:00", "cpe": ["cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.3.1"], "id": "CVE-2012-2383", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2383", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:19", "description": "Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.", "edition": 5, "cvss3": {}, "published": "2012-06-13T10:24:00", "title": "CVE-2012-2384", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-2384"], "modified": "2016-08-23T02:05:00", "cpe": ["cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.3.1"], "id": "CVE-2012-2384", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2384", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*"]}], "suse": [{"lastseen": "2016-09-04T12:05:28", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2133", "CVE-2012-2319", "CVE-2012-2127", "CVE-2012-2313"], "description": "The SUSE Linux Enterprise 11 SP2 kernel was updated to\n 3.0.31, fixing lots of bugs and security issues.\n\n Various security and bug fixes contained in the Linux 3.0\n stable releases 3.0.27 up to 3.0.31 are included, but not\n explicitly listed below.\n\n Following security issues were fixed: CVE-2012-2313: The\n dl2k network card driver lacked permission handling for\n some ethtool ioctls, which could allow local attackers to\n start/stop the network card.\n\n CVE-2012-2133: A use after free bug in hugetlb support\n could be used by local attackers to crash the system.\n\n CVE-2012-2127: Various leaks in namespace handling over\n fork where fixed, which could be exploited by e.g. vsftpd\n access by remote users.\n\n CVE-2012-2319: A memory corruption when mounting a hfsplus\n filesystem was fixed that could be used by local attackers\n able to mount filesystem to crash the system.\n\n Following non security bugs were fixed by this update:\n BTRFS:\n - btrfs: partial revert of truncation improvements\n (bnc#748463 bnc#760279).\n - btrfs: fix eof while discarding extents\n - btrfs: check return value of bio_alloc() properly\n - btrfs: return void from clear_state_bit\n - btrfs: avoid possible use-after-free in clear_extent_bit()\n - btrfs: Make free_ipath() deal gracefully with NULL\n pointers\n - btrfs: do not call free_extent_buffer twice in\n iterate_irefs\n - btrfs: add missing read locks in backref.c\n - btrfs: fix max chunk size check in chunk allocator\n - btrfs: double unlock bug in error handling\n - btrfs: do not return EINTR\n - btrfs: fix btrfs_ioctl_dev_info() crash on missing device\n - btrfs: fix that check_int_data mount option was ignored\n - btrfs: do not mount when we have a sectorsize unequal to\n PAGE_SIZE\n - btrfs: avoid possible use-after-free in clear_extent_bit()\n - btrfs: retrurn void from clear_state_bit\n - btrfs: Fix typo in free-space-cache.c\n - btrfs: remove the ideal caching code\n - btrfs: remove search_start and search_end from\n find_free_extent and callers\n - btrfs: adjust the write_lock_level as we unlock\n - btrfs: actually call btrfs_init_lockdep\n - btrfs: fix regression in scrub path resolving\n - btrfs: show useful info in space reservation tracepoint\n - btrfs: flush out and clean up any block device pages\n during mount\n - btrfs: fix deadlock during allocating chunks\n - btrfs: fix race between direct io and autodefrag\n - btrfs: fix the mismatch of page->mapping\n - btrfs: fix recursive defragment with autodefrag option\n - btrfs: add a check to decide if we should defrag the range\n - btrfs: do not bother to defrag an extent if it is a big\n real extent\n - btrfs: update to the right index of defragment\n - btrfs: Fix use-after-free in __btrfs_end_transaction\n - btrfs: stop silently switching single chunks to raid0 on\n balance\n - btrfs: add wrappers for working with alloc profiles\n - btrfs: make profile_is_valid() check more strict\n - btrfs: move alloc_profile_is_valid() to volumes.c\n - btrfs: add get_restripe_target() helper\n - btrfs: add __get_block_group_index() helper\n - btrfs: improve the logic in btrfs_can_relocate()\n - btrfs: validate target profiles only if we are going to\n use them\n - btrfs: allow dup for data chunks in mixed mode\n - btrfs: fix memory leak in resolver code\n - btrfs: fix infinite loop in btrfs_shrink_device()\n - btrfs: error handling locking fixu\n - btrfs: fix uninit variable in repair_eb_io_failure\n - btrfs: always store the mirror we read the eb from\n - btrfs: do not count CRC or header errors twice while\n scrubbing\n - btrfs: do not start delalloc inodes during sync\n - btrfs: fix repair code for RAID10\n - btrfs: Prevent root_list corruption\n - btrfs: fix block_rsv and space_info lock ordering\n - btrfs: Fix space checking during fs resize\n - btrfs: avoid deadlocks from GFP_KERNEL allocations during\n btrfs_real_readdir\n - btrfs: reduce lock contention during extent insertion\n - btrfs: Add properly locking around add_root_to_dirty_list\n - btrfs: Fix mismatching struct members in ioctl.h\n\n netfilter:\n - netfilter: nf_conntrack: make event callback registration\n per-netns (bnc#758540).