Ubuntu 10.04 LTS : linux vulnerability (USN-1651-1)
2012-12-02T00:00:00
ID UBUNTU_USN-1651-1.NASL Type nessus Reporter Tenable Modified 2016-10-26T00:00:00
Description
Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-1651-1. The text
# itself is copyright (C) Canonical, Inc. See
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered
# trademark of Canonical, Inc.
#
include("compat.inc");
if (description)
{
script_id(63123);
script_version("$Revision: 1.7 $");
script_cvs_date("$Date: 2016/10/26 14:05:58 $");
script_cve_id("CVE-2012-4565");
script_osvdb_id(88048);
script_xref(name:"USN", value:"1651-1");
script_name(english:"Ubuntu 10.04 LTS : linux vulnerability (USN-1651-1)");
script_summary(english:"Checks dpkg output for updated packages.");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Ubuntu host is missing one or more security-related
patches."
);
script_set_attribute(
attribute:"description",
value:
"Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois
congestion control algorithm. A local attacker could use this to cause
a denial of service.
Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual");
script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:10.04:-:lts");
script_set_attribute(attribute:"patch_publication_date", value:"2012/11/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/12/02");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.");
script_family(english:"Ubuntu Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");
if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(10\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 10.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);
flag = 0;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-45-386", pkgver:"2.6.32-45.100")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-45-generic", pkgver:"2.6.32-45.100")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-45-generic-pae", pkgver:"2.6.32-45.100")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-45-lpia", pkgver:"2.6.32-45.100")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-45-preempt", pkgver:"2.6.32-45.100")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-45-server", pkgver:"2.6.32-45.100")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-45-versatile", pkgver:"2.6.32-45.100")) flag++;
if (ubuntu_check(osver:"10.04", pkgname:"linux-image-2.6.32-45-virtual", pkgver:"2.6.32-45.100")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : ubuntu_report_get()
);
exit(0);
}
else
{
tested = ubuntu_pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "linux-image-2.6-386 / linux-image-2.6-generic / etc");
}
{"id": "UBUNTU_USN-1651-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 10.04 LTS : linux vulnerability (USN-1651-1)", "description": "Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-12-02T00:00:00", "modified": "2016-10-26T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63123", "reporter": "Tenable", "references": [], "cvelist": ["CVE-2012-4565"], "type": "nessus", "lastseen": "2017-10-29T13:33:45", "history": [{"bulletin": {"bulletinFamily": "scanner", "cpe": [], "cvelist": ["CVE-2012-4565"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 2, "enchantments": {}, "hash": "45e57afe29b6452a428b4b58075ec80d449e144d573c4aeb7e66ad134f15ad56", "hashmap": [{"hash": "4a421463135a0f5e506740db32d16b97", "key": "pluginID"}, {"hash": "5743fcbd9430b2d4e6ec1c74c52b1b01", "key": "published"}, {"hash": "4daa5d8d3b0a2548fec73f2bc827a288", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "075e8cd4f9adfe882c3e69ba44b9bee4", "key": "description"}, {"hash": "11227a90b0f26ca2d31f6f3c839a8040", "key": "sourceData"}, {"hash": "1d731490b777bc15c5d9375993128995", "key": "modified"}, {"hash": "8deb809e68b19b501d32111a0c40aab0", "key": "title"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "efc8932a8a1683a32c04085c885f4028", "key": "cvelist"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}, {"hash": "6696abd4d7ecb2eddfb1aae455c30e56", "key": "cvss"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=63123", "id": "UBUNTU_USN-1651-1.NASL", "lastseen": "2016-10-26T21:23:26", "modified": "2016-10-26T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "63123", "published": "2012-12-02T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1651-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63123);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/10/26 14:05:58 $\");\n\n script_cve_id(\"CVE-2012-4565\");\n script_osvdb_id(88048);\n script_xref(name:\"USN\", value:\"1651-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerability (USN-1651-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-386\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-generic\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-generic-pae\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-lpia\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-preempt\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-server\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-versatile\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-virtual\", pkgver:\"2.6.32-45.100\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "title": "Ubuntu 10.04 LTS : linux vulnerability (USN-1651-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["cpe"], "edition": 2, "lastseen": "2016-10-26T21:23:26"}, {"bulletin": {"bulletinFamily": "exploit", "cvelist": ["CVE-2012-4565"], "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "description": "Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 1, "hash": "478d065c8500472bf9f20f3f851a5be7926014379cf4d0e5131aa17fb5115df6", "hashmap": [{"hash": "708697c63f7eb369319c6523380bdf7a", "key": "bulletinFamily"}, {"hash": "5ebefc09f1b29d9e0dad2276c1ad05e8", "key": "modified"}, {"hash": "4a421463135a0f5e506740db32d16b97", "key": "pluginID"}, {"hash": "5743fcbd9430b2d4e6ec1c74c52b1b01", "key": "published"}, {"hash": "4daa5d8d3b0a2548fec73f2bc827a288", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "56765472680401499c79732468ba4340", "key": "objectVersion"}, {"hash": "9cf00d658b687f030ebe173a0528c567", "key": "reporter"}, {"hash": "075e8cd4f9adfe882c3e69ba44b9bee4", "key": "description"}, {"hash": "8deb809e68b19b501d32111a0c40aab0", "key": "title"}, {"hash": "6e25a182b2a78c35bbef6f8cc3e94c9e", "key": "cvss"}, {"hash": "4d99f2f3718822455f632464e6a7e3fe", "key": "sourceData"}, {"hash": "5e0bd03bec244039678f2b955a2595aa", "key": "type"}, {"hash": "efc8932a8a1683a32c04085c885f4028", "key": "cvelist"}, {"hash": "c9b7d00377a789a14c9bb9dab6c7168c", "key": "naslFamily"}], "history": [], "href": "https://www.tenable.com/plugins/index.php?view=single&id=63123", "id": "UBUNTU_USN-1651-1.NASL", "lastseen": "2016-09-26T17:23:18", "modified": "2016-05-25T00:00:00", "naslFamily": "Ubuntu Local Security Checks", "objectVersion": "1.2", "pluginID": "63123", "published": "2012-12-02T00:00:00", "references": [], "reporter": "Tenable", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1651-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63123);\n script_version(\"$Revision: 1.6 $\");\n script_cvs_date(\"$Date: 2016/05/25 16:19:25 $\");\n\n script_cve_id(\"CVE-2012-4565\");\n script_osvdb_id(88048);\n script_xref(name:\"USN\", value:\"1651-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerability (USN-1651-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-45-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-45-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-45-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-45-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-45-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-45-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-45-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6.32-45-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-386\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-generic\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-generic-pae\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-lpia\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-preempt\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-server\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-versatile\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-virtual\", pkgver:\"2.6.32-45.100\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6.32-45-386 / linux-image-2.6.32-45-generic / etc\");\n}\n", "title": "Ubuntu 10.04 LTS : linux vulnerability (USN-1651-1)", "type": "nessus", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2016-09-26T17:23:18"}], "edition": 3, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cpe", "hash": "c75e6e3dfdb02740006853c7958e5981"}, {"key": "cvelist", "hash": "efc8932a8a1683a32c04085c885f4028"}, {"key": "cvss", "hash": "6696abd4d7ecb2eddfb1aae455c30e56"}, {"key": "description", "hash": "075e8cd4f9adfe882c3e69ba44b9bee4"}, {"key": "href", "hash": "4daa5d8d3b0a2548fec73f2bc827a288"}, {"key": "modified", "hash": "1d731490b777bc15c5d9375993128995"}, {"key": "naslFamily", "hash": "c9b7d00377a789a14c9bb9dab6c7168c"}, {"key": "pluginID", "hash": "4a421463135a0f5e506740db32d16b97"}, {"key": "published", "hash": "5743fcbd9430b2d4e6ec1c74c52b1b01"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "9cf00d658b687f030ebe173a0528c567"}, {"key": "sourceData", "hash": "11227a90b0f26ca2d31f6f3c839a8040"}, {"key": "title", "hash": "8deb809e68b19b501d32111a0c40aab0"}, {"key": "type", "hash": "5e0bd03bec244039678f2b955a2595aa"}], "hash": "e53fd7e6b50ea4dc266b6b76d7ae6db1deacbe6a96e6a92ff99ad222c27b18e0", "viewCount": 0, "enchantments": {"vulnersScore": 2.8}, "objectVersion": "1.3", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1651-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(63123);\n script_version(\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2016/10/26 14:05:58 $\");\n\n script_cve_id(\"CVE-2012-4565\");\n script_osvdb_id(88048);\n script_xref(name:\"USN\", value:\"1651-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerability (USN-1651-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois\ncongestion control algorithm. A local attacker could use this to cause\na denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2016 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-386\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-generic\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-generic-pae\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-lpia\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-preempt\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-server\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-versatile\", pkgver:\"2.6.32-45.100\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-45-virtual\", pkgver:\"2.6.32-45.100\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "63123", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia"]}
