{"id": "UBUNTU_USN-1880-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1880-1)", "description": "An information leak was discovered in the Linux kernel when inotify is\nused to monitor the /dev/ptmx device. A local user could exploit this\nflaw to discover keystroke timing and potentially discover sensitive\ninformation like password length. (CVE-2013-0160)\n\nAn information leak was discovered in the Linux kernel's tkill and\ntgkill system calls when used from compat processes. A local user\ncould exploit this flaw to examine potentially sensitive kernel\nmemory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for\nIntel Sandy Bridge and Ivy Bridge processors. A local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol\nimplementation. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer\nTwo Tunneling Protocol) implementation. A local user could exploit\nthis flaw to examine potentially sensitive information from the\nkernel's stack memory. (CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near\nfield communication) support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "published": "2013-06-16T00:00:00", "modified": "2021-01-02T00:00:00", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/66903", "reporter": "Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://usn.ubuntu.com/1880-1/"], "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "type": "nessus", "lastseen": "2021-01-01T06:39:40", "edition": 26, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:841478", "OPENVAS:841473", "OPENVAS:841482", "OPENVAS:841480", "OPENVAS:1361412562310841477", "OPENVAS:1361412562310841478", "OPENVAS:1361412562310841473", "OPENVAS:1361412562310841480", "OPENVAS:1361412562310841482", "OPENVAS:841477"]}, {"type": "nessus", "idList": ["SUSE_11_KERNEL-130702.NASL", "DEBIAN_DSA-2669.NASL", "UBUNTU_USN-1837-1.NASL", "FEDORA_2013-6999.NASL", "SUSE_11_KERNEL-130604.NASL", "UBUNTU_USN-1877-1.NASL", "UBUNTU_USN-1878-1.NASL", "FEDORA_2013-6537.NASL", "UBUNTU_USN-1876-1.NASL", "UBUNTU_USN-1881-1.NASL"]}, {"type": "ubuntu", "idList": ["USN-1882-1", "USN-1877-1", "USN-1837-1", "USN-1879-1", "USN-1878-1", "USN-1881-1", "USN-1880-1", "USN-1883-1", "USN-1849-1", "USN-1876-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29460", "SECURITYVULNS:VULN:13100"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2013:1187-1", "SUSE-SU-2013:1022-2", "SUSE-SU-2013:1022-1", "SUSE-SU-2013:1182-1", "SUSE-SU-2013:1022-3", "SUSE-SU-2013:1182-2"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2669-1:6658C"]}, {"type": "cve", "idList": ["CVE-2013-3224", "CVE-2013-3225", "CVE-2013-3228", "CVE-2013-3229", "CVE-2013-2146", "CVE-2013-3227", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3235", "CVE-2013-3232"]}, {"type": "fedora", "idList": ["FEDORA:1F0D821165", "FEDORA:645032107F", "FEDORA:98C7A20D38"]}, {"type": "centos", "idList": ["CESA-2013:1034"]}, {"type": "redhat", "idList": ["RHSA-2013:1034"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-1034-1", "ELSA-2013-1034"]}, {"type": "amazon", "idList": ["ALAS-2013-200"]}], "modified": "2021-01-01T06:39:40", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2021-01-01T06:39:40", "rev": 2}, "vulnersScore": 6.4}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1880-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66903);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_bugtraq_id(59387, 59396, 60254);\n script_xref(name:\"USN\", value:\"1880-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-1880-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in the Linux kernel when inotify is\nused to monitor the /dev/ptmx device. A local user could exploit this\nflaw to discover keystroke timing and potentially discover sensitive\ninformation like password length. (CVE-2013-0160)\n\nAn information leak was discovered in the Linux kernel's tkill and\ntgkill system calls when used from compat processes. A local user\ncould exploit this flaw to examine potentially sensitive kernel\nmemory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for\nIntel Sandy Bridge and Ivy Bridge processors. A local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol\nimplementation. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer\nTwo Tunneling Protocol) implementation. A local user could exploit\nthis flaw to examine potentially sensitive information from the\nkernel's stack memory. (CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near\nfield communication) support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1880-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.5-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1880-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.5.0-34-generic\", pkgver:\"3.5.0-34.55~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic\");\n}\n", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "66903", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "scheme": null}

{"openvas": [{"lastseen": "2018-01-24T11:10:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Check for the Version of linux", "modified": "2018-01-24T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:841477", "href": "http://plugins.openvas.org/nasl.php?oid=841477", "type": "openvas", "title": "Ubuntu Update for linux USN-1881-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1881_1.nasl 8509 2018-01-24 06:57:46Z teissa $\n#\n# Ubuntu Update for linux USN-1881-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n An information leak was discovered in the Linux kernel's tkill and tgkill\n system calls when used from compat processes. A local user could exploit\n this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered in the Linux kernel's s390 - z/VM\n support. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3229)\n\n An information leak was discovered in the Linux kernel's l2tp (Layer Tw ...\n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"linux on Ubuntu 12.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(841477);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:42:33 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\", \"CVE-2013-3076\",\n \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\",\n \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\",\n \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\",\n \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Ubuntu Update for linux USN-1881-1\");\n\n script_xref(name: \"USN\", value: \"1881-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1881-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-generic\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-highbank\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-omap\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-powerpc-smp\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-powerpc64-smp\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:1361412562310841477", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841477", "type": "openvas", "title": "Ubuntu Update for linux USN-1881-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1881_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1881-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841477\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:42:33 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\", \"CVE-2013-3076\",\n \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\",\n \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\",\n \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\",\n \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Ubuntu Update for linux USN-1881-1\");\n\n script_xref(name:\"USN\", value:\"1881-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1881-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.10\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n An information leak was discovered in the Linux kernel's tkill and tgkill\n system calls when used from compat processes. A local user could exploit\n this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered in the Linux kernel's s390 - z/VM\n support. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3229)\n\n An information leak was discovered in the Linux kernel's l2tp (Layer Tw ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-generic\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-highbank\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-omap\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-powerpc-smp\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-powerpc64-smp\", ver:\"3.5.0-34.55\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2018-02-06T13:10:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Check for the Version of linux-lts-quantal", "modified": "2018-02-05T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:841480", "href": "http://plugins.openvas.org/nasl.php?oid=841480", "type": "openvas", "title": "Ubuntu Update for linux-lts-quantal USN-1880-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1880_1.nasl 8672 2018-02-05 16:39:18Z teissa $\n#\n# Ubuntu Update for linux-lts-quantal USN-1880-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n An information leak was discovered in the Linux kernel's tkill and tgkill\n system calls when used from compat processes. A local user could exploit\n this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered in the Linux kernel's s390 - z/VM\n support. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3229)\n\n An information leak was discovered in the Linux kernel' ...\n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"linux-lts-quantal on Ubuntu 12.