\n\n\n DRM:\n - drm/edid: Add a workaround for 1366x768 HD panel\n (bnc#753172).\n - drm/edid: Add extra_modes (bnc#753172).\n - drm/edid: Add packed attribute to new gtf2 and cvt\n structs (bnc#753172).\n - drm/edid: Add the reduced blanking DMT modes to the DMT\n list (bnc#753172).\n - drm/edid: Allow drm_mode_find_dmt to hunt for\n reduced-blanking modes (bnc#753172).\n - drm/edid: Do drm_dmt_modes_for_range() for all range\n descriptor types (bnc#753172).\n - drm/edid: Document drm_mode_find_dmt (bnc#753172).\n - drm/edid: Fix some comment typos in the DMT mode list\n (bnc#753172).\n - drm/edid: Generate modes from extra_modes for range\n descriptors (bnc#753172).\n - drm/edid: Give the est3 mode struct a real name\n (bnc#753172).\n - drm/edid: Remove a misleading comment (bnc#753172).\n - drm/edid: Rewrite drm_mode_find_dmt search loop\n (bnc#753172).\n - drm/edid: Update range descriptor struct for EDID 1.4\n (bnc#753172).\n - drm/edid: add missing NULL checks (bnc#753172).\n - drm/edid:\n s/drm_gtf_modes_for_range/drm_dmt_modes_for_range/\n (bnc#753172).\n - Fix kABI for drm EDID improvement patches (bnc#753172).\n - drm: Fix the case where multiple modes are returned from\n EDID (bnc#753172)\n - drm/i915: Add more standard modes to LVDS output\n (bnc#753172).\n - drm/i915: Disable LVDS at mode change (bnc#752022).\n - drm/i915: add Ivy Bridge GT2 Server entries (bnc#759971).\n - drm/i915: delay drm_irq_install() at resume (bnc#753698).\n - EDD: Check for correct EDD 3.0 length (bnc#762285).\n\n XEN:\n - blkfront: make blkif_io_lock spinlock per-device.\n - blkback: streamline main processing loop (fate#309305).\n - blkback: Implement discard requests handling\n (fate#309305).\n - blkback: Enhance discard support with secure erasing\n support (fate#309305).\n - blkfront: Handle discard requests (fate#309305).\n - blkfront: Enhance discard support with secure erasing\n support (fate#309305).\n - blkif: support discard (fate#309305).\n - blkif: Enhance discard support with secure erasing\n support (fate#309305).\n - xen/smpboot: adjust ordering of operations.\n - x86-64: provide a memset() that can deal with 4Gb or\n above at a time (bnc#738528).\n - Update Xen patches to 3.0.27.\n - Update Xen patches to 3.0.31.\n - xen: fix VM_FOREIGN users after c/s 878:eba6fe6d8d53\n (bnc#760974).\n - xen/gntdev: fix multi-page slot allocation (bnc#760974).\n\n TG3:\n - tg3: Avoid panic from reserved statblk field access\n (bnc#760346).\n - tg3: Fix 5717 serdes powerdown problem (bnc#756940).\n - tg3: Fix RSS ring refill race condition (bnc#756940).\n - tg3: Fix single-vector MSI-X code (bnc#756940).\n - tg3: fix ipv6 header length computation (bnc#756940).\n\n S/390:\n - dasd: Fix I/O stall when reserving dasds (bnc#757719).\n - s390/af_iucv: detect down state of HS transport interface\n (bnc#758279,LTC#80859).\n - s390/af_iucv: allow shutdown for HS transport sockets\n (bnc#758279,LTC#80860).\n - mm: s390: Fix BUG by using __set_page_dirty_no_writeback\n on swap. (bnc#751550)\n - s390/qeth: Improve OSA Express 4 blkt defaults\n (bnc#754969,LTC#80325).\n - s390/zcrypt: Fix parameter checking for ZSECSENDCPRB\n ioctl (bnc#754969,LTC#80378).\n - zfcpdump: Implement async sdias event processing\n (bnc#761387,LTC#81330).\n\n ALSA:\n - ALSA: hda - Always resume the codec immediately\n (bnc#750426).\n - ALSA: hda - Add Creative CA0132 HDA codec support\n (bnc#762424).\n - ALSA: hda - Fix error handling in patch_ca0132.c\n (bnc#762424).\n - ALSA: hda - Add the support for Creative SoundCore3D\n (bnc#762424).\n\n OTHER:\n - ixgbe: fix ring assignment issues for SR-IOV and drop\n cases (bnc#761158).\n - ixgbe: add missing rtnl_lock in PM resume path\n (bnc#748859).\n\n - MCE, AMD: Drop too granulary family model checks\n (bnc#758833).\n - EDAC, MCE, AMD: Print CPU number when reporting the error\n (bnc#758833).\n - EDAC, MCE, AMD: Print valid addr when reporting an error\n (bnc#758833).\n\n - libata: skip old error history when counting probe trials.