{"result": {"cve": [{"id": "CVE-2012-4565", "type": "cve", "title": "CVE-2012-4565", "description": "The tcp_illinois_info function in net/ipv4/tcp_illinois.c in the Linux kernel before 3.4.19, when the net.ipv4.tcp_congestion_control illinois setting is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) by reading TCP stats.", "published": "2012-12-21T06:47:36", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4565", "cvelist": ["CVE-2012-4565"], "lastseen": "2016-09-03T17:04:39"}], "openvas": [{"id": "OPENVAS:841240", "type": "openvas", "title": "Ubuntu Update for linux USN-1651-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1651-1", "published": "2012-12-04T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841240", "cvelist": ["CVE-2012-4565"], "lastseen": "2017-12-04T11:21:08"}, {"id": "OPENVAS:841238", "type": "openvas", "title": "Ubuntu Update for linux USN-1650-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1650-1", "published": "2012-12-04T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841238", "cvelist": ["CVE-2012-4565"], "lastseen": "2017-12-04T11:20:36"}, {"id": "OPENVAS:1361412562310841243", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-1653-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1653-1", "published": "2012-12-06T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841243", "cvelist": ["CVE-2012-4565"], "lastseen": "2018-04-06T11:20:42"}, {"id": "OPENVAS:841243", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-1653-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1653-1", "published": "2012-12-06T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=841243", "cvelist": ["CVE-2012-4565"], "lastseen": "2017-12-04T11:21:12"}, {"id": "OPENVAS:1361412562310841240", "type": "openvas", "title": "Ubuntu Update for linux USN-1651-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1651-1", "published": "2012-12-04T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841240", "cvelist": ["CVE-2012-4565"], "lastseen": "2018-04-06T11:20:32"}, {"id": "OPENVAS:1361412562310841238", "type": "openvas", "title": "Ubuntu Update for linux USN-1650-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1650-1", "published": "2012-12-04T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841238", "cvelist": ["CVE-2012-4565"], "lastseen": "2018-04-06T11:19:06"}, {"id": "OPENVAS:1361412562310841228", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1649-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1649-1", "published": "2012-12-04T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841228", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2018-02-05T11:08:00"}, {"id": "OPENVAS:1361412562310841237", "type": "openvas", "title": "Ubuntu Update for linux USN-1648-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1648-1", "published": "2012-12-04T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841237", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2018-04-06T11:16:48"}, {"id": "OPENVAS:1361412562310841239", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-oneiric USN-1652-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1652-1", "published": "2012-12-04T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841239", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2018-04-06T11:18:17"}, {"id": "OPENVAS:1361412562310841236", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1647-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1647-1", "published": "2012-12-04T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841236", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2018-04-06T11:18:55"}], "nessus": [{"id": "FEDORA_2012-17462.NASL", "type": "nessus", "title": "Fedora 17 : kernel-3.6.5-1.fc17 (2012-17462)", "description": "Update to latest upstream stable release.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-11-07T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=62830", "cvelist": ["CVE-2012-4565"], "lastseen": "2017-10-29T13:44:26"}, {"id": "UBUNTU_USN-1650-1.NASL", "type": "nessus", "title": "Ubuntu 8.04 LTS : linux vulnerability (USN-1650-1)", "description": "Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-12-02T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63122", "cvelist": ["CVE-2012-4565"], "lastseen": "2017-10-29T13:36:11"}, {"id": "UBUNTU_USN-1653-1.NASL", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerability (USN-1653-1)", "description": "Rodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-12-05T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63154", "cvelist": ["CVE-2012-4565"], "lastseen": "2017-10-29T13:38:16"}, {"id": "UBUNTU_USN-1652-1.NASL", "type": "nessus", "title": "Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1652-1)", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-12-02T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63124", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2017-10-29T13:45:53"}, {"id": "UBUNTU_USN-1648-1.NASL", "type": "nessus", "title": "Ubuntu 11.10 : linux vulnerabilities (USN-1648-1)", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-12-02T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63120", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2017-10-29T13:44:42"}, {"id": "UBUNTU_USN-1647-1.NASL", "type": "nessus", "title": "USN-1647-1 : linux-ti-omap4 vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)", "published": "2012-12-02T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63119", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2017-10-29T13:44:45"}, {"id": "UBUNTU_USN-1649-1.NASL", "type": "nessus", "title": "USN-1649-1 : linux-ti-omap4 vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)", "published": "2012-12-02T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63121", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2017-10-29T13:33:21"}, {"id": "FEDORA_2012-17413.NASL", "type": "nessus", "title": "Fedora 18 : kernel-3.6.5-2.fc18 (2012-17413)", "description": "Linux v3.6.5, latest upstream stable release with fixes across the tree.\n\nFixes CVE-2012-4565 and CVE-2012-4508. Updates kernel module signing to match the upstream kernel, and updates the UEFI secure boot patch set.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-11-08T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=62851", "cvelist": ["CVE-2012-4508", "CVE-2012-4565"], "lastseen": "2017-10-29T13:35:14"}, {"id": "UBUNTU_USN-1646-1.NASL", "type": "nessus", "title": "Ubuntu 12.10 : linux vulnerabilities (USN-1646-1)", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-12-02T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63118", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2017-10-29T13:36:13"}, {"id": "UBUNTU_USN-1644-1.NASL", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-1644-1)", "description": "Brad Spengler discovered a flaw in the Linux kernel's uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel's TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "published": "2012-12-02T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=63116", "cvelist": ["CVE-2012-4565", "CVE-2012-0957"], "lastseen": "2017-10-29T13:36:16"}], "ubuntu": [{"id": "USN-1650-1", "type": "ubuntu", "title": "Linux kernel vulnerability", "description": "Rodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service.", "published": "2012-11-30T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1650-1/", "cvelist": ["CVE-2012-4565"], "lastseen": "2018-03-29T18:18:38"}, {"id": "USN-1651-1", "type": "ubuntu", "title": "Linux kernel vulnerability", "description": "Rodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s TUN/TAP device driver. A local user could exploit this flaw to examine part of the kernel\u2019s stack memory. (CVE-2012-6547)\n\nDenys Fedoryshchenko discovered a flaw in the Linux kernel\u2019s TCP receive processing for IPv4. A remote attacker could exploit this flaw to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets. (CVE-2012-6638)\n\nA flaw was discovered in the requeuing of futexes in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2012-6647)\n\nA flaw was found in Linux kernel\u2019s validation of CIPSO (Common IP Security Option) options set from userspace. A local user that can set a socket\u2019s CIPSO options could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0310)\n\nMathias Krause discover an error in Linux kernel\u2019s Datagram Congestion Control Protocol (DCCP) Congestion Control Identifier (CCID) use. A local attack could exploit this flaw to cause a denial of service (crash) and potentially escalate privileges if the user can mmap page 0. (CVE-2013-1827)", "published": "2012-11-30T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1651-1/", "cvelist": ["CVE-2012-6647", "CVE-2013-1827", "CVE-2012-4565", "CVE-2012-6547", "CVE-2013-0310", "CVE-2012-6638"], "lastseen": "2018-03-29T18:17:02"}, {"id": "USN-1653-1", "type": "ubuntu", "title": "Linux kernel (EC2) vulnerability", "description": "Rodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s TUN/TAP device driver. A local user could exploit this flaw to examine part of the kernel\u2019s stack memory. (CVE-2012-6547)\n\nDenys Fedoryshchenko discovered a flaw in the Linux kernel\u2019s TCP receive processing for IPv4. A remote attacker could exploit this flaw to cause a denial of service (kernel resource consumption) via a flood of SYN+FIN TCP packets. (CVE-2012-6638)\n\nA flaw was discovered in the requeuing of futexes in the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) or possibly have other unspecified impact. (CVE-2012-6647)\n\nA flaw was found in Linux kernel\u2019s validation of CIPSO (Common IP Security Option) options set from userspace. A local user that can set a socket\u2019s CIPSO options could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0310)\n\nMathias Krause discover an error in Linux kernel\u2019s Datagram Congestion Control Protocol (DCCP) Congestion Control Identifier (CCID) use. A local attack could exploit this flaw to cause a denial of service (crash) and potentially escalate privileges if the user can mmap page 0. (CVE-2013-1827)", "published": "2012-12-04T00:00:00", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1653-1/", "cvelist": ["CVE-2012-6647", "CVE-2013-1827", "CVE-2012-4565", "CVE-2012-6547", "CVE-2013-0310", "CVE-2012-6638"], "lastseen": "2018-03-29T18:19:06"}, {"id": "USN-1704-1", "type": "ubuntu", "title": "Linux kernel (Quantal HWE) vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nJon Howell reported a flaw in the Linux kernel\u2019s KVM (Kernel-based virtual machine) subsystem\u2019s handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. (CVE-2012-4461)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508)\n\nA flaw was discovered in the Linux kernel\u2019s handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. (CVE-2012-4530)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nA flaw was discovered in the Linux kernel\u2019s handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system. (CVE-2012-5517)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. (CVE-2012-5532)\n\nAn information leak was discovered in the Linux kernel\u2019s /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel\u2019s stack memory. (CVE-2013-1928)", "published": "2013-01-22T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1704-1/", "cvelist": ["CVE-2012-5532", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-5517", "CVE-2012-4530", "CVE-2013-1928"], "lastseen": "2018-03-29T18:18:52"}, {"id": "USN-1704-2", "type": "ubuntu", "title": "Linux kernel (Quantal HWE) regression", "description": "USN-1704-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression inotify/fanotify stopped working after upgrading. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nOriginal advisory details:\n\nBrad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nJon Howell reported a flaw in the Linux kernel\u2019s KVM (Kernel-based virtual machine) subsystem\u2019s handling of the XSAVE feature. On hosts, using qemu userspace, without the XSAVE feature an unprivileged local attacker could exploit this flaw to crash the system. (CVE-2012-4461)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508)\n\nA flaw was discovered in the Linux kernel\u2019s handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. (CVE-2012-4530)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nA flaw was discovered in the Linux kernel\u2019s handling of new hot-plugged memory. An unprivileged local user could exploit this flaw to cause a denial of service by crashing the system. (CVE-2012-5517)\n\nFlorian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not correctly validating source addresses of netlink packets. An untrusted local user can cause a denial of service by causing hypervkvpd to exit. (CVE-2012-5532)", "published": "2013-02-01T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1704-2/", "cvelist": ["CVE-2012-5532", "CVE-2012-4508", "CVE-2012-4461", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-5517", "CVE-2012-4530"], "lastseen": "2018-03-29T18:20:48"}, {"id": "USN-1646-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1646-1/", "cvelist": ["CVE-2012-6537", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-0957", "CVE-2012-6538", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:17:20"}, {"id": "USN-1647-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1647-1/", "cvelist": ["CVE-2012-6537", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-0957", "CVE-2012-6538", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:20:07"}, {"id": "USN-1645-1", "type": "ubuntu", "title": "Linux kernel (OMAP4) vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nDave Jones discovered that the Linux kernel\u2019s socket subsystem does not correctly ensure the keepalive action is associated with a stream socket. A local user could exploit this flaw to cause a denial of service (system crash) by creating a raw socket. (CVE-2012-6657)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)\n\nAn information leak was discovered in the Linux kernel\u2019s /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel\u2019s stack memory. (CVE-2013-1928)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1645-1/", "cvelist": ["CVE-2012-6537", "CVE-2012-4508", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-0957", "CVE-2012-6538", "CVE-2012-6657", "CVE-2013-1928", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:21:28"}, {"id": "USN-1644-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nDmitry Monakhov reported a race condition flaw the Linux ext4 filesystem that can expose stale data. An unprivileged user could exploit this flaw to cause an information leak. (CVE-2012-4508)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nDave Jones discovered that the Linux kernel\u2019s socket subsystem does not correctly ensure the keepalive action is associated with a stream socket. A local user could exploit this flaw to cause a denial of service (system crash) by creating a raw socket. (CVE-2012-6657)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)\n\nAn information leak was discovered in the Linux kernel\u2019s /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel\u2019s stack memory. (CVE-2013-1928)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1644-1/", "cvelist": ["CVE-2012-6537", "CVE-2012-4508", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-0957", "CVE-2012-6538", "CVE-2012-6657", "CVE-2013-1928", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:18:57"}, {"id": "USN-1648-1", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "description": "Brad Spengler discovered a flaw in the Linux kernel\u2019s uname system call. An unprivileged user could exploit this flaw to read kernel stack memory. (CVE-2012-0957)\n\nRodrigo Freire discovered a flaw in the Linux kernel\u2019s TCP illinois congestion control algorithm. A local attacker could use this to cause a denial of service. (CVE-2012-4565)\n\nMathias Krause discovered a flaw in the Linux kernel\u2019s XFRM netlink interface. A local user with the NET_ADMIN capability could exploit this flaw to leak the contents of kernel memory. (CVE-2012-6536)\n\nMathias Krause discovered several errors in the Linux kernel\u2019s xfrm_user implementation. A local attacker could exploit these flaws to examine parts of kernel memory. (CVE-2012-6537)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s xfrm_user copy_to_user_auth function. A local user could exploit this flaw to examine parts of kernel heap memory. (CVE-2012-6538)\n\nMathias Krause discovered information leak in the Linux kernel\u2019s compat ioctl interface. A local user could exploit the flaw to examine parts of kernel stack memory (CVE-2012-6539)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt for IP_VS_SO_GET_TIMEOUT. A local user could exploit this flaw to examine parts of kernel stack memory. (CVE-2012-6540)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockopt implementation for the Datagram Congestion Control Protocol (DCCP). A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6541)\n\nMathias Krause discovered an information leak in the Linux kernel\u2019s getsockname implementation for Logical Link Layer (llc) sockets. A local user could exploit this flaw to examine some of the kernel\u2019s stack memory. (CVE-2012-6542)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth Logical Link Control and Adaptation Protocol (L2CAP) implementation. A local user could exploit these flaws to examine some of the kernel\u2019s stack memory. (CVE-2012-6544)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Bluetooth RFCOMM protocol implementation. A local user could exploit these flaws to examine parts of kernel memory. (CVE-2012-6545)\n\nMathias Krause discovered information leaks in the Linux kernel\u2019s Asynchronous Transfer Mode (ATM) networking stack. A local user could exploit these flaws to examine some parts of kernel memory. (CVE-2012-6546)\n\nA flaw was discovered in the Linux kernels handling of memory ranges with PROT_NONE when transparent hugepages are in use. An unprivileged local user could exploit this flaw to cause a denial of service (crash the system). (CVE-2013-0309)\n\nMathias Krause discovered a flaw in xfrm_user in the Linux kernel. A local attacker with NET_ADMIN capability could potentially exploit this flaw to escalate privileges. (CVE-2013-1826)\n\nAn information leak was discovered in the Linux kernel\u2019s /dev/dvb device. A local user could exploit this flaw to obtain sensitive information from the kernel\u2019s stack memory. (CVE-2013-1928)", "published": "2012-11-30T00:00:00", "cvss": {"score": 6.2, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://usn.ubuntu.com/1648-1/", "cvelist": ["CVE-2012-6546", "CVE-2012-6541", "CVE-2012-6537", "CVE-2012-4565", "CVE-2013-1826", "CVE-2012-6545", "CVE-2012-0957", "CVE-2012-6542", "CVE-2012-6539", "CVE-2012-6540", "CVE-2012-6544", "CVE-2012-6538", "CVE-2013-1928", "CVE-2012-6536", "CVE-2013-0309"], "lastseen": "2018-03-29T18:21:22"}], "oraclelinux": [{"id": "ELSA-2012-2047", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[2.6.39-300.17.3]\n- mm/hotplug: correctly add new zone to all other nodes zone lists (Jiang Liu)\n [Orabug: 16020976 Bug-db: 14798] {CVE-2012-5517}\n- Divide by zero in TCP congestion control Algorithm. (Jesper Dangaard Brouer)\n [Orabug: 16020656 Bug-db: 14798] {CVE-2012-4565}\n- Fix length of buffer copied in __nfs4_get_acl_uncached (Sachin Prabhu) [Bug-\n db: 14798] {CVE-2012-2375}\n- Avoid reading past buffer when calling GETACL (Sachin Prabhu) [Bug-db: 14798]\n {CVE-2012-2375}\n- Avoid beyond bounds copy while caching ACL (Sachin Prabhu) [Bug-db: 14798]\n {CVE-2012-2375}", "published": "2012-12-19T00:00:00", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-2047.html", "cvelist": ["CVE-2012-2375", "CVE-2012-4565", "CVE-2012-5517"], "lastseen": "2016-09-04T11:16:53"}, {"id": "ELSA-2012-2048", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "description": "[2.6.32-300.39.2]\n- ext4: fix undefined behavior in ext4_fill_flex_info() (Xi Wang) [orabug 16020245] {CVE-2012-2100}\n- Divide by zero in TCP congestion control Algorithm (Jesper Dangaard Brouer) [orabug 16020447] {CVE-2012-4565}\n- ipv6: discard overlapping fragment (Luis Henriques) [orabug 16021354] {CVE-2012-4444}", "published": "2012-12-20T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-2048.html", "cvelist": ["CVE-2012-4444", "CVE-2012-2100", "CVE-2012-4565"], "lastseen": "2016-09-04T11:16:26"}, {"id": "ELSA-2012-1580", "type": "oraclelinux", "title": "kernel security, bug fix and enhancement update", "description": "[2.6.32-279.19.1.el6]\n- [drm] i915: dont clobber the pipe param in sanitize_modesetting (Frantisek Hrbata) [876549 857792]\n- [drm] i915: Sanitize BIOS debugging bits from PIPECONF (Frantisek Hrbata) [876549 857792]\n- [net] fix divide by zero in tcp algorithm illinois (Flavio Leitner) [871920 866514] {CVE-2012-4565}\n- [fs] xfs: fix reading of wrapped log data (Dave Chinner) [876499 874322]\n- [x86] mm: fix signedness issue in mmap_rnd() (Petr Matousek) [876496 875036]\n- [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [877950 872799]\n- [fs] block_dev: Fix crash when block device is read and block size is changed at the same time (Frantisek Hrbata) [864826 855906]\n- [mm] tracing: Move include of trace/events/kmem.h out of header into slab.c (Jeff Moyer) [864826 855906]\n- [mm] slab: Move kmalloc tracepoint out of inline code (Jeff Moyer) [864826 855906]\n- [netdrv] bnx2x: organize BDs calculation for stop/resume (Frantisek Hrbata) [874022 819842]\n- [netdrv] bnx2x: fix panic when TX ring is full (Michal Schmidt) [874022 819842]\n[2.6.32-279.18.1.el6]\n- [scsi] sd: fix crash when UA received on DIF enabled device (Ewan Milne) [876487 865682]\n- [mm] hugetlb: fix non-atomic enqueue of huge page (Rafael Aquini) [876101 869750]\n- [x86] amd_iommu: attach device fails on the last pci device (Don Dutile) [876493 861164]\n- [net] nfs: Fix buffer overflow checking in __nfs4_get_acl_uncached (Frantisek Hrbata) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Fix the acl cache size calculation (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: nfs_getaclargs.acl_len is a size_t (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Dont use private xdr_stream fields in decode_getacl (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Fix pointer arithmetic in decode_getacl (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] nfs: Simplify the GETATTR attribute length calculation (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] sunrpc: Add the helper xdr_stream_pos (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] sunrpc: Dont decode beyond the end of the RPC reply message (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] sunrpc: Clean up xdr_set_iov() (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [net] sunrpc: xdr_read_pages needs to clear xdr->page_ptr (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [fs] nfs: Avoid beyond bounds copy while caching ACL (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [fs] nfs: Avoid reading past buffer when calling GETACL (Sachin Prabhu) [811794 822871] {CVE-2012-2375}\n- [scsi] ibmvfc: Fix double completion on abort timeout (Steve Best) [876088 865115]\n- [net] core: allocate skbs on local node (Andy Gospodarek) [876491 843163]\n[2.6.32-279.17.1.el6]\n- [mm] Prevent kernel panic in NUMA related system calls after memory hot-add (Larry Woodman) [875382 870350] {CVE-2012-5517}\n- [md] Dont truncate size at 4TB for RAID0 and Linear (Jes Sorensen) [866470 865637]\n- [fs] ext4: fix undefined bit shift result in ext4_fill_flex_info (Lukas Czerner) [809690 809691] {CVE-2012-2100}\n- [fs] ext4: fix undefined behavior in ext4_fill_flex_info() (Lukas Czerner) [809690 809691] {CVE-2012-2100}\n- [kernel] sched_rt: Ignore RT queue throttling if idle task has RT policy (Igor Mammedov) [853950 843541]\n- [kernel] sched: Create special class for stop/migrate work (Igor Mammedov) [853950 843541]\n- [net] ipv6: fix overlap check for fragments (Amerigo Wang) [874550 819952] {CVE-2012-4444}\n- [net] ipv6: discard overlapping fragment (Jiri Pirko) [874550 819952] {CVE-2012-4444}\n[2.6.32-279.16.1.el6]\n- [lib] Fix rwsem to not hang the system (David Howells) [871854 852847]\n[2.6.32-279.15.1.el6]\n- [netdrv] mlx4: Re-design multicast attachments flow (Doug Ledford) [866795 859533]", "published": "2012-12-19T00:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2012-1580.html", "cvelist": ["CVE-2012-2375", "CVE-2012-4444", "CVE-2012-2100", "CVE-2012-4565", "CVE-2012-5517"], "lastseen": "2016-09-04T11:16:23"}, {"id": "ELSA-2013-2507", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security and bug fix update", "description": " [2.6.39-400.17.1] \r\n- This is a fix on dlm_clean_master_list() (Xiaowei.Hu) \r\n- RDS: fix rds-ping spinlock recursion (jeff.liu) [Orabug: 16223050] \r\n- vhost: fix length for cross region descriptor (Michael S. Tsirkin) [Orabug: \r\n16387183] {CVE-2013-0311} \r\n- kabifix: block/scsi: Allow request and error handling timeouts to be \r\nspecified (Maxim Uvarov) \r\n- block/scsi: Allow request and error handling timeouts to be specified (Martin \r\nK. Petersen) [Orabug: 16372401] \r\n- [SCSI] Shorten the path length of scsi_cmd_to_driver() (Li Zhong) [Orabug: \r\n16372401] \r\n- Fix NULL dereferences in scsi_cmd_to_driver (Mark Rustad) [Orabug: 16372401] \r\n- SCSI: Fix error handling when no ULD is attached (Martin K. Petersen) \r\n[Orabug: 16372401] \r\n- Handle disk devices which can not process medium access commands (Martin K. \r\nPetersen) [Orabug: 16372401] \r\n- the ac->ac_allow_chain_relink=0 won't disable group relink (Xiaowei.Hu) \r\n[Orabug: 14842737] \r\n- pci: hotplug: fix null dereference in pci_set_payload() (Jerry Snitselaar) \r\n[Orabug: 16345420] \r\n \n[2.6.39-400.16.0] \r\n- epoll: prevent missed events on EPOLL_CTL_MOD (Eric Wong) [Orabug: 16363540] \r\n- rds: this resolved crash while removing rds_rdma module. orabug: 16268201 \r\n(Bang Nguyen) [Orabug: 16268201] \r\n- rds: scheduling while atomic on failover orabug: 16275095 (Bang Nguyen) \r\n[Orabug: 16268201] \r\n- SRP: Revert back to 2.6.39-400.8.0 code (Ajaykumar Hotchandani) [Orabug: \r\n16268201] \r\n- iSER: Revert back to 2.6.39-400.8.0 code (Ajaykumar Hotchandani) [Orabug: \r\n16268201] \r\n \n[2.6.39-400.15.0] \r\n- x86/xen: don't assume %ds is usable in xen_iret for 32-bit PVOPS. (Jan \r\nBeulich) {CVE-2013-0228} \r\n- xen-blkfront: drop the use of llist_for_each_entry_safe (Konrad Rzeszutek \r\nWilk) [Orabug: 16263164] \r\n- Revert 'xen PVonHVM: use E820_Reserved area for shared_info' (Konrad \r\nRzeszutek Wilk) [Orabug: 16297716] \r\n- Revert 'xen/PVonHVM: fix compile warning in init_hvm_pv_info' (Konrad \r\nRzeszutek Wilk) \r\n \n[2.6.39-400.14.0] \r\n- xfs: use shared ilock mode for direct IO writes by default (Dave Chinner) \r\n[Orabug: 16304938] \r\n- sched: fix divide by zero at {thread_group,task}_times (Stanislaw Gruszka) \r\n[Orabug: 15956690] \r\n- Revert 'Revert 'cgroup: notify_on_release may not be triggered in some \r\ncases'' (Maxim Uvarov) \r\n- xen_fmr: Verify XEN platform before running xen_fmr drivers (Yuval Shaia) \r\n[Orabug: 16302435] \r\n- rds: unregister IB event handler on shutdown (Bang Nguyen) [Orabug: 16302435] \r\n- rds: HAIP support child interface (Bang Nguyen) [Orabug: 16302435] \r\n- RDS HAIP misc fixes (Bang Nguyen) [Orabug: 16302435] \r\n- Ignore failover groups if HAIP is disabled (Bang Nguyen) [Orabug: 16302435] \r\n- RDS: RDS rolling upgrade (Saeed Mahameed) [Orabug: 16302435] \r\n- mlx4_core: use correct FMR number of clients according to PRM. (Saeed \r\nMahameed) [Orabug: 16302435] \r\n \n[2.6.39-400.13.0] \r\n- kmod: make __request_module() killable (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- kmod: introduce call_modprobe() helper (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- usermodehelper: implement UMH_KILLABLE (Oleg Nesterov) [Orabug: 16286305] \r\n{CVE-2012-4398} \r\n- usermodehelper: introduce umh_complete(sub_info) (Oleg Nesterov) [Orabug: \r\n16286305] {CVE-2012-4398} \r\n- KVM: x86: invalid opcode oops on SET_SREGS with OSXSAVE bit set \r\n(CVE-2012-4461) (Jerry Snitselaar) [Orabug: 16286290] {CVE-2012-4461} \r\n- exec: do not leave bprm->interp on stack (Kees Cook) [Orabug: 16286267] \r\n{CVE-2012-4530} \r\n- exec: use -ELOOP for max recursion depth (Kees Cook) [Orabug: 16286267] \r\n{CVE-2012-4530} \r\n- xen-pciback: rate limit error messages from xen_pcibk_enable_msi{,x}() (Jan \r\nBeulich) [Orabug: 16243736] {CVE-2013-0231} \r\n- netback: correct netbk_tx_err to handle wrap around. (Ian Campbell) [Orabug: \r\n16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- xen/netback: free already allocated memory on failure in \r\nxen_netbk_get_requests (Ian Campbell) [Orabug: 16243309] {CVE-2013-0216 \r\nCVE-2013-0217} \r\n- xen/netback: don't leak pages on failure in xen_netbk_tx_check_gop. (Ian \r\nCampbell) [Orabug: 16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- xen/netback: shutdown the ring if it contains garbage. (Ian Campbell) \r\n[Orabug: 16243309] {CVE-2013-0216 CVE-2013-0217} \r\n- SCSI: scsi_remove_target: fix softlockup regression on hot remove (Dan \r\nWilliams) [Orabug: 16242926] \r\n \n[2.6.39-400.12.0] \r\n- IB: Add config options for Mellanox driver Xen FMR support. (Ajaykumar \r\nHotchandani) [Orabug: 16234102] \r\n- IB: Enable Xen FMR support for Mellanox driver. (Ajaykumar Hotchandani) \r\n[Orabug: 16234102] \r\n \n[2.6.39-400.11.0] \r\n- cnic: don't use weak dependencies for ipv6 (Jerry Snitselaar) [Orabug: \r\n16207564] \r\n- ext4: remove unaligned AIO warning printk (Eric Sandeen) [Orabug: 14096480] \r\n- SPEC: add block/net modules to list used by installer (Guru Anbalagane) \r\n[Orabug: 14224837] \r\n- dm mpath: add retain_attached_hw_handler feature (Mike Snitzer) [Orabug: \r\n16199397] \r\n- [SCSI] scsi_dh: add scsi_dh_attached_handler_name (Mike Snitzer) [Orabug: \r\n16199397] \r\n- xen/grant-table: Force to use v1 of grants. (Konrad Rzeszutek Wilk) [Oracle- \r\nbug: 16039922] \r\n- xen: netback: handle compound page fragments on transmit. (Ian Campbell) \r\n- xen: Fix stack corruption in xen_failsafe_callback for 32bit PVOPS guests. \r\n(Andrew Cooper) {CVE-2013-0190} \r\n- xen/grant-table: correctly initialize grant table version 1 (Matt Wilson) \r\n \n[2.6.39-400.10.0] \r\n- btrfs: fix incompatible pointer warning (Jerry Snitselaar) \r\n- bnx2x: enable support for ethtool op get_rxfh_indir_size (Jerry Snitselaar) \r\n- Revert 'cgroup: notify_on_release may not be triggered in some cases' (Maxim \r\nUvarov) [Orabug: 16167473] \r\n- mlx4: disable build for i686 (Maxim Uvarov) \r\n \n[2.6.39-400.9.0] \r\n- mlx4_ib: alias_GUID, calculate slave port state in sa query handler \r\n(Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- RDS: Fixes warning while rds-info. spin_lock_irqsave() is changed to \r\nspin_lock_bh(). (Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- mlx4_en: handle HCA events correctly (Ajaykumar Hotchandani) [Orabug: \r\n15997083] \r\n- ixgbevf fix typo in Makefile (Maxim Uvarov) [Orabug: 16168292] \r\n- [patch3/3] kernel config: Mellanox OFED R2, 0080 release (Ajaykumar \r\nHotchandani) [Orabug: 15997083] \r\n- [patch2/3] RDS merge for UEK2 (Ajaykumar Hotchandani) [Orabug: 15997083] \r\n- [patch1/3] Merge for Mellanox OFED R2, 0080 release (Ajaykumar Hotchandani) \r\n[Orabug: 15997083] \r\n \n[2.6.39-400.8.0] \r\n- git-changelog: don't print debug info (Maxim Uvarov) \r\n- spec: remove not used firmwares (Maxim Uvarov) [Orabug: 16048277] \r\n \n[2.6.39-400.7.0] \r\n- git-changelog: search for bug # in merge commit (Maxim Uvarov) \r\n- be2iscsi: Bump the driver version (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix Unrecoverable Error Detection (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix for MBX timeout issue (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix the copyright information (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix issue of displaying adapter family. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Fix Task Completion Event handling (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix session update context with V2 version. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Fix support for V2 version of WRB. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix support for handling CQ_CREATE V2 version. (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix max EQ supported by the driver. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix driver support for an adapter. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix return value and typo. (Jayamohan Kallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix kernel panic in blk_iopoll disable mode. (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Issue an FLR when driver is loaded (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Display driver name and version in device attribute (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix max supported EQ count to 8. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- be2iscsi: Fix memory leak in control path of driver (Jayamohan Kallickal) \r\n[Orabug: 16023790] \r\n- be2iscsi: Display Completion Event string instead of Opcode (Jayamohan \r\nKallickal) [Orabug: 16023790] \r\n- be2iscsi: Fix the issue with soft reset. (Jayamohan Kallickal) [Orabug: \r\n16023790] \r\n- netxen: update to qlogic 4.0.80 (Sritej Velaga) [Orabug: 16025025] \r\n- qlge: update to qlogic 1.00.00.31 (Sritej Velaga) [Orabug: 16025042] \r\n- qlcnic: Update to 5.1.27.35 (Sritej Velaga) [Orabug: 16024990] \r\n- [SCSI] scsi_dh_alua: Add fusionio ION LUNs to scsi_dh_alua device list (Mike \r\nChristie) [Orabug: 16081231] \r\n- bonding: fixup typo in rlb mode of bond and bridge fix (Guru Anbalagane) \r\n[Orabug: 16069448] \r\n- qla4xxx: Updated driver version to 5.03.00.01.06.02-uek2 (Tej Parkash) \r\n[Orabug: 16067337] \r\n- qla4xxx: Correct the validation to check in get_sys_info mailbox (Nilesh \r\nJavali) [Orabug: 16067337] \r\n- qla4xxx: Pass correct function param to qla4_8xxx_rd_direct (Vikas Chaudhary) \r\n[Orabug: 16067337] \r\n- qla4xxx: Fix memory corruption issue in qla4xxx_get_ep_fwdb. (Manish \r\nRangankar) [Orabug: 16067337] \r\n- qla4xxx: Allow reset in link down case (Harish Zunjarrao) [Orabug: 16067337] \r\n- qla4xxx: Fix MBOX intr switching from polling to intr mode for ISP83XX (Vikas \r\nChaudhary) [Orabug: 16067337] \r\n- [SCSI] hpsa: change confusing message to be more clear (Mike Miller) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: retry commands completing with status of UNSOLICITED_ABORT \r\n(Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: use ioremap_nocache instead of ioremap (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: fix incorrect abort diagnostic message (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: dial down lockup detection during firmware flash (Stephen M. \r\nCameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: add new RAID level '1(ADM)' (Mike Miller) [Orabug: 14793661] \r\n- [SCSI] hpsa: factor out hpsa_free_irqs_and_disable_msix (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: refine interrupt handler locking for greater concurrency (Matt \r\nGates) [Orabug: 14793661] \r\n- [SCSI] hpsa: use multiple reply queues (Matt Gates) [Orabug: 14793661] \r\n- [SCSI] hpsa: factor out tail calls to next_command() in \r\nprocess_(non)indexed_cmd() (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: do aborts two ways (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: add abort error handler function (Stephen M. Cameron) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: remove unused parameter from finish_cmd (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: do not give up retry of driver cmds after only 3 retries \r\n(Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: retry driver initiated commands on busy status (Matt Bondurant) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: suppress excessively chatty error messages (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: enable bus master bit after pci_enable_device (Stephen M. \r\nCameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: do not skip disabled devices (Stephen M. Cameron) [Orabug: \r\n14793661] \r\n- [SCSI] hpsa: call pci_disable_device on driver unload (Stephen M. Cameron) \r\n[Orabug: 14793661] \r\n- [SCSI] hpsa: factor out driver name (Stephen M. Cameron) [Orabug: 14793661] \r\n- [SCSI] hpsa: gen8plus Smart Array IDs (Mike Miller) [Orabug: 14793661] \r\n \n[2.6.39-400.6.0] \r\n- qla3xxx: Ensure request/response queue addr writes to the registers (Joe Jin) \r\n[Orabug: 14614290] \r\n- tcp: fix tcp_trim_head() (Eric Dumazet) [Orabug: 14810429] \r\n- mm/hotplug: correctly add new zone to all other nodes' zone lists (Jiang Liu) \r\n[Orabug: 16020976 Bug-db: 14798] {CVE-2012-5517} \r\n- Divide by zero in TCP congestion control Algorit h m . ( J e s p e r D a n g a a r d B r o u e r ) \r b r > [ O r a b u g : 1 6 0 2 0 6 5 6 B u g - d b : 1 4 7 9 8 ] { C V E - 2 0 1 2 - 4 5 6 5 } \r b r > - F i x l e n g t h o f b u f f e r c o p i e d i n _ _ n f s 4 _ g e t _ a c l _ u n c a c h e d ( S a c h i n P r a b h u ) [ B u g - \r b r > d b : 1 4 7 9 8 ] { C V E - 2 0 1 2 - 2 3 7 5 } \r b r > - A v o i d r e a d i n g p a s t b u f f e r w h e n c a l l i n g G E T A C L ( S a c h i n P r a b h u ) [ B u g - d b : 1 4 7 9 8 ] \r b r > { C V E - 2 0 1 2 - 2 3 7 5 } \r b r > - A v o i d b e y o n d b o u n d s c o p y w h i l e c a c h i n g A C L ( S a c h i n P r a b h u ) [ B u g - d b : 1 4 7 9 8 ] \r b r > { C V E - 2 0 1 2 - 2 3 7 5 } \r b r > - M e r g e t a g ' v 2 . 