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(841480);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:44:04 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\", \"CVE-2013-3076\",\n \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\",\n \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\",\n \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\",\n \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Ubuntu Update for linux-lts-quantal USN-1880-1\");\n\n script_xref(name: \"USN\", value: \"1880-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1880-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of linux-lts-quantal\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-generic\", ver:\"3.5.0-34.55~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:1361412562310841480", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841480", "type": "openvas", "title": "Ubuntu Update for linux-lts-quantal USN-1880-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1880_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-lts-quantal USN-1880-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841480\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:44:04 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\", \"CVE-2013-3076\",\n \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\",\n \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\",\n \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\",\n \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Ubuntu Update for linux-lts-quantal USN-1880-1\");\n\n script_xref(name:\"USN\", value:\"1880-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1880-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-quantal'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n script_tag(name:\"affected\", value:\"linux-lts-quantal on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n An information leak was discovered in the Linux kernel's tkill and tgkill\n system calls when used from compat processes. A local user could exploit\n this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered in the Linux kernel's s390 - z/VM\n support. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3229)\n\n An information leak was discovered in the Linux kernel' ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-34-generic\", ver:\"3.5.0-34.55~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2017-12-04T11:22:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-2850", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Check for the Version of linux-ti-omap4", "modified": "2017-12-01T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:841478", "href": "http://plugins.openvas.org/nasl.php?oid=841478", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1882-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1882_1.nasl 7958 2017-12-01 06:47:47Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1882-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote\n unauthenticated attacker could exploit this flaw to cause a denial of\n service (system crash) or potentially gain administrative privileges.\n (CVE-2013-2850)\n\n An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n An information leak was discovered in the Linux kernel's tkill and tgkill\n system calls when used from compat processes. A local user could exploit\n this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered i ...\n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"linux-ti-omap4 on Ubuntu 12.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(841478);\n script_version(\"$Revision: 7958 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:43:13 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-2850\", \"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\",\n \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\",\n \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\",\n \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\",\n \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1882-1\");\n\n script_xref(name: \"USN\", value: \"1882-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1882-1/\");\n script_summary(\"Check for the Version of linux-ti-omap4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-226-omap4\", ver:\"3.5.0-226.39\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-2850", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:1361412562310841478", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841478", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1882-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1882_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1882-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841478\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:43:13 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-2850\", \"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\",\n \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\",\n \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\",\n \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\",\n \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1882-1\");\n\n script_xref(name:\"USN\", value:\"1882-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1882-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.10\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote\n unauthenticated attacker could exploit this flaw to cause a denial of\n service (system crash) or potentially gain administrative privileges.\n (CVE-2013-2850)\n\n An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n An information leak was discovered in the Linux kernel's tkill and tgkill\n system calls when used from compat processes. A local user could exploit\n this flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered i ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.5.0-226-omap4\", ver:\"3.5.0-226.39\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:1361412562310841473", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841473", "type": "openvas", "title": "Ubuntu Update for linux USN-1878-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1878_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1878-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841473\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:41:07 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2146\", \"CVE-2013-3076\", \"CVE-2013-3222\",\n \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\",\n \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\",\n \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Ubuntu Update for linux USN-1878-1\");\n\n script_xref(name:\"USN\", value:\"1878-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1878-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered in the Linux kernel's s390 - z/VM\n support. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3229)\n\n An information leak was discovered in the Linux kernel's llc (Logical Link\n Layer 2) support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3231)\n\n An information leak was discovered in the Linux kernel's receiv ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-generic\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-generic-pae\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-highbank\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-omap\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-powerpc-smp\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-powerpc64-smp\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-virtual\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2018-02-05T11:11:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Check for the Version of linux", "modified": "2018-02-03T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:841473", "href": "http://plugins.openvas.org/nasl.php?oid=841473", "type": "openvas", "title": "Ubuntu Update for linux USN-1878-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1878_1.nasl 8650 2018-02-03 12:16:59Z teissa $\n#\n# Ubuntu Update for linux USN-1878-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered in the Linux kernel's s390 - z/VM\n support. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3229)\n\n An information leak was discovered in the Linux kernel's llc (Logical Link\n Layer 2) support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3231)\n\n An information leak was discovered in the Linux kernel's receiv ...\n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"linux on Ubuntu 12.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(841473);\n script_version(\"$Revision: 8650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:59 +0100 (Sat, 03 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:41:07 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2146\", \"CVE-2013-3076\", \"CVE-2013-3222\",\n \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\",\n \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\",\n \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_name(\"Ubuntu Update for linux USN-1878-1\");\n\n script_xref(name: \"USN\", value: \"1878-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1878-1/\");\n script_tag(name: \"summary\" , value: \"Check for the Version of linux\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-generic\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-generic-pae\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-highbank\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-omap\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-powerpc-smp\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-powerpc64-smp\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-48-virtual\", ver:\"3.2.0-48.74\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-2850", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:1361412562310841482", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841482", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1879-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1879_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1879-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841482\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:45:11 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-2850\", \"CVE-2013-0160\", \"CVE-2013-2146\", \"CVE-2013-3076\",\n \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\",\n \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\",\n \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1879-1\");\n\n script_xref(name:\"USN\", value:\"1879-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1879-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote\n unauthenticated attacker could exploit this flaw to cause a denial of\n service (system crash) or potentially gain administrative privileges.\n (CVE-2013-2850)\n\n An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered in the Linux kernel's s390 - z/VM\n support. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3229)\n\n An information leak was discovered in the Lin ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1433-omap4\", ver:\"3.2.0-1433.44\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:21:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-2850", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Check for the Version of linux-ti-omap4", "modified": "2017-12-01T00:00:00", "published": "2013-06-18T00:00:00", "id": "OPENVAS:841482", "href": "http://plugins.openvas.org/nasl.php?oid=841482", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1879-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1879_1.nasl 7958 2017-12-01 06:47:47Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1879-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote\n unauthenticated attacker could exploit this flaw to cause a denial of\n service (system crash) or potentially gain administrative privileges.