\n\n - x86: kdb: restore kdb stack trace (bnc#760015).\n\n - ehea: fix allmulticast support,\n - ehea: fix promiscuous mode (both bnc#757289)\n - ehea: only register irq after setting up ports\n (bnc#758731).\n - ehea: fix losing of NEQ events when one event occurred\n early (bnc#758731).\n\n - scsi: Silence unnecessary warnings about ioctl to\n partition (bnc#758104).\n - scsi_dh_rdac: Update match function to check page C8\n (bnc#757077).\n - scsi_dh_rdac: Add new NetApp IDs (bnc#757077).\n\n - bluetooth: Add support for Foxconn/Hon Hai AR5BBU22\n 0489:E03C (bnc#759908).\n\n - x86/amd: Add missing feature flag for fam15h models\n 10h-1fh processors (bnc#759340).\n - x86: Report cpb and eff_freq_ro flags correctly\n (bnc#759340).\n - x86, amd: Fix up numa_node information for AMD CPU family\n 15h model 0-0fh northbridge functions (bnc#759340).\n - x86/PCI: amd: Kill misleading message about enablement of\n IO access to PCI ECS] (bnc#759340).\n\n - cdc-wdm: fix race leading leading to memory corruption\n (bnc#759539).\n\n - tlan: add cast needed for proper 64 bit operation\n (bnc#756840).\n\n - bonding:update speed/duplex for NETDEV_CHANGE\n (bnc#752634).\n - bonding: comparing a u8 with -1 is always false\n (bnc#752634).\n - bonding: start slaves with link down for ARP monitor\n (bnc#752634).\n - bonding: do not increase rx_dropped after processing\n LACPDUs (bnc#759657).\n\n - x86: fix the initialization of physnode_map (bnc#748112).\n\n - sched,rt: fix isolated CPUs leaving root_task_group\n indefinitely throttled (bnc#754085).\n\n - Fix SLE11-SP1->SLE11-SP2 interrupt latency regression.\n Revert 0209f649, and turn tick skew on globally, since\n 0209f649 came about to mitigate lock contention that skew\n removal induces, both on xtime_lock and on RCU leaf node\n locks. NOTE: This change trades ~400% latency regression\n fix for power consumption progression that skew removal\n bought (at high cost).\n - Revert mainline 0209f649 - rcu: limit rcu_node leaf-level\n fanout (bnc#718521).\n\n - md: fix possible corruption of array metadata on shutdown.\n - md/bitmap: prevent bitmap_daemon_work running while\n initialising bitmap.\n - md: ensure changes to write-mostly are reflected in\n metadata (bnc#755178).\n\n - cciss: Add IRQF_SHARED back in for the non-MSI(X)\n interrupt handler (bnc#757789).\n\n - procfs, namespace, pid_ns: fix leakage upon fork()\n failure (bnc#757783).\n - mqueue: fix a vfsmount longterm reference leak\n (bnc#757783).\n - procfs: fix a vfsmount longterm reference leak\n (bnc#757783).\n\n\n - scsi_dh_alua: Optimize stpg command (bnc#744758).\n - scsi_dh_alua: Store pref bit from RTPG (bnc#755758).\n - scsi_dh_alua: set_params interface (bnc#755758).\n\n - uwb: fix error handling (bnc#757950).\n - uwb: fix use of del_timer_sync() in interrupt\n (bnc#757950).\n\n - usbhid: fix error handling of not enough bandwidth\n (bnc#704280).\n\n - mm: Improve preservation of page-age information\n (bnc#754690)\n\n - pagecache limit: Fix the shmem deadlock (bnc#755537).\n\n - USB: sierra: add support for Sierra Wireless MC7710\n (bnc#757517).\n - USB: fix resource leak in xhci power loss path\n (bnc#746938).\n\n - x86/iommu/intel: Fix identity mapping for sandy bridge\n (bnc#743232).\n\n - ipv6: Check dest prefix length on original route not\n copied one in rt6_alloc_cow() (bnc#757202).\n - ipv6: do not use inetpeer to store metrics for routes\n (bnc#757202).\n - ipv6: fix problem with expired dst cache (bnc#757205).\n - ipv6: unshare inetpeers.\n - bridge: correct IPv6 checksum after pull (bnc#738644).\n\n - scsi: storvsc: Account for in-transit packets in the\n RESET path.\n\n -\n patches.fixes/mm-mempolicy.c-fix-pgoff-in-mbind-vma-merge.pa\n tch:\n -\n patches.fixes/mm-mempolicy.c-refix-mbind_range-vma-issue.pat\n ch: Fix vma merging issue during mbind affecting JVMs.\n\n - ACPI, APEI: Fix incorrect APEI register bit width check\n and usage (bnc#725592).\n\n - vmxnet3: cap copy length at size of skb to prevent\n dropped frames on tx (bnc#755812).\n\n - rt2x00: rt2x00dev: move rfkill_polling register to proper\n place (bnc#748806).\n\n - pagecache: fix the BUG_ON safety belt\n - pagecache: Fixed the GFP_NOWAIT is zero and not suitable\n for tests bug (bnc#755537)\n\n - igb: reset PHY after recovering from PHY power down.\n (bnc#745088)\n - igb: fix rtnl race in PM resume path (bnc#748859).\n\n - watchdog: iTCO_wdt.c - problems with newer hardware due\n to SMI clearing (bnc#757373).\n - watchdog: iTCO_wdt.c - problems with newer hardware due\n to SMI clearing (bnc#757373, redhat#727875).