6 . 3 9 - 4 0 0 # b u g 1 6 0 1 1 1 5 4 ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - \r b r > s n i t s - p u b l i c ( M a x i m U v a r o v ) [ O r a b u g : 1 6 0 1 1 1 5 4 ] \r b r > - q l a 2 x x x : U p d a t e t h e d r i v e r v e r s i o n t o 8 . 0 4 . 0 0 . 1 1 . 3 9 . 0 - k . ( S a u r a v K a s h y a p ) \r b r > - q l a 2 x x x : O b t a i n l o o p b a c k i t e r a t i o n c o u n t f r o m b s g r e q u e s t . ( J o e C a r n u c c i o ) \r b r > - q l a 2 x x x : U p d a t e t h e F T P s i t e r e f e r e n c e s i n t h e d r i v e r s o u r c e s . ( G i r i d h a r \r b r > M a l a v a l i ) \r b r > - q l a 2 x x x : D e b u g I D c o r r e c t i o n s . ( C h a d D u p u i s ) \r b r > - q l a 2 x x x : R e j e c t l o o p b a c k r e q u e s t i f o n e i s a l r e a d y i n p r o g r e s s . ( C h a d D u p u i s ) \r b r > - q l a 2 x x x : P r i n t i g n o r e m e s s a g e w h e n t h e r m a l i s n o t s u p p o r t e d . ( J o e C a r n u c c i o ) \r b r > - q l a 2 x x x : A v o i d n u l l p o i n t e r d e r e f e r e n c e i n s h u t d o w n r o u t i n e . ( M a s a n a r i I i d a ) \r b r > - q l a 2 x x x : G e t V P D i n f o r m a t i o n f r o m c o m m o n l o c a t i o n f o r C N A . ( S a u r a v K a s h y a p ) \r b r > - q l a 2 x x x : C o r r e c t r a c e i n l o o p _ s t a t e a s s i g n m e n t d u r i n g r e s e t h a n d l i n g . ( A n d r e w \r b r > V a s q u e z ) \r b r > - q l a 2 x x x : D i s p l a y t h a t d r i v e r i s o p e r a t i n g i n l e g a c y i n t e r r u p t m o d e . ( S a u r a v \r b r > K a s h y a p ) \r b r > - q l a 2 x x x : F r e e r s p _ d a t a e v e n o n e r r o r i n q l a 2 x 0 0 _ p r o c e s s _ l o o p b a c k ( ) . ( S t e v e \r b r > H o d g s o n ) \r b r > - q l a 2 x x x : D o n t c l e a r d r v a c t i v e o n i o s p a c e c o n f i g f a i l u r e . ( S a u r a v K a s h y a p ) \r b r > - q l a 2 x x x : F i x t y p o i n q l a 2 x x x d r i v e r . ( M a s a n a r i I i d a ) \r b r > - q l a 2 x x x : U p d a t e q l 2 x e x t e n d e d _ e r r o r _ l o g g i n g p a r a m e t e r d e s c r i p t i o n w i t h n e w \r b r > o p t i o n . ( C h a d D u p u i s ) \r b r > - q l a 2 x x x : P a r a m e t e r i z e t h e l i n k s p e e d s t r i n g c o n v e r s i o n f u n c t i o n . ( J o e \r b r > C a r n u c c i o ) \r b r > - q l a 2 x x x : A d d 1 6 G b / s c a s e t o g e t p o r t s p e e d c a p a b i l i t y . ( J o e C a r n u c c i o ) \r b r > - q l a 2 x x x : M o v e m a r k i n g f c p o r t o n l i n e a h e a d o f s e t t i n g i i D M A s p e e d . ( J o e \r b r > C a r n u c c i o ) \r b r > - M e r g e t a g ' v 2 . 6 . 3 9 - 4 0 0 . 5 . 0 # b u g d b 1 3 8 2 6 ' o f c a - g i t . u s . o r a c l e . c o m : l i n u x - m u v a r o v - \r b r > p u b l i c ( M a x i m U v a r o v ) [ B u g - d b : 1 3 8 2 6 ] \r b r > - b e 2 n e t : f i x I N T x I S R f o r i n t e r r u p t b e h a v i o u r o n B E 2 ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : f i x a p o s s i b l e e v e n t s _ g e t ( ) r a c e o n B E 2 ( S a t h y a P e r l a ) \r b r > - n e t : R e m o v e b o g u s d e p e n d e n c i e s o n I N E T ( B e n H u t c h i n g s ) \r b r > - b e 2 n e t : r e m o v e a d a p t e r - > e q _ n e x t _ i d x ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : r e m o v e r o c e o n l a n c e r ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : f i x a c c e s s t o S E M A P H O R E r e g ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : r e - f a c t o r b a r m a p p i n g c o d e ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : d o n o t u s e s l i _ f a m i l y t o i d e n t i f y s k y h a w k - R c h i p ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : f i x w r o n g u s a g e o f a d a p t e r - > g e n e r a t i o n ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : r e m o v e L A N C E R A 0 w o r k a r o u n d ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : F i x s m a t c h w a r n i n g s i n b e _ m a i n . c ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : U p d a t e d r i v e r v e r s i o n ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x s k y h a w k V F P C I D e v i c e I D ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x F W f l a s h i n g o n S k y h a w k - R ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : E n a b l i n g W a k e - o n - L A N i s n o t s u p p o r t e d i n S 5 s t a t e ( P a d m a n a b h \r b r > R a t n a k a r ) \r b r > - b e 2 n e t : F i x V F d r i v e r l o a d o n n e w e r L a n c e r F W ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x u n n e c e s s a r y d e l a y i n P C I E E H ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x i s s u e s i n e r r o r r e c o v e r y d u e t o w r o n g q u e u e s t a t e ( P a d m a n a b h \r b r > R a t n a k a r ) \r b r > - b e 2 n e t : F i x e t h t o o l g e t _ s e t t i n g s o u t p u t f o r V F ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x e r r o r m e s s a g e s w h i l e d r i v e r l o a d f o r V F s ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x c o n f i g u r i n g V L A N f o r V F f o r L a n c e r ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : W a i t t i l l r e s o u r c e s a r e a v a i l a b l e f o r V F i n e r r o r r e c o v e r y ( P a d m a n a b h \r b r > R a t n a k a r ) \r b r > - b e 2 n e t : F i x c h a n g e M A C o p e r a t i o n f o r V F f o r L a n c e r ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x s e t t i n g Q o S f o r V F f o r L a n c e r ( P a d m a n a b h R a t n a k a r ) \r b r > - b e 2 n e t : F i x d r i v e r l o a d f a i l u r e f o r d i f f e r e n t F W c o n f i g s i n L a n c e r ( P a d m a n a b h \r b r > R a t n a k a r ) \r b r > - b e 2 n e t : c r e a t e R S S r i n g s e v e n i n m u l t i - c h a n n e l c o n f i g s ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : s e t m a x i m a l n u m b e r o f d e f a u l t R S S q u e u e s ( Y u v a l M i n t z ) \r b r > - b e 2 n e t : P r o g r a m s e c o n d a r y U C M A C a d d r e s s i n t o M A C f i l t e r ( A j i t K h a p a r d e ) \r b r > - b e 2 n e t : R e m o v e c o d e t h a t s t o p s f u r t h e r a c c e s s t o B E N I C b a s e d o n U E b i t s \r b r > ( A j i t K h a p a r d e ) \r b r > - b e 2 n e t : f i x v f s e n u m e r a t i o n ( I v a n V e c e r a ) \r b r > - b e 2 n e t : f i x u p l o g m e s s a g e s ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : c l e a n u p c o d e r e l a t e d t o b e _ l i n k _ s t a t u s _ q u e r y ( ) ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : f i x w r o n g h a n d l i n g o f b e _ s e t u p ( ) f a i l u r e i n b e _ p r o b e ( ) ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : r e m o v e t y p e a r g u m e n t o f b e _ c m d _ m a c _ a d d r _ q u e r y ( ) ( S a t h y a P e r l a ) \r b r > - R e v e r t ' b e 2 n e t : f i x v f s e n u m e r a t i o n ' ( D a v i d S . M i l l e r ) \r b r > - b e 2 n e t : f i x v f s e n u m e r a t i o n ( I v a n V e c e r a ) \r b r > - b e 2 n e t : u s e P C I e A E R c a p a b i l i t y ( S a t h y a P e r l a ) \r b r > - b e 2 n e t : m o d i f y l o g m s g f o r l a c k o f p r i v i l e g e e r r o r ( V a s u n d h a r a V o l a m ) \r b r > - b e 2 n e t : f i x F W d e f a u l t f o r V F t x - r a t e ( V a s u n d h a r a V o l a m ) \r b r > - b e 2 n e t : f i x m a x V F s r e p o r t e d b y H W ( V a s u n d h a r a V o l a m ) \r b r > - n e t p o l l : r e v e r t 6 b d b 7 f e 3 1 0 4 a n d f i x b e _ p o l l ( ) i n s t e a d ( A m e r i g o W a n g ) \r b r > - S P E C : O L 5 k e r n e l f i r m w a r e r p m d e p e n d s o n a l l o t h e r s f i r m w a r e s ( M a x i m U v a r o v ) \r b r > [ O r a b u g : 1 5 9 8 7 3 3 2 ] \r b r > \r b r > [ 2 . 6 . 3 9 - 4 0 0 . 5 . 0 ] \r b r > - x 8 6 , t s c : F i x S M I i n d u c e d v a r i a t i o n i n q u i c k _ p i t _ c a l i b r a t e ( ) ( L i n u s T o r v a l d s ) \r b r > [ O r a b u g : 1 3 2 5 6 1 6 6 ] \r b r > - x 8 6 , t s c : S k i p T S C s y n c h r o n i z a t i o n c h e c k s f o r t s c = r e l i a b l e ( S u r e s h S i d d h a ) \r b r > [ O r a b u g : 1 3 2 5 6 1 6 6 ] \r b r > - b o n d i n g : r l b m o d e o f b o n d s h o u l d n o t a l t e r A R P o r i g i n a t i n g v i a b r i d g e \r b r > ( z h e n g . l i ) [ O r a b u g : 1 4 6 5 0 9 7 5 ] \r b r > - M e r g e t a g ' v 2 . 6 . 3 9 - 4 0 0 # r d a c ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - s n i t s - p u b l i c \r b r > ( M a x i m U v a r o v ) \r b r > - [ S C S I ] s c s i _ d h _ r d a c : F i x e r r o r p a t h ( R i c h a r d W e i n b e r g e r ) \r b r > - [ S C S I ] s c s i _ d h _ r d a c : A d d i n g N e t A p p a s a b r a n d n a m e f o r r d a c ( C h a u h a n , V i j a y ) \r b r > - M e r g e t a g ' u e k 2 - m e r g e - 4 0 0 - 3 . 8 - f i x e s - t a g ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - \r b r > k o n r a d - p u b l i c ( M a x i m U v a r o v ) \r b r > - x e n - b l k f r o n t : h a n d l e b v e c s w i t h p a r t i a l d a t a ( R o g e r P a u M o n n e ) \r b r > - x e n - b l k f r o n t : i m p l e m e n t s a f e v e r s i o n o f l l i s t _ f o r _ e a c h _ e n t r y ( R o g e r P a u \r b r > M o n n e ) \r b r > - x e n - b l k b a c k : i m p l e m e n t s a f e i t e r a t o r f o r t h e l i s t o f p e r s i s t e n t g r a n t s ( R o g e r \r b r > P a u M o n n e ) \r b r > - M e r g e t a g ' u e k 2 - m e r g e - 4 0 0 - 3 . 8 - t a g ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - \r b r > k o n r a d - p u b l i c ( M a x i m U v a r o v ) \r b r > - M e r g e t a g ' u e k 2 - m e r g e - b a c k p o r t - 3 . 8 ' o f g i t : / / c a - g i t / l i n u x - k o n r a d - p u b l i c i n t o \r b r > u e k 2 - m e r g e - 4 0 0 ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n : a r m : i m p l e m e n t r e m a p i n t e r f a c e s n e e d e d f o r p r i v c m d m a p p i n g s . ( I a n \r b r > C a m p b e l l ) \r b r > - x e n : c o r r e c t l y u s e x e n _ p f n _ t i n r e m a p _ d o m a i n _ m f n _ r a n g e . ( I a n C a m p b e l l ) \r b r > - x e n : a r m : e n a b l e b a l l o o n d r i v e r ( I a n C a m p b e l l ) \r b r > - x e n : b a l l o o n : a l l o w P V M M U i n t e r f a c e s t o b e c o m p i l e d o u t ( I a n C a m p b e l l ) \r b r > - x e n : p r i v c m d : s u p p o r t a u t o t r a n s l a t e d p h y s m a p g u e s t s . ( M u k e s h R a t h o r ) \r b r > - x e n : a d d p a g e s p a r a m e t e r t o x e n _ r e m a p _ d o m a i n _ m f n _ r a n g e ( I a n C a m p b e l l ) \r b r > - x e n / P V o n H V M : f i x c o m p i l e w a r n i n g i n i n i t _ h v m _ p v _ i n f o ( O l a f H e r i n g ) \r b r > - x e n / a c p i : M o v e t h e x e n _ r u n n i n g _ o n _ v e r s i o n _ o r _ l a t e r f u n c t i o n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / x e n b u s : R e m o v e d u p l i c a t e i n c l u s i o n o f a s m / x e n / h y p e r v i s o r . h ( S a c h i n K a m a t ) \r b r > - x e n / a c p i : F i x c o m p i l e e r r o r b y m i s s i n g d e c l e r a t i o n f o r x e n _ d o m a i n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / a c p i : r e v e r t p a d c o n f i g c h e c k i n x e n _ c h e c k _ m w a i t ( L i u , J i n s o n g ) \r b r > - x e n / a c p i : A C P I P A D d r i v e r ( L i u , J i n s o n g ) \r b r > - x e n P V o n H V M : u s e E 8 2 0 _ R e s e r v e d a r e a f o r s h a r e d _ i n f o ( O l a f H e r i n g ) \r b r > - x e n - b l k f r o n t : f r e e a l l o c a t e d p a g e ( R o g e r P a u M o n n e ) \r b r > - x e n - b l k b a c k : m o v e f r e e p e r s i s t e n t g r a n t s c o d e ( R o g e r P a u M o n n e ) \r b r > - x e n / b l k b a c k : p e r s i s t e n t - g r a n t s f i x e s ( R o g e r P a u M o n n e ) \r b r > - x e n / b l k b a c k : P e r s i s t e n t g r a n t m a p s f o r x e n b l k d r i v e r s ( R o g e r P a u M o n n e ) \r b r > - x e n / b l k b a c k : C h a n g e x e n _ v b d ' s f l u s h _ s u p p o r t a n d d i s c a r d _ s e c u r e t o h a v e t y p e \r b r > u n s i g n e d i n t , r a t h e r t h a n b o o l ( O l i v e r C h i c k ) \r b r > - x e n / b l k b a c k : u s e k m e m _ c a c h e _ z a l l o c i n s t e a d o f k m e m _ c a c h e _ a l l o c / m e m s e t ( W e i \r b r > Y o n g j u n ) \r b r > - x e n / b l k f r o n t : A d d W A R N t o d e a l w i t h m i s b e h a v i n g b a c k e n d s . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - l l i s t - r e t u r n - w h e t h e r - l i s t - i s - e m p t y - b e f o r e - a d d i n g - i n - l l i s t _ a d d - f i x ( A n d r e w \r b r > M o r t o n ) \r b r > - l l i s t : A d d b a c k l l i s t _ a d d _ b a t c h ( ) a n d l l i s t _ d e l _ f i r s t ( ) p r o t o t y p e s ( S t e p h e n \r b r > R o t h w e l l ) \r b r > - l l i s t : R e m o v e c p u _ r e l a x ( ) u s a g e i n c m p x c h g l o o p s ( P e t e r Z i j l s t r a ) \r b r > - l l i s t : A d d l l i s t _ n e x t ( ) ( P e t e r Z i j l s t r a ) \r b r > - l l i s t : R e t u r n w h e t h e r l i s t i s e m p t y b e f o r e a d d i n g i n l l i s t _ a d d ( ) ( H u a n g Y i n g ) \r b r > - l l i s t : M o v e c p u _ r e l a x ( ) t o a f t e r t h e c m p x c h g ( ) ( H u a n g Y i n g ) \r b r > - l l i s t : R e m o v e t h e p l a t f o r m - d e p e n d e n t N M I c h e c k s ( I n g o M o l n a r ) \r b r > - l l i s t : M a k e s o m e l l i s t f u n c t i o n s i n l i n e ( H u a n g Y i n g ) \r b r > - l i b , A d d l o c k - l e s s N U L L t e r m i n a t e d s i n g l e l i s t ( H u a n g Y i n g ) \r b r > - x e n / o p r o f i l e : E x p o s e t h e o p r o f i l e _ a r c h _ e x i t _ f n c p o i n t e r . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n / o p r o f i l e : S w i t c h f r o m s y s c o r e _ o p s t o p l a t f o r m _ o p s . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n / o p r o f i l e : F i x c o m p i l e i s s u e s w h e n C O N F I G _ X E N i s n o t d e f i n e d . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / o p r o f i l e : T h e a r c h _ v a r i a n t s f o r i n i t / e x e c w e r e n ' t b e i n g c a l l e d . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / o p r o f i l e : C o m p i l e f i x ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / o p r o f i l e : P a t c h f r o m M i c h a e l P e t u l l o ( K o n r a d R z e s z u t e k W i l k ) \r b r > \r b r > [ 2 . 6 . 3 9 - 4 0 0 . 4 . 0 ] \r b r > - M e r g e t a g ' u e k 2 - m e r g e - 4 0 0 - 3 . 7 - t a g ' o f g i t : / / c a - g i t . u s . o r a c l e . c o m / l i n u x - \r b r > k o n r a d - p u b l i c ( M a x i m U v a r o v ) \r b r > - M e r g e t a g ' u e k 2 - m e r g e - b a c k p o r t - 3 . 7 ' o f g i t : / / c a - g i t / l i n u x - k o n r a d - p u b l i c i n t o \r b r > u e k 2 - m e r g e - 4 0 0 ( K o n r a d R z e s z u t e k W i l k ) \r b r > - R e v e r t ' x e n / x 8 6 : W o r k a r o u n d 6 4 - b i t h y p e r v i s o r a n d 3 2 - b i t i n i t i a l d o m a i n . ' a n d \r b r > ' x e n / x 8 6 : U s e m e m b l o c k _ r e s e r v e f o r s e n s i t i v e a r e a s . ' ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / x 8 6 : W o r k a r o u n d 6 4 - b i t h y p e r v i s o r a n d 3 2 - b i t i n i t i a l d o m a i n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / a r m : F i x c o m p i l e e r r o r s w h e n d r i v e r s a r e c o m p i l e d a s m o d u l e s ( e x p o r t \r b r > m o r e ) . ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : F i x c o m p i l e e r r o r s w h e n d r i v e r s a r e c o m p i l e d a s m o d u l e s . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / g e n e r i c : D i s a b l e f a l l b a c k b u i l d o n A R M . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / h v m : I f w e f a i l t o f e t c h a n H V M p a r a m e t e r p r i n t o u t w h i c h f l a g i t i s . \r b r > ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / h y p e r c a l l : f i x h y p e r c a l l f a l l b a c k c o d e f o r v e r y o l d h y p e r v i s o r s ( J a n \r b r > B e u l i c h ) \r b r > - x e n / a r m : u s e t h e _ _ H V C m a c r o ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / x e n b u s : f i x o v e r f l o w c h e c k i n x e n b u s _ f i l e _ w r i t e ( ) ( J a n B e u l i c h ) \r b r > - x e n - k b d f r o n t : h a n d l e b a c k e n d C L O S E D w i t h o u t C L O S I N G ( D a v i d V r a b e l ) \r b r > - x e n - f b f r o n t : h a n d l e b a c k e n d C L O S E D w i t h o u t C L O S I N G ( D a v i d V r a b e l ) \r b r > - x e n / g n t d e v : d o n ' t l e a k m e m o r y f r o m I O C T L _ G N T D E V _ M A P _ G R A N T _ R E F ( D a v i d V r a b e l ) \r b r > - x 8 6 : r e m o v e o b s o l e t e c o m m e n t f r o m a s m / x e n / h y p e r v i s o r . h ( O l a f H e r i n g ) \r b r > - x e n : d b g p : F i x w a r n i n g w h e n C O N F I G _ P C I i s n o t e n a b l e d . ( I a n C a m p b e l l ) \r b r > - U S B E H C I / X e n : p r o p a g a t e c o n t r o l l e r r e s e t i n f o r m a t i o n t o h y p e r v i s o r ( J a n \r b r > B e u l i c h ) \r b r > - x e n : a r m : c o m m e n t o n w h y 6 4 - b i t x e n _ p f n _ t i s s a f e e v e n o n 3 2 b i t ( I a n \r b r > C a m p b e l l ) \r b r > - x e n : b a l l o o n : u s e c o r r e c t t y p e f o r f r a m e _ l i s t ( I a n C a m p b e l l ) \r b r > - x e n / x 8 6 : d o n ' t c o r r u p t % e i p w h e n r e t u r n i n g f r o m a s i g n a l h a n d l e r ( D a v i d \r b r > V r a b e l ) \r b r > - x e n : a r m : m a k e p 2 m o p e r a t i o n s N O P s ( I a n C a m p b e l l ) \r b r > - x e n : b a l l o o n : d o n ' t i n c l u d e e 8 2 0 . h ( I a n C a m p b e l l ) \r b r > - x e n : e v e n t s : p i r q _ c h e c k _ e o i _ m a p i s X 8 6 s p e c i f i c ( I a n C a m p b e l l ) \r b r > - x e n : X E N M E M _ t r a n s l a t e _ g p f n _ l i s t w a s r e m o v e a g e s a g o a n d i s u n u s e d . ( I a n \r b r > C a m p b e l l ) \r b r > - x e n : s y s f s : i n c l u d e e r r . h f o r P T R _ E R R e t c ( I a n C a m p b e l l ) \r b r > - x e n : x e n b u s : q u i r k u s e s x 8 6 s p e c i f i c c p u i d ( I a n C a m p b e l l ) \r b r > - x e n / x e n b u s : F i x c o m p i l e w a r n i n g . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / x 8 6 : r e m o v e d u p l i c a t e d i n c l u d e f r o m e n l i g h t e n . c ( W e i Y o n g j u n ) \r b r > - x e n / p v - o n - h v m k e x e c : a d d q u i r k f o r X e n 3 . 4 a n d s h u t d o w n w a t c h e s . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / b o o t u p : a l l o w { r e a d | w r i t e } _ c r 8 p v o p s c a l l . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / b o o t u p : a l l o w r e a d _ t s c p c a l l f o r X e n P V g u e s t s . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n p v - o n - h v m : a d d p f n _ i s _ r a m h e l p e r f o r k d u m p ( O l a f H e r i n g ) \r b r > - x e n / h v c : h a n d l e b a c k e n d C L O S E D w i t h o u t C L O S I N G ( D a v i d V r a b e l ) \r b r > - x e n / x e n _ i n i t i a l _ d o m a i n : c h e c k t h a t x e n _ s t a r t _ i n f o i s i n i t i a l i z e d ( S t e f a n o \r b r > S t a b e l l i n i ) \r b r > - x e n : m a r k x e n _ i n i t _ I R Q _ _ i n i t ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / M a k e f i l e : f i x d o m - y b u i l d ( S t e f a n o S t a b e l l i n i ) \r b r > - M A I N T A I N E R S : a d d m y s e l f a s X e n A R M m a i n t a i n e r ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : c o m p i l e n e t b a c k ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : c o m p i l e b l k f r o n t a n d b l k b a c k ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : i m p l e m e n t a l l o c / f r e e _ x e n b a l l o o n e d _ p a g e s w i t h a l l o c _ p a g e s / k f r e e \r b r > ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : r e c e i v e X e n e v e n t s o n A R M ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : i n i t i a l i z e g r a n t _ t a b l e o n A R M ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : g e t p r i v i l e g e s t a t u s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : i n t r o d u c e C O N F I G _ X E N o n A R M ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n : d o n o t c o m p i l e m a n a g e , b a l l o o n , p c i , a c p i , p c p u a n d c p u _ h o t p l u g o n A R M \r b r > ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / t m e m : c l e a n u p ( J a n B e u l i c h ) \r b r > - x e n : A d d s e l f b a l l o n i n g m e m o r y r e s e r v a t i o n t u n a b l e . ( J a n a S a o u t ) \r b r > - x e n : c o n s t i f y a l l i n s t a n c e s o f ' s t r u c t a t t r i b u t e _ g r o u p ' ( J a n B e u l i c h ) \r b r > - x e n : F i x s e l f b a l l o o n i n g a n d e n s u r e i t d o e s n ' t g o t o o f a r ( D a n M a g e n h e i m e r ) \r b r > - x e n : s e l f - b a l l o o n n e e d s m o d u l e . h ( R a n d y D u n l a p ) \r b r > - x e n / b a l l o o n : F i x c o m p i l e e r r o r s - m i s s i n g h e a d e r f i l e s . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n : t m e m : s e l f - b a l l o o n i n g a n d f r o n t s w a p - s e l f s h r i n k i n g ( D a n M a g e n h e i m e r ) \r b r > - x e n : g r a n t : u s e x e n _ p f n _ t t y p e f o r f r a m e _ l i s t . ( I a n C a m p b e l l ) \r b r > - x e n : s y s f s : f i x b u i l d w a r n i n g . ( I a n C a m p b e l l ) \r b r > - x e n / a r m : I n t r o d u c e x e n _ u l o n g _ t f o r u n s i g n e d l o n g ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n : I n t r o d u c e x e n _ p f n _ t f o r p f n a n d m f n t y p e s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : X e n d e t e c t i o n a n d s h a r e d _ i n f o p a g e m a p p i n g ( S t e f a n o S t a b e l l i n i ) \r b r > - d o c s : X e n A R M D T b i n d i n g s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : e m p t y i m p l e m e n t a t i o n o f g r a n t _ t a b l e a r c h s p e c i f i c f u n c t i o n s ( S t e f a n o \r b r > S t a b e l l i n i ) \r b r > - x e n / a r m : s y n c _ b i t o p s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : p a g e . h d e f i n i t i o n s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / a r m : h y p e r c a l l s ( S t e f a n o S t a b e l l i n i ) \r b r > - a r m : i n i t i a l X e n s u p p o r t ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / v g a : a d d t h e x e n E F I v i d e o m o d e s u p p o r t ( J a n B e u l i c h ) \r b r > - x e n : a l l o w e n a b l e u s e o f V G A c o n s o l e o n d o m 0 ( J e r e m y F i t z h a r d i n g e ) \r b r > - x e n / p c i f r o n t : U s e X e n - S W I O T L B w h e n i n i t t i n g i f r e q u i r e d . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n / s w i o t l b : F o r e a r l y i n i t i a l i z a t i o n , r e t u r n z e r o o n s u c c e s s . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / s w i o t l b : U s e t h e s w i o t l b _ l a t e _ i n i t _ w i t h _ t b l t o i n i t X e n - S W I O T L B l a t e w h e n \r b r > P V P C I i s u s e d . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / s w i o t l b : M o v e t h e e r r o r s t r i n g s t o i t s o w n f u n c t i o n . ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - x e n / s w i o t l b : M o v e t h e n r _ t b l d e t e r m i n a t i o n i n i t s o w n f u n c t i o n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n : U s e c o r r e c t m a s k i n g i n x e n _ s w i o t l b _ a l l o c _ c o h e r e n t . ( R o n n y H e g e w a l d ) \r b r > - x e n / s w i o t l b : U s e p a g e a l i g n m e n t f o r e a r l y b u f f e r a l l o c a t i o n . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - s w i o t l b : E x p o s e s w i o t l b _ n r _ t l b f u n c t i o n t o m o d u l e s ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n - s w i o t l b : W h e n d o i n g c o h e r e n t a l l o c / d e a l l o c c h e c k b e f o r e s w i z z l i n g t h e \r b r > M F N s . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n - s w i o t l b : f i x p r i n t k a n d p a n i c a r g s ( R a n d y D u n l a p ) \r b r > - x e n - s w i o t l b : F i x w r o n g p a n i c . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n - s w i o t l b : R e t r y u p t h r e e t i m e s t o a l l o c a t e X e n - S W I O T L B ( K o n r a d R z e s z u t e k \r b r > W i l k ) \r b r > - s w i o t l b : a d d t h e l a t e s w i o t l b i n i t i a l i z a t i o n f u n c t i o n w i t h i o t l b m e m o r y \r b r > ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / s w i o t l b : W i t h m o r e t h a n 4 G B o n 6 4 - b i t , d i s a b l e t h e n a t i v e S W I O T L B . \r b r > ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / s w i o t l b : S i m p l i f y t h e l o g i c . ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / g n d e v : X e n b a c k e n d s u p p o r t f o r p a g e d o u t g r a n t t a r g e t s V 4 . ( A n d r e s L a g a r - \r b r > C a v i l l a ) \r b r > - x e n / a r m : c o m p i l e a n d r u n x e n b u s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n : c l e a r I R Q _ N O A U T O E N a n d I R Q _ N O R E Q U E S T ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / e v e n t s : f i x u n m a s k _ e v t c h n f o r P V o n H V M g u e s t s ( S t e f a n o S t a b e l l i n i ) \r b r > - x e n / p r i v c m d : C o r r e c t l y r e t u r n s u c c e s s f r o m I O C T L _ P R I V C M D _ M M A P B A T C H ( M a t s \r b r > P e t e r s s o n ) \r b r > - x e n / m m u : U s e X e n s p e c i f i c T L B f l u s h i n s t e a d o f t h e g e n e r i c o n e . ( K o n r a d \r b r > R z e s z u t e k W i l k ) [ O r a c l e - b u g : 1 4 6 3 0 1 7 0 ] \r b r > - x e n / e n l i g h t e n : D i s a b l e M W A I T _ L E A F s o t h a t a c p i - p a d w o n ' t b e l o a d e d . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x 8 6 , a m d , x e n : A v o i d N U L L p o i n t e r p a r a v i r t r e f e r e n c e s ( K o n r a d R z e s z u t e k W i l k ) \r b r > - x e n / s e t u p : f i l t e r A P E R F M P E R F c p u i d f e a t u r e o u t ( A n d r e P r z y w a r a ) \r b r > - x e n / e n l i g h t e n : E x p o s e M W A I T a n d M W A I T _ L E A F i f h y p e r v i s o r O K s i t . ( K o n r a d \r b r > R z e s z u t e k W i l k ) \r b r > - x e n / a c p i : F i x p o t e n t i a l m e m o r y l e a k / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 0 3 0 9 . h t m l \" > C V E - 2 0 1 3 - 0 3 0 9 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 0 3 1 0 . h t m l \" > C V E - 2 0 1 3 - 0 3 1 0 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 0 3 1 1 . h t m l \" > C V E - 2 0 1 3 - 0 3 1 1 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 3 - 0 2 2 8 . h t m l \" > C V E - 2 0 1 3 - 0 2 2 8 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( i 3 8 6 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . s r c . r p m / t d > t d > 2 a 8 2 d c 5 8 f b 8 5 f 4 b 2 6 3 7 d 1 1 d 5 b f 7 c 1 f c 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > c 8 6 d 7 3 9 4 3 1 1 a a 7 4 4 3 d d 8 3 d b 1 0 2 8 1 1 e 6 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > b 3 5 b a 6 0 a 3 2 e 9 5 a 6 e 8 d e 2 b 5 c 9 6 3 c a 6 0 8 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > 4 5 7 1 8 7 8 1 a f f c 2 2 4 8 2 2 c 9 0 d c d d e a 0 5 5 d f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . i 6 8 6 . r p m / t d > t d > 0 e 5 0 f a 2 9 b d 2 8 1 2 8 d c 6 a a 4 5 c 6 e d 1 4 e 6 d a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > c 0 8 a 0 0 f f 1 7 7 3 a 1 8 f a 6 c 2 9 7 8 6 b 9 b 2 5 c 1 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > d 7 6 1 5 6 f d 1 9 9 3 d d 1 d 8 b c 7 4 d b e 3 b 7 e 1 b 7 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 5 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . s r c . r p m / t d > t d > 2 a 8 2 d c 5 8 f b 8 5 f 4 b 2 6 3 7 d 1 1 d 5 b f 7 c 1 f c 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 0 d c c d 1 8 8 0 b b e 0 b 0 e d f 4 3 c a a 0 9 9 1 7 c 6 9 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 7 8 6 b 2 e 2 5 b 5 4 2 4 a c 8 2 6 e 6 e d e 3 5 5 7 5 5 3 9 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > d 9 0 4 5 6 3 1 0 2 5 c 7 f 8 a 6 8 4 7 3 f e 2 5 9 b a b 2 0 b / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . x 8 6 _ 6 4 . r p m / t d > t d > b 8 6 f b f f f 2 3 b 8 d 9 4 2 7 e 9 4 0 b 3 1 e d 7 e 6 a 1 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > c 0 8 a 0 0 f f 1 7 7 3 a 1 8 f a 6 c 2 9 7 8 6 b 9 b 2 5 c 1 d / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 5 u e k . n o a r c h . r p m / t d > t d > d 7 6 1 5 6 f d 1 9 9 3 d d 1 d 8 b c 7 4 d b e 3 b 7 e 1 b 7 f / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 7 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 7 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( i 3 8 6 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . s r c . r p m / t d > t d > d 5 f 2 7 f 3 2 3 c 7 a e 9 1 a c b 0 5 b d a 4 f a 0 5 6 c 8 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 3 1 f 1 a e 8 5 f 3 6 d c e 4 5 7 8 5 d 7 4 e e 5 4 4 b 4 6 e c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 7 0 a e 7 2 b 7 a 7 0 d 9 a 1 5 f 4 7 9 2 2 2 3 3 8 9 0 8 8 9 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > 5 d 3 9 d 7 2 e 0 d 3 c 8 6 3 5 e 2 d 8 3 c c e e 3 c 4 0 b 9 3 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . i 6 8 6 . r p m / t d > t d > e 6 d 5 1 8 e 3 a 4 b e 4 9 b f 9 5 9 2 6 9 4 9 7 2 f b f 9 9 a / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 8 a 8 b b e 1 a 8 a 0 1 b e 0 4 a c d 2 2 d 4 9 9 e e 1 3 c e 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 4 c b 8 e 4 3 f a 7 a 7 8 8 0 3 3 a 0 4 b a 8 0 d 5 c b 6 6 7 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . s r c . r p m / t d > t d > d 5 f 2 7 f 3 2 3 c 7 a e 9 1 a c b 0 5 b d a 4 f a 0 5 6 c 8 e / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 4 8 6 9 5 9 3 1 f 3 6 3 8 e 8 d f 3 8 3 f 7 c 5 f 3 f 8 6 6 5 9 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 4 2 9 5 a 8 f 7 4 8 6 1 8 d d 1 0 5 f 3 f d 9 c c b f 2 2 1 a 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 1 b f 9 5 e 2 4 9 9 7 b c f 7 6 9 6 5 2 b 2 6 4 a 0 7 5 a 3 c c / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > f 8 e 3 b 7 0 c 7 e e e 5 4 a a 1 a a d f 8 f a 1 b 8 1 7 b e 4 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 8 a 8 b b e 1 a 8 a 0 1 b e 0 4 a c d 2 2 d 4 9 9 e e 1 3 c e 2 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 2 . 6 . 3 9 - 4 0 0 . 1 7 . 1 . e l 6 u e k . n o a r c h . r p m / t d > t d > 4 c b 8 e 4 3 f a 7 a 7 8 8 0 3 3 a 0 4 b a 8 0 d 5 c b 6 6 7 6 / t d > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / e r r a t a / E L S A - 2 0 1 7 - 3 6 0 5 . h t m l \" > E L S A - 2 0 1 7 - 3 6 0 5 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "published": "2013-02-27T00:00:00", "cvss": {"score": 6.6, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://linux.oracle.com/errata/ELSA-2013-2507.html", "cvelist": ["CVE-2012-2375", "CVE-2013-0228", "CVE-2013-0190", "CVE-2012-4461", "CVE-2012-4565", "CVE-2013-0217", "CVE-2013-0311", "CVE-2013-0231", "CVE-2012-5517", "CVE-2012-4398", "CVE-2013-0310", "CVE-2012-4530", "CVE-2013-0216", "CVE-2013-0309"], "lastseen": "2018-04-04T13:07:01"}], "amazon": [{"id": "ALAS-2013-148", "type": "amazon", "title": "Medium: kernel,nvidia", "description": "**Issue Overview:**\n\nA malicious Network File System version 4 (NFSv4) server could return a crafted reply to a GETACL request, causing a denial of service on the client. ([CVE-2012-2375 __](<https://access.redhat.com/security/cve/CVE-2012-2375>), Moderate)\n\nA divide-by-zero flaw was found in the TCP Illinois congestion control algorithm implementation in the Linux kernel. If the TCP Illinois congestion control algorithm were in use (the sysctl net.ipv4.tcp_congestion_control variable set to \"illinois\"), a local, unprivileged user could trigger this flaw and cause a denial of service. ([CVE-2012-4565 __](<https://access.redhat.com/security/cve/CVE-2012-4565>), Moderate)\n\nA NULL pointer dereference flaw was found in the way a new node's hot added memory was propagated to other nodes' zonelists. By utilizing this newly added memory from one of the remaining nodes, a local, unprivileged user could use this flaw to cause a denial of service. ([CVE-2012-5517 __](<https://access.redhat.com/security/cve/CVE-2012-5517>), Moderate)\n\nIt was found that a prevoius kernel release did not correctly fix the [CVE-2009-4307 __](<https://access.redhat.com/security/cve/CVE-2009-4307>) issue, a divide-by-zero flaw in the ext4 file system code. A local, unprivileged user with the ability to mount an ext4 file system could use this flaw to cause a denial of service. ([CVE-2012-2100 __](<https://access.redhat.com/security/cve/CVE-2012-2100>), Low)\n\nA flaw was found in the way the Linux kernel's IPv6 implementation handled overlapping, fragmented IPv6 packets. A remote attacker could potentially use this flaw to bypass protection mechanisms (such as a firewall or intrusion detection system (IDS)) when sending network packets to a target system. ([CVE-2012-4444 __](<https://access.redhat.com/security/cve/CVE-2012-4444>), Low)\n\n \n**Affected Packages:** \n\n\nkernel,nvidia\n\n \n**Issue Correction:** \nRun _yum update kernel nvidia_ to update your system. You will need to reboot your system in order for the new kernel to be running. \n\n \n**New Packages:**\n \n \n i686: \n kernel-devel-3.2.36-1.46.amzn1.i686 \n kernel-headers-3.2.36-1.46.amzn1.i686 \n kernel-tools-debuginfo-3.2.36-1.46.amzn1.i686 \n kernel-tools-3.2.36-1.46.amzn1.i686 \n kernel-debuginfo-3.2.36-1.46.amzn1.i686 \n kernel-3.2.36-1.46.amzn1.i686 \n kernel-debuginfo-common-i686-3.2.36-1.46.amzn1.i686 \n \n noarch: \n kernel-doc-3.2.36-1.46.amzn1.noarch \n \n src: \n kernel-3.2.36-1.46.amzn1.src \n nvidia-310.19-2012.09.10.amzn1.src \n \n x86_64: \n kernel-devel-3.2.36-1.46.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.2.36-1.46.amzn1.x86_64 \n kernel-tools-3.2.36-1.46.amzn1.x86_64 \n kernel-debuginfo-3.2.36-1.46.amzn1.x86_64 \n kernel-3.2.36-1.46.amzn1.x86_64 \n kernel-tools-debuginfo-3.2.36-1.46.amzn1.x86_64 \n kernel-headers-3.2.36-1.46.amzn1.x86_64 \n nvidia-310.19-2012.09.10.amzn1.x86_64 \n nvidia-kmod-3.2.36-1.46.amzn1-310.19-2012.09.10.amzn1.x86_64 \n \n \n", "published": "2013-01-14T01:14:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2013-148.html", "cvelist": ["CVE-2012-2375", "CVE-2012-4444", "CVE-2012-2100", "CVE-2012-4565", "CVE-2012-5517", "CVE-2009-4307"], "lastseen": "2016-09-28T21:04:02"}, {"id": "ALAS-2012-142", "type": "amazon", "title": "Medium: kernel", "description": "**Issue Overview:**\n\nA use-after-free flaw was found in the Linux kernel's memory management subsystem in the way quota handling for huge pages was performed. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. ([CVE-2012-2133 __](<https://access.redhat.com/security/cve/CVE-2012-2133>), Moderate)\n\nA use-after-free flaw was found in the madvise() system call implementation in the Linux kernel. A local, unprivileged user could use this flaw to cause a denial of service or, potentially, escalate their privileges. ([CVE-2012-3511 __](<https://access.redhat.com/security/cve/CVE-2012-3511>), Moderate)\n\nIt was found that when running a 32-bit binary that uses a large number of shared libraries, one of the libraries would always be loaded at a predictable address in memory. An attacker could use this flaw to bypass the Address Space Layout Randomization (ASLR) security feature. ([CVE-2012-1568 __](<https://access.redhat.com/security/cve/CVE-2012-1568>), Low)\n\nBuffer overflow flaws were found in the udf_load_logicalvol() function in the Universal Disk Format (UDF) file system implementation in the Linux kernel. An attacker with physical access to a system could use these flaws to cause a denial of service or escalate their privileges. ([CVE-2012-3400 __](<https://access.redhat.com/security/cve/CVE-2012-3400>), Low)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running. \n\n \n**New Packages:**\n \n \n i686: \n kernel-devel-3.2.34-55.46.amzn1.i686 \n kernel-debuginfo-3.2.34-55.46.amzn1.i686 \n kernel-3.2.34-55.46.amzn1.i686 \n kernel-tools-3.2.34-55.46.amzn1.i686 \n kernel-headers-3.2.34-55.46.amzn1.i686 \n kernel-debuginfo-common-i686-3.2.34-55.46.amzn1.i686 \n kernel-tools-debuginfo-3.2.34-55.46.amzn1.i686 \n \n noarch: \n kernel-doc-3.2.34-55.46.amzn1.noarch \n \n src: \n kernel-3.2.34-55.46.amzn1.src \n \n x86_64: \n kernel-devel-3.2.34-55.46.amzn1.x86_64 \n kernel-tools-3.2.34-55.46.amzn1.x86_64 \n kernel-debuginfo-3.2.34-55.46.amzn1.x86_64 \n kernel-headers-3.2.34-55.46.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.2.34-55.46.amzn1.x86_64 \n kernel-3.2.34-55.46.amzn1.x86_64 \n kernel-tools-debuginfo-3.2.34-55.46.amzn1.x86_64 \n \n \n", "published": "2012-11-20T06:34:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://alas.aws.amazon.com/ALAS-2012-142.html", "cvelist": ["CVE-2012-2133", "CVE-2012-4508", "CVE-2012-3511", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-1568", "CVE-2012-3400"], "lastseen": "2016-09-28T21:03:59"}], "centos": [{"id": "CESA-2012:1580", "type": "centos", "title": "kernel, perf, python security update", "description": "**CentOS Errata and Security Advisory** CESA-2012:1580\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* It was found that the RHSA-2012:0862 update did not correctly fix the\nCVE-2011-4131 issue. A malicious Network File System version 4 (NFSv4)\nserver could return a crafted reply to a GETACL request, causing a denial\nof service on the client. (CVE-2012-2375, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion control\nalgorithm implementation in the Linux kernel. If the TCP Illinois\ncongestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to \"illinois\"), a local,\nunprivileged user could trigger this flaw and cause a denial of service.\n(CVE-2012-4565, Moderate)\n\n* A NULL pointer dereference flaw was found in the way a new node's hot\nadded memory was propagated to other nodes' zonelists. By utilizing this\nnewly added memory from one of the remaining nodes, a local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2012-5517,\nModerate)\n\n* It was found that the initial release of Red Hat Enterprise Linux 6 did\nnot correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the\next4 file system code. A local, unprivileged user with the ability to mount\nan ext4 file system could use this flaw to cause a denial of service.\n(CVE-2012-2100, Low)\n\n* A flaw was found in the way the Linux kernel's IPv6 implementation\nhandled overlapping, fragmented IPv6 packets. A remote attacker could\npotentially use this flaw to bypass protection mechanisms (such as a\nfirewall or intrusion detection system (IDS)) when sending network packets\nto a target system. (CVE-2012-4444, Low)\n\nRed Hat would like to thank Antonios Atlasis working with Beyond Security's\nSecuriTeam Secure Disclosure program and Loganaden Velvindron of AFRINIC\nfor reporting CVE-2012-4444. The CVE-2012-2375 issue was discovered by Jian\nLi of Red Hat, and CVE-2012-4565 was discovered by Rodrigo Freire of Red\nHat.\n\nThis update also fixes numerous bugs and adds one enhancement. Space \nprecludes documenting all of these changes in this advisory. Documentation\nfor these changes will be available shortly from the Red Hat Enterprise \nLinux 6.3 Technical Notes document linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, fix these bugs and add the enhancement \nnoted in the Technical Notes. The system must be rebooted for this update \nto take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-December/019039.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-1580.html", "published": "2012-12-19T16:28:42", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "http://lists.centos.org/pipermail/centos-announce/2012-December/019039.html", "cvelist": ["CVE-2011-4131", "CVE-2012-2375", "CVE-2012-4444", "CVE-2012-2100", "CVE-2012-4565", "CVE-2012-5517", "CVE-2009-4307"], "lastseen": "2017-10-03T18:26:53"}], "redhat": [{"id": "RHSA-2012:1491", "type": "redhat", "title": "(RHSA-2012:1491) Important: kernel-rt security and bug fix update", "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way Netlink messages without SCM_CREDENTIALS\n(used for authentication) data set were handled. When not explicitly set,\nthe data was sent but with all values set to 0, including the process ID\nand user ID, causing the Netlink message to appear as if it were sent with\nroot privileges. A local, unprivileged user could use this flaw to send\nspoofed Netlink messages to an application, possibly resulting in the\napplication performing privileged operations if it relied on\nSCM_CREDENTIALS data for the authentication of Netlink messages.\n(CVE-2012-3520, Important)\n\n* A race condition was found in the way asynchronous I/O and fallocate()\ninteracted when using the ext4 file system. A local, unprivileged user\ncould use this flaw to expose random data from an extent whose data blocks\nhave not yet been written, and thus contain data from a deleted file.\n(CVE-2012-4508, Important)\n\n* A use-after-free flaw was found in the Linux kernel's memory management\nsubsystem in the way quota handling for huge pages was performed. A local,\nunprivileged user could use this flaw to cause a denial of service or,\npotentially, escalate their privileges. (CVE-2012-2133, Moderate)\n\n* A use-after-free flaw was found in the madvise() system call\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to cause a denial of service or, potentially, escalate their\nprivileges. (CVE-2012-3511, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion control\nalgorithm implementation in the Linux kernel. If the TCP Illinois\ncongestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to \"illinois\"), a local,\nunprivileged user could trigger this flaw and cause a denial of service.\n(CVE-2012-4565, Moderate)\n\n* An information leak flaw was found in the uname() system call\nimplementation in the Linux kernel. A local, unprivileged user could use\nthis flaw to leak kernel stack memory to user-space by setting the UNAME26\npersonality and then calling the uname() system call. (CVE-2012-0957, Low)\n\n* Buffer overflow flaws were found in the udf_load_logicalvol() function in\nthe Universal Disk Format (UDF) file system implementation in the Linux\nkernel. An attacker with physical access to a system could use these flaws\nto cause a denial of service or escalate their privileges. (CVE-2012-3400,\nLow)\n\n* A flaw was found in the way the msg_namelen variable in the rds_recvmsg()\nfunction of the Linux kernel's Reliable Datagram Sockets (RDS) protocol\nimplementation was initialized. A local, unprivileged user could use this\nflaw to leak kernel stack memory to user-space. (CVE-2012-3430, Low)\n\nRed Hat would like to thank Pablo Neira Ayuso for reporting CVE-2012-3520;\nTheodore Ts'o for reporting CVE-2012-4508; Shachar Raindel for reporting\nCVE-2012-2133; and Kees Cook for reporting CVE-2012-0957. Upstream\nacknowledges Dmitry Monakhov as the original reporter of CVE-2012-4508. The\nCVE-2012-4565 issue was discovered by Rodrigo Freire of Red Hat, and the\nCVE-2012-3430 issue was discovered by the Red Hat InfiniBand team.\n\nThis update also fixes multiple bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which upgrade the kernel-rt\nkernel to version kernel-rt-3.2.33-rt50, and correct these issues. The\nsystem must be rebooted for this update to take effect.\n", "published": "2012-12-04T05:00:00", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:1491", "cvelist": ["CVE-2012-2133", "CVE-2012-4508", "CVE-2012-3520", "CVE-2012-3511", "CVE-2012-4565", "CVE-2012-0957", "CVE-2012-3400", "CVE-2012-3430"], "lastseen": "2017-03-03T19:18:34"}, {"id": "RHSA-2012:1580", "type": "redhat", "title": "(RHSA-2012:1580) Moderate: kernel security, bug fix and enhancement update", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* It was found that the RHSA-2012:0862 update did not correctly fix the\nCVE-2011-4131 issue. A malicious Network File System version 4 (NFSv4)\nserver could return a crafted reply to a GETACL request, causing a denial\nof service on the client. (CVE-2012-2375, Moderate)\n\n* A divide-by-zero flaw was found in the TCP Illinois congestion control\nalgorithm implementation in the Linux kernel. If the TCP Illinois\ncongestion control algorithm were in use (the sysctl\nnet.ipv4.tcp_congestion_control variable set to \"illinois\"), a local,\nunprivileged user could trigger this flaw and cause a denial of service.\n(CVE-2012-4565, Moderate)\n\n* A NULL pointer dereference flaw was found in the way a new node's hot\nadded memory was propagated to other nodes' zonelists. By utilizing this\nnewly added memory from one of the remaining nodes, a local, unprivileged\nuser could use this flaw to cause a denial of service. (CVE-2012-5517,\nModerate)\n\n* It was found that the initial release of Red Hat Enterprise Linux 6 did\nnot correctly fix the CVE-2009-4307 issue, a divide-by-zero flaw in the\next4 file system code. A local, unprivileged user with the ability to mount\nan ext4 file system could use this flaw to cause a denial of service.\n(CVE-2012-2100, Low)\n\n* A flaw was found in the way the Linux kernel's IPv6 implementation\nhandled overlapping, fragmented IPv6 packets. A remote attacker could\npotentially use this flaw to bypass protection mechanisms (such as a\nfirewall or intrusion detection system (IDS)) when sending network packets\nto a target system. (CVE-2012-4444, Low)\n\nRed Hat would like to thank Antonios Atlasis working with Beyond Security's\nSecuriTeam Secure Disclosure program and Loganaden Velvindron of AFRINIC\nfor reporting CVE-2012-4444. The CVE-2012-2375 issue was discovered by Jian\nLi of Red Hat, and CVE-2012-4565 was discovered by Rodrigo Freire of Red\nHat.\n\nThis update also fixes numerous bugs and adds one enhancement. Space \nprecludes documenting all of these changes in this advisory. Documentation\nfor these changes will be available shortly from the Red Hat Enterprise \nLinux 6.3 Technical Notes document linked to in the References section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, fix these bugs and add the enhancement \nnoted in the Technical Notes. The system must be rebooted for this update \nto take effect.\n", "published": "2012-12-18T05:00:00", "cvss": {"score": 7.1, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "href": "https://access.redhat.com/errata/RHSA-2012:1580", "cvelist": ["CVE-2009-4307", "CVE-2011-4131", "CVE-2012-2100", "CVE-2012-2375", "CVE-2012-4444", "CVE-2012-4565", "CVE-2012-5517"], "lastseen": "2017-12-25T20:04:51"}]}}