\n (CVE-2013-2850)\n\n An information leak was discovered in the Linux kernel when inotify is used\n to monitor the /dev/ptmx device. A local user could exploit this flaw to\n discover keystroke timing and potentially discover sensitive information\n like password length. (CVE-2013-0160)\n\n A flaw was discovered in the Linux kernel's perf events subsystem for Intel\n Sandy Bridge and Ivy Bridge processors. A local user could exploit this\n flaw to cause a denial of service (system crash). (CVE-2013-2146)\n\n An information leak was discovered in the Linux kernel's crypto API. A\n local user could exploit this flaw to examine potentially sensitive\n information from the kernel's stack memory. (CVE-2013-3076)\n\n An information leak was discovered in the Linux kernel's rcvmsg path for\n ATM (Asynchronous Transfer Mode). A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3222)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n ax25 address family. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3223)\n\n An information leak was discovered in the Linux kernel's recvmsg path for\n the bluetooth address family. A local user could exploit this flaw to\n examine potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3224)\n\n An information leak was discovered in the Linux kernel's bluetooth rfcomm\n protocol support. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3225)\n\n An information leak was discovered in the Linux kernel's CAIF protocol\n implementation. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3227)\n\n An information leak was discovered in the Linux kernel's IRDA (infrared)\n support subsystem. A local user could exploit this flaw to examine\n potentially sensitive information from the kernel's stack memory.\n (CVE-2013-3228)\n\n An information leak was discovered in the Linux kernel's s390 - z/VM\n support. A local user could exploit this flaw to examine potentially\n sensitive information from the kernel's stack memory. (CVE-2013-3229)\n\n An information leak was discovered in the Lin ...\n\n Description truncated, for more information please check the Reference URL\";\n\n\ntag_affected = \"linux-ti-omap4 on Ubuntu 12.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(841482);\n script_version(\"$Revision: 7958 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-06-18 10:45:11 +0530 (Tue, 18 Jun 2013)\");\n script_cve_id(\"CVE-2013-2850\", \"CVE-2013-0160\", \"CVE-2013-2146\", \"CVE-2013-3076\",\n \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\",\n \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\",\n \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_tag(name:\"cvss_base\", value:\"7.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:A/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1879-1\");\n\n script_xref(name: \"USN\", value: \"1879-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1879-1/\");\n script_summary(\"Check for the Version of linux-ti-omap4\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1433-omap4\", ver:\"3.2.0-1433.44\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-01T06:39:40", "description": "An information leak was discovered in the Linux kernel when inotify is\nused to monitor the /dev/ptmx device. A local user could exploit this\nflaw to discover keystroke timing and potentially discover sensitive\ninformation like password length. (CVE-2013-0160)\n\nAn information leak was discovered in the Linux kernel's tkill and\ntgkill system calls when used from compat processes. A local user\ncould exploit this flaw to examine potentially sensitive kernel\nmemory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for\nIntel Sandy Bridge and Ivy Bridge processors. A local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol\nimplementation. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer\nTwo Tunneling Protocol) implementation. A local user could exploit\nthis flaw to examine potentially sensitive information from the\nkernel's stack memory. (CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near\nfield communication) support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2013-06-16T00:00:00", "title": "Ubuntu 12.10 : linux vulnerabilities (USN-1881-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank", "cpe:/o:canonical:ubuntu_linux:12.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic"], "id": "UBUNTU_USN-1881-1.NASL", "href": "https://www.tenable.com/plugins/nessus/66904", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1881-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66904);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_bugtraq_id(59387, 59396, 60254);\n script_xref(name:\"USN\", value:\"1881-1\");\n\n script_name(english:\"Ubuntu 12.10 : linux vulnerabilities (USN-1881-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in the Linux kernel when inotify is\nused to monitor the /dev/ptmx device. A local user could exploit this\nflaw to discover keystroke timing and potentially discover sensitive\ninformation like password length. (CVE-2013-0160)\n\nAn information leak was discovered in the Linux kernel's tkill and\ntgkill system calls when used from compat processes. A local user\ncould exploit this flaw to examine potentially sensitive kernel\nmemory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for\nIntel Sandy Bridge and Ivy Bridge processors. A local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol\nimplementation. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer\nTwo Tunneling Protocol) implementation. A local user could exploit\nthis flaw to examine potentially sensitive information from the\nkernel's stack memory. (CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near\nfield communication) support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1881-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.5-generic and / or\nlinux-image-3.5-highbank packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-0160\", \"CVE-2013-2141\", \"CVE-2013-2146\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1881-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-34-generic\", pkgver:\"3.5.0-34.55\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-34-highbank\", pkgver:\"3.5.0-34.55\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic / linux-image-3.5-highbank\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-01T06:39:40", "description": "An information leak was discovered in the Linux kernel when inotify is\nused to monitor the /dev/ptmx device. A local user could exploit this\nflaw to discover keystroke timing and potentially discover sensitive\ninformation like password length. (CVE-2013-0160)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for\nIntel Sandy Bridge and Ivy Bridge processors. A local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol\nimplementation. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2013-06-16T00:00:00", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-1878-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1878-1.NASL", "href": "https://www.tenable.com/plugins/nessus/66902", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1878-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66902);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-2146\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_xref(name:\"USN\", value:\"1878-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-1878-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in the Linux kernel when inotify is\nused to monitor the /dev/ptmx device. A local user could exploit this\nflaw to discover keystroke timing and potentially discover sensitive\ninformation like password length. (CVE-2013-0160)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for\nIntel Sandy Bridge and Ivy Bridge processors. A local user could\nexploit this flaw to cause a denial of service (system crash).\n(CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol\nimplementation. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1878-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-0160\", \"CVE-2013-2146\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1878-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-48-generic\", pkgver:\"3.2.0-48.74\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-48-generic-pae\", pkgver:\"3.2.0-48.74\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-48-highbank\", pkgver:\"3.2.0-48.74\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-48-virtual\", pkgver:\"3.2.0-48.74\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2021-01-01T06:39:38", "description": "An information leak was discovered in the Linux kernel's crypto API. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's bluetooth SCO\nsockets implementation. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3226)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol\nimplementation. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer\nTwo Tunneling Protocol) implementation. A local user could exploit\nthis flaw to examine potentially sensitive information from the\nkernel's stack memory. (CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's nfc (near\nfield communication) support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2013-05-25T00:00:00", "title": "Ubuntu 13.04 : linux vulnerabilities (USN-1837-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3226", "CVE-2013-3235", "CVE-2013-3223"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic", "cpe:/o:canonical:ubuntu_linux:13.04"], "id": "UBUNTU_USN-1837-1.NASL", "href": "https://www.tenable.com/plugins/nessus/66590", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1837-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66590);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3226\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3233\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_bugtraq_id(59377, 59380, 59381, 59382, 59383, 59385, 59387, 59388, 59389, 59390, 59393, 59396, 59397, 59398);\n script_xref(name:\"USN\", value:\"1837-1\");\n\n script_name(english:\"Ubuntu 13.04 : linux vulnerabilities (USN-1837-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in the Linux kernel's crypto API. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's bluetooth SCO\nsockets implementation. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3226)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol\nimplementation. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer\nTwo Tunneling Protocol) implementation. A local user could exploit\nthis flaw to examine potentially sensitive information from the\nkernel's stack memory. (CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's nfc (near\nfield communication) support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1837-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.8-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(13\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 13.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3226\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3233\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1837-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"13.04\", pkgname:\"linux-image-3.8.0-22-generic\", pkgver:\"3.8.0-22.33\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.8-generic\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-09-14T18:35:48", "description": "The SUSE Linux Enterprise 11 Service Pack 2 kernel has been updated to\nLinux kernel 3.0.80 which fixes various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Timing side channel on attacks were possible on\n /dev/ptmx that could allow local attackers to predict\n keypresses like e.g. passwords. This has been fixed\n again by updating accessed/modified time on the pty\n devices in resolution of 8 seconds, so that idle time\n detection can still work. (CVE-2013-0160)\n\n - The vcc_recvmsg function in net/atm/common.c in the\n Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3222)\n\n - The ax25_recvmsg function in net/ax25/af_ax25.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3223)\n\n - The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call. (CVE-2013-3224)\n\n - The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system\n call. (CVE-2013-3225)\n\n - The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system\n call. (CVE-2013-3227)\n\n - The irda_recvmsg_dgram function in net/irda/af_irda.c in\n the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3228)\n\n - The iucv_sock_recvmsg function in net/iucv/af_iucv.c in\n the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3229)\n\n - The llc_ui_recvmsg function in net/llc/af_llc.c in the\n Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3231)\n\n - The nr_recvmsg function in net/netrom/af_netrom.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3232)\n\n - The rose_recvmsg function in net/rose/af_rose.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3234)\n\n - net/tipc/socket.c in the Linux kernel did not initialize\n a certain data structure and a certain length variable,\n which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3235)\n\n - The crypto API in the Linux kernel did not initialize\n certain length variables, which allowed local users to\n obtain sensitive information from kernel stack memory\n via a crafted recvmsg or recvfrom system call, related\n to the hash_recvmsg function in crypto/algif_hash.c and\n the skcipher_recvmsg function in\n crypto/algif_skcipher.c. (CVE-2013-3076)\n\n - The scm_set_cred function in include/net/scm.h in the\n Linux kernel used incorrect uid and gid values during\n credentials passing, which allowed local users to gain\n privileges via a crafted application. (CVE-2013-1979)\n\n - A kernel information leak via tkill/tgkill was fixed.\n The following bugs have been fixed :\n\n - reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry. (bnc#822722)\n\n - libfc: do not exch_done() on invalid sequence ptr.\n (bnc#810722)\n\n - netfilter: ip6t_LOG: fix logging of packet mark.\n (bnc#821930)\n\n - hyperv: use 3.4 as LIC version string. (bnc#822431)\n\n - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID.\n (bnc#819655)\n\n - xen/netback: do not disconnect frontend when seeing\n oversize packet.\n\n - xen/netfront: reduce gso_max_size to account for max TCP\n header.\n\n - xen/netfront: fix kABI after 'reduce gso_max_size to\n account for max TCP header'.\n\n - xfs: Fix kABI due to change in xfs_buf. (bnc#815356)\n\n - xfs: fix race while discarding buffers [V4] (bnc#815356\n (comment 36)).\n\n - xfs: Serialize file-extending direct IO. (bnc#818371)\n\n - xhci: Do not switch webcams in some HP ProBooks to XHCI.\n (bnc#805804)\n\n - bluetooth: Do not switch BT on HP ProBook 4340.\n (bnc#812281)\n\n - s390/ftrace: fix mcount adjustment. (bnc#809895)\n\n - mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections. (bnc#804609,\n bnc#820434)\n\n - patches.fixes/xfs-backward-alloc-fix.diff: xfs: Avoid\n pathological backwards allocation. (bnc#805945)\n\n - mm: compaction: Restart compaction from near where it\n left off\n\n - mm: compaction: cache if a pageblock was scanned and no\n pages were isolated\n\n - mm: compaction: clear PG_migrate_skip based on\n compaction and reclaim activity\n\n - mm: compaction: Scan PFN caching KABI workaround\n\n - mm: page_allocator: Remove first_pass guard\n\n - mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles. (bnc#816451)\n\n - qlge: fix dma map leak when the last chunk is not\n allocated. (bnc#819519)\n\n - SUNRPC: Get rid of the redundant xprt->shutdown bit\n field. (bnc#800907)\n\n - SUNRPC: Ensure that we grab the XPRT_LOCK before calling\n xprt_alloc_slot. (bnc#800907)\n\n - SUNRPC: Fix a UDP transport regression. (bnc#800907)\n\n - SUNRPC: Allow caller of rpc_sleep_on() to select\n priority levels. (bnc#800907)\n\n - SUNRPC: Replace xprt->resend and xprt->sending with a\n priority queue. (bnc#800907)\n\n - SUNRPC: Fix potential races in xprt_lock_write_next().\n (bnc#800907)\n\n - md: cannot re-add disks after recovery. (bnc#808647)\n\n - fs/xattr.c:getxattr(): improve handling of allocation\n failures. (bnc#818053)\n\n - fs/xattr.c:listxattr(): fall back to vmalloc() if\n kmalloc() failed. (bnc#818053)\n\n - fs/xattr.c:setxattr(): improve handling of allocation\n failures. (bnc#818053)\n\n - fs/xattr.c: suppress page allocation failure warnings\n from sys_listxattr(). (bnc#818053)\n\n - virtio-blk: Call revalidate_disk() upon online disk\n resize. (bnc#817339)\n\n - usb-storage: CY7C68300A chips do not support Cypress\n ATACB. (bnc#819295)\n\n - patches.kernel.org/patch-3.0.60-61: Update references\n (add bnc#810580).\n\n - usb: Using correct way to clear usb3.0 devices remote\n wakeup feature. (bnc#818516)\n\n - xhci: Fix TD size for isochronous URBs. (bnc#818514)\n\n - ALSA: hda - fixup D3 pin and right channel mute on\n Haswell HDMI audio. (bnc#818798)\n\n - ALSA: hda - Apply pin-enablement workaround to all\n Haswell HDMI codecs. (bnc#818798)\n\n - xfs: fallback to vmalloc for large buffers in\n xfs_attrmulti_attr_get. (bnc#818053)\n\n - xfs: fallback to vmalloc for large buffers in\n xfs_attrlist_by_handle. (bnc#818053)\n\n - xfs: xfs: fallback to vmalloc for large buffers in\n xfs_compat_attrlist_by_handle. (bnc#818053)\n\n - xHCI: store rings type.\n\n - xhci: Fix hang on back-to-back Set TR Deq Ptr commands.\n\n - xHCI: check enqueue pointer advance into dequeue seg.\n\n - xHCI: store rings last segment and segment numbers.\n\n - xHCI: Allocate 2 segments for transfer ring.\n\n - xHCI: count free TRBs on transfer ring.\n\n - xHCI: factor out segments allocation and free function.\n\n - xHCI: update sg tablesize.\n\n - xHCI: set cycle state when allocate rings.\n\n - xhci: Reserve one command for USB3 LPM disable.\n\n - xHCI: dynamic ring expansion.\n\n - xhci: Do not warn on empty ring for suspended devices.\n\n - md/raid1: Do not release reference to device while\n handling read error. (bnc#809122, bnc#814719)\n\n - rpm/mkspec: Stop generating the get_release_number.sh\n file.\n\n - rpm/kernel-spec-macros: Properly handle KOTD release\n numbers with .g suffix.\n\n - rpm/kernel-spec-macros: Drop the %release_num macro We\n no longer put the -rcX tag into the release string.\n\n - rpm/kernel-*.spec.in, rpm/mkspec: Do not force the\n '<RELEASE>' string in specfiles.\n\n - mm/mmap: check for RLIMIT_AS before unmapping.\n (bnc#818327)\n\n - mm: Fix add_page_wait_queue() to work for PG_Locked bit\n waiters. (bnc#792584)\n\n - mm: Fix add_page_wait_queue() to work for PG_Locked bit\n waiters. (bnc#792584)\n\n - bonding: only use primary address for ARP. (bnc#815444)\n\n - bonding: remove entries for master_ip and vlan_ip and\n query devices instead. (bnc#815444)\n\n - mm: speedup in __early_pfn_to_nid. (bnc#810624)\n\n - TTY: fix atime/mtime regression. (bnc#815745)\n\n - sd_dif: problem with verify of type 1 protection\n information (PI). (bnc#817010)\n\n - sched: harden rq rt usage accounting. (bnc#769685,\n bnc#788590)\n\n - rcu: Avoid spurious RCU CPU stall warnings. (bnc#816586)\n\n - rcu: Dump local stack if cannot dump all CPUs stacks.\n (bnc#816586)\n\n - rcu: Fix detection of abruptly-ending stall.\n (bnc#816586)\n\n - rcu: Suppress NMI backtraces when stall ends before\n dump. (bnc#816586)\n\n - Update Xen patches to 3.0.74.\n\n - btrfs: do not re-enter when allocating a chunk.\n\n - btrfs: save us a read_lock.\n\n - btrfs: Check CAP_DAC_READ_SEARCH for\n BTRFS_IOC_INO_PATHS.\n\n - btrfs: remove unused fs_info from btrfs_decode_error().\n\n - btrfs: handle null fs_info in btrfs_panic().\n\n - btrfs: fix varargs in __btrfs_std_error.\n\n - btrfs: fix the race between bio and btrfs_stop_workers.\n\n - btrfs: fix NULL pointer after aborting a transaction.\n\n - btrfs: fix infinite loop when we abort on mount.\n\n - xfs: Do not allocate new buffers on every call to\n _xfs_buf_find. (bnc#763968)\n\n - xfs: fix buffer lookup race on allocation failure.\n (bnc#763968)", "edition": 17, "published": "2013-06-18T00:00:00", "title": "SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7811 / 7813 / 7814)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "modified": "2013-06-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:xen-kmp-trace", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:11:kernel-trace-extra", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:11:xen-kmp-default"], "id": "SUSE_11_KERNEL-130604.NASL", "href": "https://www.tenable.com/plugins/nessus/66912", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66912);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-1979\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n\n script_name(english:\"SuSE 11.2 Security Update : Linux kernel (SAT Patch Numbers 7811 / 7813 / 7814)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Service Pack 2 kernel has been updated to\nLinux kernel 3.0.80 which fixes various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - Timing side channel on attacks were possible on\n /dev/ptmx that could allow local attackers to predict\n keypresses like e.g. passwords. This has been fixed\n again by updating accessed/modified time on the pty\n devices in resolution of 8 seconds, so that idle time\n detection can still work. (CVE-2013-0160)\n\n - The vcc_recvmsg function in net/atm/common.c in the\n Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3222)\n\n - The ax25_recvmsg function in net/ax25/af_ax25.