\n\n - cfq-iosched: Reduce linked group count upon group\n destruction (bnc#759541).\n - cdc_ether: Ignore bogus union descriptor for RNDIS\n devices (bnc#761772).\n - sys_poll: fix incorrect type for timeout parameter\n (bnc#754428).\n\n - staging:rts_pstor:Avoid "Bad target number" message when\n probing driver (bnc#762329).\n - staging:rts_pstor:Complete scanning_done variable\n (bnc#762329).\n - staging:rts_pstor:Fix SDIO issue (bnc#762329).\n - staging:rts_pstor: Fix a bug that a MMCPlus card ca not\n be accessed (bnc#762329).\n - staging:rts_pstor: Fix a miswriting (bnc#762329).\n - staging:rts_pstor:Fix possible panic by NULL pointer\n dereference (bnc#762329).\n - staging:rts_pstor: fix thread synchronization flow\n (bnc#762329).\n - freezer:do not unnecessarily set PF_NOFREEZE explicitly\n (bnc#762329).\n - staging:rts_pstor: off by one in for loop (bnc#762329).\n\n - patches.suse/cgroup-disable-memcg-when-low-lowmem.patch:\n fix typo: use if defined(CONFIG_*) rather than if CONFIG_*\n", "edition": 1, "modified": "2012-06-02T02:08:32", "published": "2012-06-02T02:08:32", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00001.html", "id": "SUSE-SU-2012:0689-1", "title": "kernel update for SLE11 SP2 (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:38:49", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2319", "CVE-2011-4324", "CVE-2011-2928", "CVE-2012-2313", "CVE-2011-4330", "CVE-2011-4077"], "description": "This Linux kernel update fixes various security issues and\n bugs in the SUSE Linux Enterprise 10 SP4 kernel.\n\n The following security issues have been fixed:\n\n *\n\n CVE-2012-2319: A memory corruption when mounting a\n hfsplus filesystem was fixed that could be used by local\n attackers able to mount filesystem to crash the system.\n\n *\n\n CVE-2012-2313: The dl2k network card driver lacked\n permission handling for some ethtool ioctls, which could\n allow local attackers to start/stop the network card.\n\n *\n\n CVE-2011-2928: The befs_follow_linkl function in\n fs/befs/linuxvfs.c in the Linux kernel did not validate the\n lenght attribute of long symlinsk, which allowed local\n users to cause a denial of service (incorrect pointer\n dereference and Ooops) by accessing a long symlink on a\n malformed Be filesystem.\n\n *\n\n CVE-2011-4077: Fixed a memory corruption possibility\n in xfs readlink, which could be used by local attackers to\n crash the system or potentially execute code by mounting a\n prepared xfs filesystem image.\n\n *\n\n CVE-2011-4324: A BUG() error report in the nfs4xdr\n routines on a NFSv4 mount was fixed that could happen\n during mknod.\n\n *\n\n CVE-2011-4330: Mounting a corrupted hfs filesystem\n could lead to a buffer overflow.\n\n The following non-security issues have been fixed:\n\n * kernel: pfault task state race (bnc#764128,LTC#81724).\n * ap: Toleration for ap bus devices with device type 10\n (bnc#761389).\n * hugetlb, numa: fix interleave mpol reference count\n (bnc#762111).\n * cciss: fixup kdump (bnc#730200).\n * kdump: Avoid allocating bootmem map over crash\n reserved region (bnc#749168, bnc#722400, bnc#742881).\n * qeth: Improve OSA Express 4 blkt defaults\n (bnc#754964,LTC#80325).\n * zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl\n (bnc#754964,LTC#80378).\n * virtio: add names to virtqueue struct, mapping from\n devices to queues (bnc#742148).\n * virtio: find_vqs/del_vqs virtio operations\n (bnc#742148).\n * virtio_pci: optional MSI-X support (bnc#742148).\n * virtio_pci: split up vp_interrupt (bnc#742148).\n * knfsd: nfsd4: fix laundromat shutdown race (752556).\n * driver core: Check for valid device in\n bus_find_device() (bnc#729685).\n * VMware detection backport from mainline (bnc#671124,\n bnc#747381).\n * net: adding memory barrier to the poll and receive\n callbacks (bnc#746397 bnc#750928).\n * qla2xxx: drop reference before wait for completion\n (bnc#744592).\n * qla2xxx: drop reference before wait for completion\n (bnc#744592).\n * ixgbe driver sets all WOL flags upon initialization\n so that machine is powered on as soon at it is switched off\n (bnc#693639)\n * Properly release MSI(X) vector(s) when MSI(X) gets\n disabled (bnc#723294, bnc#721869).\n * scsi: Always retry internal target error (bnc#745640).\n * cxgb4: fix parent device access in netdev_printk\n (bnc#733155).\n * lcs: lcs offline failure (bnc#752486,LTC#79788).\n * qeth: add missing wake_up call (bnc#752486,LTC#79899).\n * NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and\n MKDIR (bnc#751880).