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3223)\n\n - The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call. (CVE-2013-3224)\n\n - The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system\n call. (CVE-2013-3225)\n\n - The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system\n call. (CVE-2013-3227)\n\n - The irda_recvmsg_dgram function in net/irda/af_irda.c in\n the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3228)\n\n - The iucv_sock_recvmsg function in net/iucv/af_iucv.c in\n the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3229)\n\n - The llc_ui_recvmsg function in net/llc/af_llc.c in the\n Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3231)\n\n - The nr_recvmsg function in net/netrom/af_netrom.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3232)\n\n - The rose_recvmsg function in net/rose/af_rose.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3234)\n\n - net/tipc/socket.c in the Linux kernel did not initialize\n a certain data structure and a certain length variable,\n which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3235)\n\n - The crypto API in the Linux kernel did not initialize\n certain length variables, which allowed local users to\n obtain sensitive information from kernel stack memory\n via a crafted recvmsg or recvfrom system call, related\n to the hash_recvmsg function in crypto/algif_hash.c and\n the skcipher_recvmsg function in\n crypto/algif_skcipher.c. (CVE-2013-3076)\n\n - The scm_set_cred function in include/net/scm.h in the\n Linux kernel used incorrect uid and gid values during\n credentials passing, which allowed local users to gain\n privileges via a crafted application. (CVE-2013-1979)\n\n - A kernel information leak via tkill/tgkill was fixed.\n The following bugs have been fixed :\n\n - reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry. (bnc#822722)\n\n - libfc: do not exch_done() on invalid sequence ptr.\n (bnc#810722)\n\n - netfilter: ip6t_LOG: fix logging of packet mark.\n (bnc#821930)\n\n - hyperv: use 3.4 as LIC version string. (bnc#822431)\n\n - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID.\n (bnc#819655)\n\n - xen/netback: do not disconnect frontend when seeing\n oversize packet.\n\n - xen/netfront: reduce gso_max_size to account for max TCP\n header.\n\n - xen/netfront: fix kABI after 'reduce gso_max_size to\n account for max TCP header'.\n\n - xfs: Fix kABI due to change in xfs_buf. (bnc#815356)\n\n - xfs: fix race while discarding buffers [V4] (bnc#815356\n (comment 36)).\n\n - xfs: Serialize file-extending direct IO. (bnc#818371)\n\n - xhci: Do not switch webcams in some HP ProBooks to XHCI.\n (bnc#805804)\n\n - bluetooth: Do not switch BT on HP ProBook 4340.\n (bnc#812281)\n\n - s390/ftrace: fix mcount adjustment. (bnc#809895)\n\n - mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections. (bnc#804609,\n bnc#820434)\n\n - patches.fixes/xfs-backward-alloc-fix.diff: xfs: Avoid\n pathological backwards allocation. (bnc#805945)\n\n - mm: compaction: Restart compaction from near where it\n left off\n\n - mm: compaction: cache if a pageblock was scanned and no\n pages were isolated\n\n - mm: compaction: clear PG_migrate_skip based on\n compaction and reclaim activity\n\n - mm: compaction: Scan PFN caching KABI workaround\n\n - mm: page_allocator: Remove first_pass guard\n\n - mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles. (bnc#816451)\n\n - qlge: fix dma map leak when the last chunk is not\n allocated. (bnc#819519)\n\n - SUNRPC: Get rid of the redundant xprt->shutdown bit\n field. (bnc#800907)\n\n - SUNRPC: Ensure that we grab the XPRT_LOCK before calling\n xprt_alloc_slot. (bnc#800907)\n\n - SUNRPC: Fix a UDP transport regression. (bnc#800907)\n\n - SUNRPC: Allow caller of rpc_sleep_on() to select\n priority levels. (bnc#800907)\n\n - SUNRPC: Replace xprt->resend and xprt->sending with a\n priority queue. (bnc#800907)\n\n - SUNRPC: Fix potential races in xprt_lock_write_next().\n (bnc#800907)\n\n - md: cannot re-add disks after recovery. (bnc#808647)\n\n - fs/xattr.c:getxattr(): improve handling of allocation\n failures. (bnc#818053)\n\n - fs/xattr.c:listxattr(): fall back to vmalloc() if\n kmalloc() failed. (bnc#818053)\n\n - fs/xattr.c:setxattr(): improve handling of allocation\n failures. (bnc#818053)\n\n - fs/xattr.c: suppress page allocation failure warnings\n from sys_listxattr(). (bnc#818053)\n\n - virtio-blk: Call revalidate_disk() upon online disk\n resize. (bnc#817339)\n\n - usb-storage: CY7C68300A chips do not support Cypress\n ATACB. (bnc#819295)\n\n - patches.kernel.org/patch-3.0.60-61: Update references\n (add bnc#810580).\n\n - usb: Using correct way to clear usb3.0 devices remote\n wakeup feature. (bnc#818516)\n\n - xhci: Fix TD size for isochronous URBs. (bnc#818514)\n\n - ALSA: hda - fixup D3 pin and right channel mute on\n Haswell HDMI audio. (bnc#818798)\n\n - ALSA: hda - Apply pin-enablement workaround to all\n Haswell HDMI codecs. (bnc#818798)\n\n - xfs: fallback to vmalloc for large buffers in\n xfs_attrmulti_attr_get. (bnc#818053)\n\n - xfs: fallback to vmalloc for large buffers in\n xfs_attrlist_by_handle. (bnc#818053)\n\n - xfs: xfs: fallback to vmalloc for large buffers in\n xfs_compat_attrlist_by_handle. (bnc#818053)\n\n - xHCI: store rings type.\n\n - xhci: Fix hang on back-to-back Set TR Deq Ptr commands.\n\n - xHCI: check enqueue pointer advance into dequeue seg.\n\n - xHCI: store rings last segment and segment numbers.\n\n - xHCI: Allocate 2 segments for transfer ring.\n\n - xHCI: count free TRBs on transfer ring.\n\n - xHCI: factor out segments allocation and free function.\n\n - xHCI: update sg tablesize.\n\n - xHCI: set cycle state when allocate rings.\n\n - xhci: Reserve one command for USB3 LPM disable.\n\n - xHCI: dynamic ring expansion.\n\n - xhci: Do not warn on empty ring for suspended devices.\n\n - md/raid1: Do not release reference to device while\n handling read error. (bnc#809122, bnc#814719)\n\n - rpm/mkspec: Stop generating the get_release_number.sh\n file.\n\n - rpm/kernel-spec-macros: Properly handle KOTD release\n numbers with .g suffix.\n\n - rpm/kernel-spec-macros: Drop the %release_num macro We\n no longer put the -rcX tag into the release string.\n\n - rpm/kernel-*.spec.in, rpm/mkspec: Do not force the\n '<RELEASE>' string in specfiles.\n\n - mm/mmap: check for RLIMIT_AS before unmapping.\n (bnc#818327)\n\n - mm: Fix add_page_wait_queue() to work for PG_Locked bit\n waiters. (bnc#792584)\n\n - mm: Fix add_page_wait_queue() to work for PG_Locked bit\n waiters. (bnc#792584)\n\n - bonding: only use primary address for ARP. (bnc#815444)\n\n - bonding: remove entries for master_ip and vlan_ip and\n query devices instead. (bnc#815444)\n\n - mm: speedup in __early_pfn_to_nid. (bnc#810624)\n\n - TTY: fix atime/mtime regression. (bnc#815745)\n\n - sd_dif: problem with verify of type 1 protection\n information (PI). (bnc#817010)\n\n - sched: harden rq rt usage accounting. (bnc#769685,\n bnc#788590)\n\n - rcu: Avoid spurious RCU CPU stall warnings. (bnc#816586)\n\n - rcu: Dump local stack if cannot dump all CPUs stacks.\n (bnc#816586)\n\n - rcu: Fix detection of abruptly-ending stall.\n (bnc#816586)\n\n - rcu: Suppress NMI backtraces when stall ends before\n dump. (bnc#816586)\n\n - Update Xen patches to 3.0.74.\n\n - btrfs: do not re-enter when allocating a chunk.\n\n - btrfs: save us a read_lock.\n\n - btrfs: Check CAP_DAC_READ_SEARCH for\n BTRFS_IOC_INO_PATHS.\n\n - btrfs: remove unused fs_info from btrfs_decode_error().\n\n - btrfs: handle null fs_info in btrfs_panic().\n\n - btrfs: fix varargs in __btrfs_std_error.\n\n - btrfs: fix the race between bio and btrfs_stop_workers.\n\n - btrfs: fix NULL pointer after aborting a transaction.\n\n - btrfs: fix infinite loop when we abort on mount.\n\n - xfs: Do not allocate new buffers on every call to\n _xfs_buf_find. (bnc#763968)\n\n - xfs: fix buffer lookup race on allocation failure.\n (bnc#763968)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=764209\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=768052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=769685\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=788590\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=792584\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=793139\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=797042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=797175\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=800907\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=802153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=805804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=805945\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=806431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=806980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808647\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=809122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=809155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=809748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=809895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=810580\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=810624\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=810722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=812281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=814719\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=815356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=815444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=815745\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816443\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816586\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816708\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=817010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=817339\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818053\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818327\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818798\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819295\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819519\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821560\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0160.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1979.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3076.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3222.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3223.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3224.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3225.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3227.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3228.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3229.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3231.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3234.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3235.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 7811 / 7813 / 7814 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-default-extra-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-extra-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-source-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-syms-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-trace-extra-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-extra-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-source-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-syms-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-trace-extra-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"xen-kmp-default-4.1.5_02_3.0.80_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"xen-kmp-trace-4.1.5_02_3.0.80_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-default-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-source-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-syms-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"kernel-trace-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"kernel-default-man-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.80-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"xen-kmp-default-4.1.5_02_3.0.80_0.5-0.5.5\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"xen-kmp-trace-4.1.5_02_3.0.80_0.5-0.5.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T18:35:48", "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to\n3.0.82 and to fix various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - The chase_port function in drivers/usb/serial/io_ti.c in\n the Linux kernel allowed local users to cause a denial\n of service (NULL pointer dereference and system crash)\n via an attempted /dev/ttyUSB read or write operation on\n a disconnected Edgeport USB serial converter.\n (CVE-2013-1774)\n\n - Timing side channel on attacks were possible on\n /dev/ptmx that could allow local attackers to predict\n keypresses like e.g. passwords. This has been fixed\n again by updating accessed/modified time on the pty\n devices in resolution of 8 seconds, so that idle time\n detection can still work. (CVE-2013-0160)\n\n - The vcc_recvmsg function in net/atm/common.c in the\n Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3222)\n\n - The ax25_recvmsg function in net/ax25/af_ax25.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3223)\n\n - The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call. (CVE-2013-3224)\n\n - The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system\n call. (CVE-2013-3225)\n\n - The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system\n call. (CVE-2013-3227)\n\n - The irda_recvmsg_dgram function in net/irda/af_irda.c in\n the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3228)\n\n - The iucv_sock_recvmsg function in net/iucv/af_iucv.c in\n the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3229)\n\n - The llc_ui_recvmsg function in net/llc/af_llc.c in the\n Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3231)\n\n - The nr_recvmsg function in net/netrom/af_netrom.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3232)\n\n - The rose_recvmsg function in net/rose/af_rose.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3234)\n\n - net/tipc/socket.c in the Linux kernel did not initialize\n a certain data structure and a certain length variable,\n which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3235)\n\n - The crypto API in the Linux kernel did not initialize\n certain length variables, which allowed local users to\n obtain sensitive information from kernel stack memory\n via a crafted recvmsg or recvfrom system call, related\n to the hash_recvmsg function in crypto/algif_hash.c and\n the skcipher_recvmsg function in\n crypto/algif_skcipher.c. (CVE-2013-3076)\n\n - The scm_set_cred function in include/net/scm.h in the\n Linux kernel used incorrect uid and gid values during\n credentials passing, which allowed local users to gain\n privileges via a crafted application. (CVE-2013-1979)\n\n - A kernel information leak via tkill/tgkill was fixed.\n The following non-security bugs have been fixed :\n\nS/390 :\n\n - af_iucv: Missing man page (bnc#825037, LTC#94825).\n\n - iucv: fix kernel panic at reboot (bnc#825037,\n LTC#93803).\n\n - kernel: lost IPIs on CPU hotplug (bnc#825037,\n LTC#94784).\n\n - dasd: Add missing descriptions for dasd timeout messages\n (bnc#825037, LTC#94762).\n\n - dasd: Fix hanging device after resume with internal\n error 13 (bnc#825037, LTC#94554).\n\n - cio: Suppress 2nd path verification during resume\n (bnc#825037, LTC#94554).\n\n - vmcp: Missing man page (bnc#825037, LTC#94453).\n\n - kernel: 3215 console crash (bnc#825037, LTC#94302).\n\n - netiucv: Hold rtnl between name allocation and device\n registration. (bnc#824159)\n\n - s390/ftrace: fix mcount adjustment (bnc#809895). \nHyperV :\n\n - Drivers: hv: Fix a bug in get_vp_index().\n\n - hyperv: Fix a compiler warning in netvsc_send().\n\n - Tools: hv: Fix a checkpatch warning.\n\n - tools: hv: skip iso9660 mounts in hv_vss_daemon.\n\n - tools: hv: use FIFREEZE/FITHAW in hv_vss_daemon.\n\n - tools: hv: use getmntent in hv_vss_daemon.\n\n - Tools: hv: Fix a checkpatch warning.\n\n - tools: hv: fix checks for origin of netlink message in\n hv_vss_daemon.\n\n - Tools: hv: fix warnings in hv_vss_daemon.\n\n - x86, hyperv: Handle Xen emulation of Hyper-V more\n gracefully.\n\n - hyperv: Fix a kernel warning from\n netvsc_linkstatus_callback().\n\n - Drivers: hv: balloon: make local functions static.\n\n - tools: hv: daemon should check type of received Netlink\n msg.\n\n - tools: hv: daemon setsockopt should use options macros.\n\n - tools: hv: daemon should subscribe only to CN_KVP_IDX\n group.\n\n - driver: hv: remove cast for kmalloc return value.\n\n - hyperv: use 3.4 as LIC version string (bnc#822431).\n BTRFS :\n\n - btrfs: flush delayed inodes if we are short on space.\n (bnc#801427)\n\n - btrfs: rework shrink_delalloc. (bnc#801427)\n\n - btrfs: fix our overcommit math. (bnc#801427)\n\n - btrfs: delay block group item insertion. (bnc#801427)\n\n - btrfs: remove bytes argument from do_chunk_alloc.\n (bnc#801427)\n\n - btrfs: run delayed refs first when out of space.\n (bnc#801427)\n\n - btrfs: do not commit instead of overcommitting.\n (bnc#801427)\n\n - btrfs: do not take inode delalloc mutex if we are a free\n space inode. (bnc#801427)\n\n - btrfs: fix chunk allocation error handling. (bnc#801427)\n\n - btrfs: remove extent mapping if we fail to add chunk.\n (bnc#801427)\n\n - btrfs: do not overcommit if we do not have enough space\n for global rsv. (bnc#801427)\n\n - btrfs: rework the overcommit logic to be based on the\n total size. (bnc#801427)\n\n - btrfs: steal from global reserve if we are cleaning up\n orphans. (bnc#801427)\n\n - btrfs: clear chunk_alloc flag on retryable failure.\n (bnc#801427)\n\n - btrfs: use reserved space for creating a snapshot.\n (bnc#801427)\n\n - btrfs: cleanup to make the function\n btrfs_delalloc_reserve_metadata more logic. (bnc#801427)\n\n - btrfs: fix space leak when we fail to reserve metadata\n space. (bnc#801427)\n\n - btrfs: fix space accounting for unlink and rename.\n (bnc#801427)\n\n - btrfs: allocate new chunks if the space is not enough\n for global rsv. (bnc#801427)\n\n - btrfs: various abort cleanups. (bnc#812526 / bnc#801427)\n\n - btrfs: simplify unlink reservations (bnc#801427). XFS :\n\n - xfs: Move allocation stack switch up to xfs_bmapi.\n (bnc#815356)\n\n - xfs: introduce XFS_BMAPI_STACK_SWITCH. (bnc#815356)\n\n - xfs: zero allocation_args on the kernel stack.\n (bnc#815356)\n\n - xfs: fix debug_object WARN at xfs_alloc_vextent().\n (bnc#815356)\n\n - xfs: do not defer metadata allocation to the workqueue.\n (bnc#815356)\n\n - xfs: introduce an allocation workqueue. (bnc#815356)\n\n - xfs: fix race while discarding buffers [V4] (bnc#815356\n (comment 36)).\n\n - xfs: Serialize file-extending direct IO. (bnc#818371)\n\n - xfs: Do not allocate new buffers on every call to\n _xfs_buf_find. (bnc#763968)\n\n - xfs: fix buffer lookup race on allocation failure\n (bnc#763968). ALSA :\n\n - Fix VT1708 jack detection on SLEPOS machines.\n (bnc#813922)\n\n - ALSA: hda - Avoid choose same converter for unused pins.\n (bnc#826186)\n\n - ALSA: hda - Cache the MUX selection for generic HDMI.\n (bnc#826186)\n\n - ALSA: hda - Haswell converter power state D0 verify.\n (bnc#826186)\n\n - ALSA: hda - Do not take unresponsive D3 transition too\n serious. (bnc#823597)\n\n - ALSA: hda - Introduce bit flags to\n snd_hda_codec_read/write(). (bnc#823597)\n\n - ALSA: hda - Check CORB overflow. (bnc#823597)\n\n - ALSA: hda - Check validity of CORB/RIRB WP reads.\n (bnc#823597)\n\n - ALSA: hda - Fix system panic when DMA > 40 bits for\n Nvidia audio controllers. (bnc#818465)\n\n - ALSA: hda - Add hint for suppressing lower cap for IDT\n codecs. (bnc#812332)\n\n - ALSA: hda - Enable mic-mute LED on more HP laptops\n (bnc#821859). Direct Rendering Manager (DRM) :\n\n - drm/i915: Add wait_for in init_ring_common. (bnc#813604)\n\n - drm/i915: Mark the ringbuffers as being in the GTT\n domain. (bnc#813604)\n\n - drm/edid: Do not print messages regarding stereo or\n csync by default. (bnc#821235)\n\n - drm/i915: force full modeset if the connector is in DPMS\n OFF mode. (bnc#809975)\n\n - drm/i915/sdvo: Use &amp;intel_sdvo->ddc instead of\n intel_sdvo->i2c for DDC. (bnc#808855)\n\n - drm/mm: fix dump table BUG. (bnc#808837)\n\n - drm/i915: Clear the stolen fb before enabling\n (bnc#808015). XEN :\n\n - xen/netback: Update references. (bnc#823342)\n\n - xen: Check for insane amounts of requests on the ring.\n\n - Update Xen patches to 3.0.82.\n\n - netback: do not disconnect frontend when seeing oversize\n packet.\n\n - netfront: reduce gso_max_size to account for max TCP\n header.\n\n - netfront: fix kABI after 'reduce gso_max_size to account\n for max TCP header'. Other :\n\n - x86, efi: retry ExitBootServices() on failure.