\n * xenbus: Reject replies with payload >\n XENSTORE_PAYLOAD_MAX.\n * xenbus_dev: add missing error checks to watch\n handling.\n * blkfront: properly fail packet requests (bnc#745929).\n * blkback: failure to write "feature-barrier" node is\n non-fatal.\n * igb: Free MSI and MSIX interrupt vectors on driver\n remove or shutdown (bnc#723294).\n * igb: Fix for Alt MAC Address feature on 82580 and\n later devices (bnc#746980).\n * igb: Free MSI and MSIX interrupt vectors on driver\n remove or shutdown (bnc#723294).\n * cfq: Fix infinite loop in cfq_preempt_queue()\n (bnc#724692).\n * dasd: fix fixpoint divide exception in define_extent\n (bnc#750168,LTC#79125).\n * ctcmpc: use correct idal word list for ctcmpc\n (bnc#750168,LTC#79264).\n * patches.fixes/ext3-fix-reuse-of-freed-blocks.diff:\n Delete. Patch should not really be needed and apparently\n causes a performance regression (bnc#683270)\n * tcp: fix race condition leading to premature\n termination of sockets in FIN_WAIT2 state and connection\n being reset (bnc#745760)\n * kernel: console interrupts vs. panic\n (bnc#737325,LTC#77272).\n * af_iucv: remove IUCV-pathes completely\n (bnc#737325,LTC#78292).\n * qdio: wrong buffers-used counter for ERROR buffers\n (bnc#737325,LTC#78758).\n * ext3: Fix credit estimate for DIO allocation\n (bnc#745732).\n * jbd: validate sb->s_first in journal_get_superblock()\n (bnc#730118).\n * ocfs2: serialize unaligned aio (bnc#671479).\n * cifs: eliminate usage of kthread_stop for cifsd\n (bnc#718343).\n * virtio: fix wrong type used, resulting in truncated\n addresses in bigsmp kernel. (bnc#737899)\n * cciss: Adds simple mode functionality (bnc#730200).\n * blktap: fix locking (again) (bnc#724734).\n * block: Initial support for data-less (or empty)\n barrier support (bnc#734707 FATE#313126).\n * xen: Do not allow empty barriers to be passed down to\n queues that do not grok them (bnc#734707 FATE#313126).\n * linkwatch: Handle jiffies wrap-around (bnc#740131).\n", "edition": 1, "modified": "2012-06-14T18:08:31", "published": "2012-06-14T18:08:31", "id": "SUSE-SU-2012:0736-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-06/msg00017.html", "title": "Security update for Linux kernel (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2020-08-01T13:29:33", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2390", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-3552", "CVE-2012-3430"], "description": "[2.6.32-279.9.1.el6]\n- [md] raid1, raid10: avoid deadlock during resync/recovery. (Dave Wysochanski) [845464 835613]\n- [fs] dlm: fix deadlock between dlm_send and dlm_controld (David Teigland) [849051 824964]\n- [ata] libata: Add space to fix 2GB ATA Flash Disk/ADMA428M blacklist (Prarit Bhargava) [851445 843849]\n- [fs] nfs: nfs_attr_use_mounted_on_file() missing return value (Frantisek Hrbata) [847945 842312]\n- [fs] gfs2: Make gfs2_write_end not dirty the inode with every write (Robert S Peterson) [849551 844814]\n- [net] sched/act_mirred: do not drop packets when fails to mirror it (Jason Wang) [851444 846585]\n- [net] sched: fix race in mirred device removal (Jason Wang) [851444 846585]\n- [net] sched: printk message severity (Jason Wang) [851444 846585]\n- [net] sched: act_mirred cleanup (Jason Wang) [851444 846585]\n- [kernel] sched: Fix signed unsigned comparison in check_preempt_tick() (Frederic Weisbecker) [843102 835797]\n- [netdrv] be2net: reduce gso_max_size setting to account for ethernet header (Ivan Vecera) [842757 834185]\n- [powerpc] Fix wrong divisor in usecs_to_cputime backport (Steve Best) [847727 821374]\n- [fs] procfs: do not confuse jiffies with cputime64_t (Frantisek Hrbata) [847727 821374]\n- [kernel] time: Add nsecs_to_cputime64 interface for asm-generic (Steve Best) [847727 821374]\n- [powerpc] Fix wrong divisor in usecs_to_cputime (Steve Best) [847727 821374]\n[2.6.32-279.8.1.el6]\n- [netdrv] e1000e: prevent oops when adapter is being closed and reset simultaneously (Dean Nelson) [847045 826375]\n- [net] tcp: clear hints to avoid a stale one (Andy Gospodarek) [846832 807704]\n- [md] dm-raid1: Fix mirror crash when discard request is sent and sync is in progress (Mikulas Patocka) [846839 837607]\n- [netdrv] bond_alb: dont disable softirq under bond_alb_xmit (Jiri Pirko) [846216 841987]\n- [x86] ioapic: Fix kdump race with migrating irq (Don Zickus) [812962 783322]\n- [net] rds: set correct msg_namelen (Weiping Pan) [822729 822731] {CVE-2012-3430}\n- [x86] amd_iommu: Fix SRIOV and hotplug devices (Stefan Assmann) [846838 832009]\n- [mm] hugetlb: fix resv_map leak in error path (Motohiro Kosaki) [824350 824351] {CVE-2012-2390}\n- [netdrv] dl2k: fix unfiltered netdev rio_ioctl access by users (Jacob Tanenbaum) [818824 818825] {CVE-2012-2313}\n- [drm] i915: fix integer overflow in i915_gem_do_execbuffer() (Jacob Tanenbaum) [824561 824563] {CVE-2012-2384}\n- [virt] kvm: handle last_boosted_vcpu = 0 case (Rik van Riel) [847042 827031]\n- [md] raid5: Reintroduce locking in handle_stripe() to avoid racing (Jes Sorensen) [846836 828065]\n- [kernel] timekeeping: Fix leapsecond triggered load spike issue (Prarit Bhargava) [847366 840950 836803 836748]\n- [kernel] hrtimer: Provide clock_was_set_delayed() (Prarit Bhargava) [847366 840950 836803 836748]\n- [kernel] ntp: Add ntp_lock to replace xtime_locking (Prarit Bhargava) [847366 840950 836803 836748]\n- [fs] proc/stat: fix whitespace damage in use arch_idle_time patch (Steve Best) [841579 841149]\n[2.6.32-279.7.1.el6]\n- [net] netconsole: fix deadlock on network restart (Jiri Benc) [842982 839266]\n[2.6.32-279.6.1.el6]\n- [net] ipv4: add RCU protection to inet->opt (Jiri Pirko) [844274 829109]\n- [net] tun: allow tap iface in netconsoled bridge (Jiri Benc) [842984 838025]", "edition": 5, "modified": "2012-09-25T00:00:00", "published": "2012-09-25T00:00:00", "id": "ELSA-2012-1304", "href": "http://linux.oracle.com/errata/ELSA-2012-1304.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:06", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2313"], "description": "kernel\n[2.6.18-308.13.1.0.1.el5]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\n- [net] bonding: fix carrier detect when bond is down [orabug 12377284]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- [scsi] fix scsi hotplug and rescan race [orabug 10260172]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105]\n RDS: Fix BUG_ONs to not fire when in a tasklet\n ipoib: Fix lockup of the tx queue\n RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)\n RDS: Properly unmap when getting a remote access error (Tina Yang)\n RDS: Fix locking in rds_send_drop_to()\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n[2.6.18-308.13.1.el5]\n- [net] e1000e: Cleanup logic in e1000_check_for_serdes_link_82571 (Dean Nelson) [841370 771366]\n- [net] e1000e: Correct link check logic for 82571 serdes (Dean Nelson) [841370 771366]\n- [mm] NULL pointer dereference in __vm_enough_memory (Jerome Marchand) [840077 836244]\n- [fs] dlm: fix slow rsb search in dir recovery (David Teigland) [838140 753244]\n- [fs] autofs: propogate LOOKUP_DIRECTORY flag only for last comp (Ian Kent) [830264 814418]\n- [fs] ext4: properly dirty split extent nodes (Eric Sandeen) [840946 839770]\n- [scsi] don't offline devices with a reservation conflict (David Jeffery) [839196 835660]\n- [fs] ext4: Fix overflow caused by missing cast in ext4_fallocate (Lukas Czerner) [837226 830351]\n- [net] dl2k: Clean up rio_ioctl (Weiping Pan) [818822 818823] {CVE-2012-2313}\n- [x86] sched: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [835450 834562]\n- [net] tg3: Fix TSO handling (John Feeney) [833182 795672]\n- [input] evdev: use after free from open/disconnect race (David Jeffery) [832448 822166]\n[2.6.18-308.12.1.el5]\n- [fs] nfs: Don't allow multiple mounts on same mntpnt with -o noac (Sachin Prabhu) [839806 839753]", "edition": 5, "modified": "2012-08-22T00:00:00", "published": "2012-08-22T00:00:00", "id": "ELSA-2012-1174-1", "href": "http://linux.oracle.com/errata/ELSA-2012-1174-1.html", "title": "1 ", "type": "oraclelinux", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:01", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2390", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-3552", "CVE-2012-3430"], "description": "**Issue Overview:**\n\nAn integer overflow flaw was found in the i915_gem_do_execbuffer() function in the Intel i915 driver in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service. This issue only affected 32-bit systems. ([CVE-2012-2384 __](<https://access.redhat.com/security/cve/CVE-2012-2384>), Moderate)\n\nA memory leak flaw was found in the way the Linux kernel's memory subsystem handled resource clean up in the mmap() failure path when the MAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to cause a denial of service. ([CVE-2012-2390 __](<https://access.redhat.com/security/cve/CVE-2012-2390>), Moderate)\n\nA race condition was found in the way access to inet->opt ip_options was synchronized in the Linux