\n (bnc#823386)\n\n - x86/efi: Fix dummy variable buffer allocation.\n (bnc#822080)\n\n - ext4: avoid hang when mounting non-journal filesystems\n with orphan list. (bnc#817377)\n\n - mm: compaction: Scan PFN caching KABI workaround (Fix\n KABI breakage (bnc#825657)).\n\n - autofs4 - fix get_next_positive_subdir(). (bnc#819523)\n\n - ocfs2: Add bits_wanted while calculating credits in\n ocfs2_calc_extend_credits. (bnc#822077)\n\n - writeback: Avoid needless scanning of b_dirty list.\n (bnc#819018)\n\n - writeback: Do not sort b_io list only because of block\n device inode. (bnc#819018)\n\n - re-enable io tracing. (bnc#785901)\n\n - pciehp: Corrected the old mismatching DMI strings.\n\n - SUNRPC: Prevent an rpc_task wakeup race. (bnc#825591)\n\n - tg3: Prevent system hang during repeated EEH errors.\n (bnc#822066)\n\n - scsi_dh_alua: multipath failover fails with error 15.\n (bnc#825696)\n\n - Do not switch camera on HP EB 8780. (bnc#797090)\n\n - Do not switch webcam for HP EB 8580w. (bnc#797090)\n\n - mm: fixup compilation error due to an asm write through\n a const pointer. (bnc#823795)\n\n - do not switch cam port on HP EliteBook 840. (bnc#822164)\n\n - net/sunrpc: xpt_auth_cache should be ignored when\n expired. (bnc#803320)\n\n - sunrpc/cache: ensure items removed from cache do not\n have pending upcalls. (bnc#803320)\n\n - sunrpc/cache: remove races with queuing an upcall.\n (bnc#803320)\n\n - sunrpc/cache: use cache_fresh_unlocked consistently and\n correctly. (bnc#803320)\n\n - KVM: x86: emulate movdqa. (bnc#821070)\n\n - KVM: x86: emulator: add support for vector alignment.\n (bnc#821070)\n\n - KVM: x86: emulator: expand decode flags to 64 bits.\n (bnc#821070)\n\n - xhci - correct comp_mode_recovery_timer on return from\n hibernate. (bnc#808136)\n\n - md/raid10 enough fixes. (bnc#773837)\n\n - lib/Makefile: Fix oid_registry build dependency.\n (bnc#823223)\n\n - Update config files: disable IP_PNP. (bnc#822825)\n\n - Fix kABI breakage for addition of\n snd_hda_bus.no_response_fallback. (bnc#823597)\n\n - Disable efi pstore by default. (bnc#804482 / bnc#820172)\n\n - md: Fix problem with GET_BITMAP_FILE returning wrong\n status. (bnc#812974)\n\n - bnx2x: Fix bridged GSO for 57710/57711 chips.\n (bnc#819610)\n\n - USB: xHCI: override bogus bulk wMaxPacketSize values.\n (bnc#823082)\n\n - BTUSB: Add MediaTek bluetooth MT76x0E support.\n (bnc#797727 / bnc#822340)\n\n - qlge: Update version to 1.00.00.32. (bnc#819195)\n\n - qlge: Fix ethtool autoneg advertising. (bnc#819195)\n\n - qlge: Fix receive path to drop error frames.\n (bnc#819195)\n\n - qlge: remove NETIF_F_TSO6 flag. (bnc#819195)\n\n - remove init of dev->perm_addr in drivers. (bnc#819195)\n\n - drivers/net: fix up function prototypes after __dev*\n removals. (bnc#819195)\n\n - qlge: remove __dev* attributes. (bnc#819195)\n\n - drivers: ethernet: qlogic: qlge_dbg.c: Fixed a coding\n style issue. (bnc#819195)\n\n - cxgb4: Force uninitialized state if FW_ON_ADAPTER is <\n FW_VERSION and we are the MASTER_PF. (bnc#809130)\n\n - USB: UHCI: fix for suspend of virtual HP controller.\n (bnc#817035)\n\n - timer_list: Convert timer list to be a proper seq_file.\n (bnc#818047)\n\n - timer_list: Split timer_list_show_tickdevices.\n (bnc#818047)\n\n - sched: Fix /proc/sched_debug failure on very very large\n systems. (bnc#818047)\n\n - sched: Fix /proc/sched_stat failure on very very large\n systems. (bnc#818047)\n\n - reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry. (bnc#822722)\n\n - libfc: do not exch_done() on invalid sequence ptr.\n (bnc#810722)\n\n - netfilter: ip6t_LOG: fix logging of packet mark.\n (bnc#821930)\n\n - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID.\n (bnc#819655)\n\n - HWPOISON: fix misjudgement of page_action() for errors\n on mlocked pages (Memory failure RAS (bnc#821799)).\n\n - HWPOISON: check dirty flag to match against clean page\n (Memory failure RAS (bnc#821799)).\n\n - HWPOISON: change order of error_states elements (Memory\n failure RAS (bnc#821799)).\n\n - mm: hwpoison: fix action_result() to print out\n dirty/clean (Memory failure RAS (bnc#821799)).\n\n - mm: mmu_notifier: re-fix freed page still mapped in\n secondary MMU. (bnc#821052)\n\n - Do not switch webcams in some HP ProBooks to XHCI.\n (bnc#805804)\n\n - Do not switch BT on HP ProBook 4340. (bnc#812281)\n\n - mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections. (bnc#804609,\n bnc#820434)\n\n - mm: compaction: Restart compaction from near where it\n left off\n\n - mm: compaction: cache if a pageblock was scanned and no\n pages were isolated\n\n - mm: compaction: clear PG_migrate_skip based on\n compaction and reclaim activity\n\n - mm: compaction: Scan PFN caching KABI workaround\n\n - mm: page_allocator: Remove first_pass guard\n\n - mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles (bnc#816451)", "edition": 17, "published": "2013-07-18T00:00:00", "title": "SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 7991 / 7992 / 7994)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-1774", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "modified": "2013-07-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:11:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:11:kernel-source", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:11:kernel-ec2", "p-cpe:/a:novell:suse_linux:11:kernel-trace-base", "p-cpe:/a:novell:suse_linux:11:kernel-default-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae", "p-cpe:/a:novell:suse_linux:11:kernel-xen-base", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:kernel-xen", "p-cpe:/a:novell:suse_linux:11:kernel-trace", "p-cpe:/a:novell:suse_linux:11:kernel-syms", "p-cpe:/a:novell:suse_linux:11:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:11:kernel-pae-extra", "p-cpe:/a:novell:suse_linux:11:kernel-xen-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default-devel", "p-cpe:/a:novell:suse_linux:11:kernel-default-man", "p-cpe:/a:novell:suse_linux:11:kernel-default-extra", "p-cpe:/a:novell:suse_linux:11:kernel-default", "p-cpe:/a:novell:suse_linux:11:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:11:xen-kmp-default"], "id": "SUSE_11_KERNEL-130702.NASL", "href": "https://www.tenable.com/plugins/nessus/68954", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(68954);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-1774\", \"CVE-2013-1979\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n\n script_name(english:\"SuSE 11.3 Security Update : Linux kernel (SAT Patch Numbers 7991 / 7992 / 7994)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 Service Pack 3 kernel has been updated to\n3.0.82 and to fix various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - The chase_port function in drivers/usb/serial/io_ti.c in\n the Linux kernel allowed local users to cause a denial\n of service (NULL pointer dereference and system crash)\n via an attempted /dev/ttyUSB read or write operation on\n a disconnected Edgeport USB serial converter.\n (CVE-2013-1774)\n\n - Timing side channel on attacks were possible on\n /dev/ptmx that could allow local attackers to predict\n keypresses like e.g. passwords. This has been fixed\n again by updating accessed/modified time on the pty\n devices in resolution of 8 seconds, so that idle time\n detection can still work. (CVE-2013-0160)\n\n - The vcc_recvmsg function in net/atm/common.c in the\n Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3222)\n\n - The ax25_recvmsg function in net/ax25/af_ax25.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3223)\n\n - The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call. (CVE-2013-3224)\n\n - The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system\n call. (CVE-2013-3225)\n\n - The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system\n call. (CVE-2013-3227)\n\n - The irda_recvmsg_dgram function in net/irda/af_irda.c in\n the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3228)\n\n - The iucv_sock_recvmsg function in net/iucv/af_iucv.c in\n the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3229)\n\n - The llc_ui_recvmsg function in net/llc/af_llc.c in the\n Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3231)\n\n - The nr_recvmsg function in net/netrom/af_netrom.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3232)\n\n - The rose_recvmsg function in net/rose/af_rose.c in the\n Linux kernel did not initialize a certain data\n structure, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3234)\n\n - net/tipc/socket.c in the Linux kernel did not initialize\n a certain data structure and a certain length variable,\n which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted\n recvmsg or recvfrom system call. (CVE-2013-3235)\n\n - The crypto API in the Linux kernel did not initialize\n certain length variables, which allowed local users to\n obtain sensitive information from kernel stack memory\n via a crafted recvmsg or recvfrom system call, related\n to the hash_recvmsg function in crypto/algif_hash.c and\n the skcipher_recvmsg function in\n crypto/algif_skcipher.c. (CVE-2013-3076)\n\n - The scm_set_cred function in include/net/scm.h in the\n Linux kernel used incorrect uid and gid values during\n credentials passing, which allowed local users to gain\n privileges via a crafted application. (CVE-2013-1979)\n\n - A kernel information leak via tkill/tgkill was fixed.\n The following non-security bugs have been fixed :\n\nS/390 :\n\n - af_iucv: Missing man page (bnc#825037, LTC#94825).\n\n - iucv: fix kernel panic at reboot (bnc#825037,\n LTC#93803).\n\n - kernel: lost IPIs on CPU hotplug (bnc#825037,\n LTC#94784).\n\n - dasd: Add missing descriptions for dasd timeout messages\n (bnc#825037, LTC#94762).\n\n - dasd: Fix hanging device after resume with internal\n error 13 (bnc#825037, LTC#94554).\n\n - cio: Suppress 2nd path verification during resume\n (bnc#825037, LTC#94554).\n\n - vmcp: Missing man page (bnc#825037, LTC#94453).\n\n - kernel: 3215 console crash (bnc#825037, LTC#94302).\n\n - netiucv: Hold rtnl between name allocation and device\n registration. (bnc#824159)\n\n - s390/ftrace: fix mcount adjustment (bnc#809895). \nHyperV :\n\n - Drivers: hv: Fix a bug in get_vp_index().\n\n - hyperv: Fix a compiler warning in netvsc_send().\n\n - Tools: hv: Fix a checkpatch warning.\n\n - tools: hv: skip iso9660 mounts in hv_vss_daemon.\n\n - tools: hv: use FIFREEZE/FITHAW in hv_vss_daemon.\n\n - tools: hv: use getmntent in hv_vss_daemon.\n\n - Tools: hv: Fix a checkpatch warning.\n\n - tools: hv: fix checks for origin of netlink message in\n hv_vss_daemon.\n\n - Tools: hv: fix warnings in hv_vss_daemon.