kernel's TCP/IP protocol suite implementation. Depending on the network facing applications running on the system, a remote attacker could possibly trigger this flaw to cause a denial of service. A local, unprivileged user could use this flaw to cause a denial of service regardless of the applications the system runs. ([CVE-2012-3552 __](<https://access.redhat.com/security/cve/CVE-2012-3552>), Moderate)\n\nA flaw was found in the way the Linux kernel's dl2k driver, used by certain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local, unprivileged user could use this flaw to issue potentially harmful IOCTLs, which could cause Ethernet adapters using the dl2k driver to malfunction (for example, losing network connectivity). ([CVE-2012-2313 __](<https://access.redhat.com/security/cve/CVE-2012-2313>), Low)\n\nA flaw was found in the way the msg_namelen variable in the rds_recvmsg() function of the Linux kernel's Reliable Datagram Sockets (RDS) protocol implementation was initialized. A local, unprivileged user could use this flaw to leak kernel stack memory to user-space. ([CVE-2012-3430 __](<https://access.redhat.com/security/cve/CVE-2012-3430>), Low)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-tools-3.2.30-49.59.amzn1.i686 \n kernel-tools-debuginfo-3.2.30-49.59.amzn1.i686 \n kernel-devel-3.2.30-49.59.amzn1.i686 \n kernel-debuginfo-common-i686-3.2.30-49.59.amzn1.i686 \n kernel-3.2.30-49.59.amzn1.i686 \n kernel-headers-3.2.30-49.59.amzn1.i686 \n kernel-debuginfo-3.2.30-49.59.amzn1.i686 \n \n noarch: \n kernel-doc-3.2.30-49.59.amzn1.noarch \n \n src: \n kernel-3.2.30-49.59.amzn1.src \n \n x86_64: \n kernel-debuginfo-3.2.30-49.59.amzn1.x86_64 \n kernel-tools-3.2.30-49.59.amzn1.x86_64 \n kernel-3.2.30-49.59.amzn1.x86_64 \n kernel-devel-3.2.30-49.59.amzn1.x86_64 \n kernel-tools-debuginfo-3.2.30-49.59.amzn1.x86_64 \n kernel-headers-3.2.30-49.59.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.2.30-49.59.amzn1.x86_64 \n \n \n", "edition": 5, "modified": "2012-10-08T10:43:00", "published": "2012-10-08T10:43:00", "id": "ALAS-2012-133", "href": "https://alas.aws.amazon.com/ALAS-2012-133.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-10T12:35:46", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2313"], "description": "**Issue Overview:**\n\nThe rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-tools-3.2.18-1.26.6.amzn1.i686 \n kernel-headers-3.2.18-1.26.6.amzn1.i686 \n kernel-3.2.18-1.26.6.amzn1.i686 \n kernel-debuginfo-common-i686-3.2.18-1.26.6.amzn1.i686 \n kernel-debuginfo-3.2.18-1.26.6.amzn1.i686 \n kernel-tools-debuginfo-3.2.18-1.26.6.amzn1.i686 \n kernel-devel-3.2.18-1.26.6.amzn1.i686 \n \n noarch: \n kernel-doc-3.2.18-1.26.6.amzn1.noarch \n \n src: \n kernel-3.2.18-1.26.6.amzn1.src \n \n x86_64: \n kernel-tools-3.2.18-1.26.6.amzn1.x86_64 \n kernel-debuginfo-3.2.18-1.26.6.amzn1.x86_64 \n kernel-3.2.18-1.26.6.amzn1.x86_64 \n kernel-tools-debuginfo-3.2.18-1.26.6.amzn1.x86_64 \n kernel-devel-3.2.18-1.26.6.amzn1.x86_64 \n kernel-headers-3.2.18-1.26.6.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.2.18-1.26.6.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-05-21T16:47:00", "published": "2012-05-21T16:47:00", "id": "ALAS-2012-078", "href": "https://alas.aws.amazon.com/ALAS-2012-78.html", "title": "Low: kernel", "type": "amazon", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2020-08-01T10:06:05", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2313", "CVE-2012-2384", "CVE-2012-2390", "CVE-2012-3430", "CVE-2012-3552"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* An integer overflow flaw was found in the i915_gem_do_execbuffer()\nfunction in the Intel i915 driver in the Linux kernel. A local,\nunprivileged user could use this flaw to cause a denial of service. This\nissue only affected 32-bit systems. (CVE-2012-2384, Moderate)\n\n* A memory leak flaw was found in the way the Linux kernel's memory\nsubsystem handled resource clean up in the mmap() failure path when the\nMAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to\ncause a denial of service. (CVE-2012-2390, Moderate)\n\n* A race condition was found in the way access to inet->opt ip_options was\nsynchronized in the Linux kernel's TCP/IP protocol suite implementation.\nDepending on the network facing applications running on the system, a\nremote attacker could possibly trigger this flaw to cause a denial of\nservice. A local, unprivileged user could use this flaw to cause a denial\nof service regardless of the applications the system runs. (CVE-2012-3552,\nModerate)\n\n* A flaw was found in the way the Linux kernel's dl2k driver, used by\ncertain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local,\nunprivileged user could use this flaw to issue potentially harmful IOCTLs,\nwhich could cause Ethernet adapters using the dl2k driver to malfunction\n(for example, losing network connectivity). (CVE-2012-2313, Low)\n\n* A flaw was found in the way the msg_namelen variable in the rds_recvmsg()\nfunction of the Linux kernel's Reliable Datagram Sockets (RDS) protocol\nimplementation was initialized. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)\n\nRed Hat would like to thank Hafid Lin for reporting CVE-2012-3552, and\nStephan Mueller for reporting CVE-2012-2313. The CVE-2012-3430 issue was\ndiscovered by the Red Hat InfiniBand team.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:06", "published": "2012-09-25T04:00:00", "id": "RHSA-2012:1304", "href": "https://access.redhat.com/errata/RHSA-2012:1304", "type": "redhat", "title": "(RHSA-2012:1304) Moderate: kernel security and bug fix update", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:31", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2313"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issue:\n\n* A flaw was found in the way the Linux kernel's dl2k driver, used by\ncertain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local,\nunprivileged user could use this flaw to issue potentially harmful IOCTLs,\nwhich could cause Ethernet adapters using the dl2k driver to malfunction\n(for example, losing network connectivity). (CVE-2012-2313, Low)\n\nRed Hat would like to thank Stephan Mueller for reporting this issue.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2017-09-08T12:19:38", "published": "2012-08-21T04:00:00", "id": "RHSA-2012:1174", "href": "https://access.redhat.com/errata/RHSA-2012:1174", "type": "redhat", "title": "(RHSA-2012:1174) Low: kernel security and bug fix update", "cvss": {"score": 1.2, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:P"}}], "centos": [{"lastseen": "2020-08-01T13:29:42", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2390", "CVE-2012-2313", "CVE-2012-2384", "CVE-2012-3552", "CVE-2012-3430"], "description": "**CentOS Errata and Security Advisory** CESA-2012:1304\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* An integer overflow flaw was found in the i915_gem_do_execbuffer()\nfunction in the Intel i915 driver in the Linux kernel. A local,\nunprivileged user could use this flaw to cause a denial of service. This\nissue only affected 32-bit systems. (CVE-2012-2384, Moderate)\n\n* A memory leak flaw was found in the way the Linux kernel's memory\nsubsystem handled resource clean up in the mmap() failure path when the\nMAP_HUGETLB flag was set. A local, unprivileged user could use this flaw to\ncause a denial of service. (CVE-2012-2390, Moderate)\n\n* A race condition was found in the way access to inet->opt ip_options was\nsynchronized in the Linux kernel's TCP/IP protocol suite implementation.\nDepending on the network facing applications running on the system, a\nremote attacker could possibly trigger this flaw to cause a denial of\nservice. A local, unprivileged user could use this flaw to cause a denial\nof service regardless of the applications the system runs. (CVE-2012-3552,\nModerate)\n\n* A flaw was found in the way the Linux kernel's dl2k driver, used by\ncertain D-Link Gigabit Ethernet adapters, restricted IOCTLs. A local,\nunprivileged user could use this flaw to issue potentially harmful IOCTLs,\nwhich could cause Ethernet adapters using the dl2k driver to malfunction\n(for example, losing network connectivity). (CVE-2012-2313, Low)\n\n* A flaw was found in the way the msg_namelen variable in the rds_recvmsg()\nfunction of the Linux kernel's Reliable Datagram Sockets (RDS) protocol\nimplementation was initialized. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)\n\nRed Hat would like to thank Hafid Lin for reporting CVE-2012-3552, and\nStephan Mueller for reporting CVE-2012-2313. The CVE-2012-3430 issue was\ndiscovered by the Red Hat InfiniBand team.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-September/030939.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1304.html", "edition": 4, "modified": "2012-09-26T01:59:30", "published": "2012-09-26T01:59:30", "href": "http://lists.centos.org/pipermail/centos-announce/2012-September/030939.html", "id": "CESA-2012:1304", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}]}