\n\n - x86, hyperv: Handle Xen emulation of Hyper-V more\n gracefully.\n\n - hyperv: Fix a kernel warning from\n netvsc_linkstatus_callback().\n\n - Drivers: hv: balloon: make local functions static.\n\n - tools: hv: daemon should check type of received Netlink\n msg.\n\n - tools: hv: daemon setsockopt should use options macros.\n\n - tools: hv: daemon should subscribe only to CN_KVP_IDX\n group.\n\n - driver: hv: remove cast for kmalloc return value.\n\n - hyperv: use 3.4 as LIC version string (bnc#822431).\n BTRFS :\n\n - btrfs: flush delayed inodes if we are short on space.\n (bnc#801427)\n\n - btrfs: rework shrink_delalloc. (bnc#801427)\n\n - btrfs: fix our overcommit math. (bnc#801427)\n\n - btrfs: delay block group item insertion. (bnc#801427)\n\n - btrfs: remove bytes argument from do_chunk_alloc.\n (bnc#801427)\n\n - btrfs: run delayed refs first when out of space.\n (bnc#801427)\n\n - btrfs: do not commit instead of overcommitting.\n (bnc#801427)\n\n - btrfs: do not take inode delalloc mutex if we are a free\n space inode. (bnc#801427)\n\n - btrfs: fix chunk allocation error handling. (bnc#801427)\n\n - btrfs: remove extent mapping if we fail to add chunk.\n (bnc#801427)\n\n - btrfs: do not overcommit if we do not have enough space\n for global rsv. (bnc#801427)\n\n - btrfs: rework the overcommit logic to be based on the\n total size. (bnc#801427)\n\n - btrfs: steal from global reserve if we are cleaning up\n orphans. (bnc#801427)\n\n - btrfs: clear chunk_alloc flag on retryable failure.\n (bnc#801427)\n\n - btrfs: use reserved space for creating a snapshot.\n (bnc#801427)\n\n - btrfs: cleanup to make the function\n btrfs_delalloc_reserve_metadata more logic. (bnc#801427)\n\n - btrfs: fix space leak when we fail to reserve metadata\n space. (bnc#801427)\n\n - btrfs: fix space accounting for unlink and rename.\n (bnc#801427)\n\n - btrfs: allocate new chunks if the space is not enough\n for global rsv. (bnc#801427)\n\n - btrfs: various abort cleanups. (bnc#812526 / bnc#801427)\n\n - btrfs: simplify unlink reservations (bnc#801427). XFS :\n\n - xfs: Move allocation stack switch up to xfs_bmapi.\n (bnc#815356)\n\n - xfs: introduce XFS_BMAPI_STACK_SWITCH. (bnc#815356)\n\n - xfs: zero allocation_args on the kernel stack.\n (bnc#815356)\n\n - xfs: fix debug_object WARN at xfs_alloc_vextent().\n (bnc#815356)\n\n - xfs: do not defer metadata allocation to the workqueue.\n (bnc#815356)\n\n - xfs: introduce an allocation workqueue. (bnc#815356)\n\n - xfs: fix race while discarding buffers [V4] (bnc#815356\n (comment 36)).\n\n - xfs: Serialize file-extending direct IO. (bnc#818371)\n\n - xfs: Do not allocate new buffers on every call to\n _xfs_buf_find. (bnc#763968)\n\n - xfs: fix buffer lookup race on allocation failure\n (bnc#763968). ALSA :\n\n - Fix VT1708 jack detection on SLEPOS machines.\n (bnc#813922)\n\n - ALSA: hda - Avoid choose same converter for unused pins.\n (bnc#826186)\n\n - ALSA: hda - Cache the MUX selection for generic HDMI.\n (bnc#826186)\n\n - ALSA: hda - Haswell converter power state D0 verify.\n (bnc#826186)\n\n - ALSA: hda - Do not take unresponsive D3 transition too\n serious. (bnc#823597)\n\n - ALSA: hda - Introduce bit flags to\n snd_hda_codec_read/write(). (bnc#823597)\n\n - ALSA: hda - Check CORB overflow. (bnc#823597)\n\n - ALSA: hda - Check validity of CORB/RIRB WP reads.\n (bnc#823597)\n\n - ALSA: hda - Fix system panic when DMA > 40 bits for\n Nvidia audio controllers. (bnc#818465)\n\n - ALSA: hda - Add hint for suppressing lower cap for IDT\n codecs. (bnc#812332)\n\n - ALSA: hda - Enable mic-mute LED on more HP laptops\n (bnc#821859). Direct Rendering Manager (DRM) :\n\n - drm/i915: Add wait_for in init_ring_common. (bnc#813604)\n\n - drm/i915: Mark the ringbuffers as being in the GTT\n domain. (bnc#813604)\n\n - drm/edid: Do not print messages regarding stereo or\n csync by default. (bnc#821235)\n\n - drm/i915: force full modeset if the connector is in DPMS\n OFF mode. (bnc#809975)\n\n - drm/i915/sdvo: Use &amp;intel_sdvo->ddc instead of\n intel_sdvo->i2c for DDC. (bnc#808855)\n\n - drm/mm: fix dump table BUG. (bnc#808837)\n\n - drm/i915: Clear the stolen fb before enabling\n (bnc#808015). XEN :\n\n - xen/netback: Update references. (bnc#823342)\n\n - xen: Check for insane amounts of requests on the ring.\n\n - Update Xen patches to 3.0.82.\n\n - netback: do not disconnect frontend when seeing oversize\n packet.\n\n - netfront: reduce gso_max_size to account for max TCP\n header.\n\n - netfront: fix kABI after 'reduce gso_max_size to account\n for max TCP header'. Other :\n\n - x86, efi: retry ExitBootServices() on failure.\n (bnc#823386)\n\n - x86/efi: Fix dummy variable buffer allocation.\n (bnc#822080)\n\n - ext4: avoid hang when mounting non-journal filesystems\n with orphan list. (bnc#817377)\n\n - mm: compaction: Scan PFN caching KABI workaround (Fix\n KABI breakage (bnc#825657)).\n\n - autofs4 - fix get_next_positive_subdir(). (bnc#819523)\n\n - ocfs2: Add bits_wanted while calculating credits in\n ocfs2_calc_extend_credits. (bnc#822077)\n\n - writeback: Avoid needless scanning of b_dirty list.\n (bnc#819018)\n\n - writeback: Do not sort b_io list only because of block\n device inode. (bnc#819018)\n\n - re-enable io tracing. (bnc#785901)\n\n - pciehp: Corrected the old mismatching DMI strings.\n\n - SUNRPC: Prevent an rpc_task wakeup race. (bnc#825591)\n\n - tg3: Prevent system hang during repeated EEH errors.\n (bnc#822066)\n\n - scsi_dh_alua: multipath failover fails with error 15.\n (bnc#825696)\n\n - Do not switch camera on HP EB 8780. (bnc#797090)\n\n - Do not switch webcam for HP EB 8580w. (bnc#797090)\n\n - mm: fixup compilation error due to an asm write through\n a const pointer. (bnc#823795)\n\n - do not switch cam port on HP EliteBook 840. (bnc#822164)\n\n - net/sunrpc: xpt_auth_cache should be ignored when\n expired. (bnc#803320)\n\n - sunrpc/cache: ensure items removed from cache do not\n have pending upcalls. (bnc#803320)\n\n - sunrpc/cache: remove races with queuing an upcall.\n (bnc#803320)\n\n - sunrpc/cache: use cache_fresh_unlocked consistently and\n correctly. (bnc#803320)\n\n - KVM: x86: emulate movdqa. (bnc#821070)\n\n - KVM: x86: emulator: add support for vector alignment.\n (bnc#821070)\n\n - KVM: x86: emulator: expand decode flags to 64 bits.\n (bnc#821070)\n\n - xhci - correct comp_mode_recovery_timer on return from\n hibernate. (bnc#808136)\n\n - md/raid10 enough fixes. (bnc#773837)\n\n - lib/Makefile: Fix oid_registry build dependency.\n (bnc#823223)\n\n - Update config files: disable IP_PNP. (bnc#822825)\n\n - Fix kABI breakage for addition of\n snd_hda_bus.no_response_fallback. (bnc#823597)\n\n - Disable efi pstore by default. (bnc#804482 / bnc#820172)\n\n - md: Fix problem with GET_BITMAP_FILE returning wrong\n status. (bnc#812974)\n\n - bnx2x: Fix bridged GSO for 57710/57711 chips.\n (bnc#819610)\n\n - USB: xHCI: override bogus bulk wMaxPacketSize values.\n (bnc#823082)\n\n - BTUSB: Add MediaTek bluetooth MT76x0E support.\n (bnc#797727 / bnc#822340)\n\n - qlge: Update version to 1.00.00.32. (bnc#819195)\n\n - qlge: Fix ethtool autoneg advertising. (bnc#819195)\n\n - qlge: Fix receive path to drop error frames.\n (bnc#819195)\n\n - qlge: remove NETIF_F_TSO6 flag. (bnc#819195)\n\n - remove init of dev->perm_addr in drivers. (bnc#819195)\n\n - drivers/net: fix up function prototypes after __dev*\n removals. (bnc#819195)\n\n - qlge: remove __dev* attributes. (bnc#819195)\n\n - drivers: ethernet: qlogic: qlge_dbg.c: Fixed a coding\n style issue. (bnc#819195)\n\n - cxgb4: Force uninitialized state if FW_ON_ADAPTER is <\n FW_VERSION and we are the MASTER_PF. (bnc#809130)\n\n - USB: UHCI: fix for suspend of virtual HP controller.\n (bnc#817035)\n\n - timer_list: Convert timer list to be a proper seq_file.\n (bnc#818047)\n\n - timer_list: Split timer_list_show_tickdevices.\n (bnc#818047)\n\n - sched: Fix /proc/sched_debug failure on very very large\n systems. (bnc#818047)\n\n - sched: Fix /proc/sched_stat failure on very very large\n systems. (bnc#818047)\n\n - reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry. (bnc#822722)\n\n - libfc: do not exch_done() on invalid sequence ptr.\n (bnc#810722)\n\n - netfilter: ip6t_LOG: fix logging of packet mark.\n (bnc#821930)\n\n - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID.\n (bnc#819655)\n\n - HWPOISON: fix misjudgement of page_action() for errors\n on mlocked pages (Memory failure RAS (bnc#821799)).\n\n - HWPOISON: check dirty flag to match against clean page\n (Memory failure RAS (bnc#821799)).\n\n - HWPOISON: change order of error_states elements (Memory\n failure RAS (bnc#821799)).\n\n - mm: hwpoison: fix action_result() to print out\n dirty/clean (Memory failure RAS (bnc#821799)).\n\n - mm: mmu_notifier: re-fix freed page still mapped in\n secondary MMU. (bnc#821052)\n\n - Do not switch webcams in some HP ProBooks to XHCI.\n (bnc#805804)\n\n - Do not switch BT on HP ProBook 4340. (bnc#812281)\n\n - mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections. (bnc#804609,\n bnc#820434)\n\n - mm: compaction: Restart compaction from near where it\n left off\n\n - mm: compaction: cache if a pageblock was scanned and no\n pages were isolated\n\n - mm: compaction: clear PG_migrate_skip based on\n compaction and reclaim activity\n\n - mm: compaction: Scan PFN caching KABI workaround\n\n - mm: page_allocator: Remove first_pass guard\n\n - mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles (bnc#816451)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=763968\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=773837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=785901\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=797090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=797727\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=801427\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803320\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804482\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=804609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=805804\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=806976\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808015\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808136\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808837\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808855\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=809130\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=809895\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=809975\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=810722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=812281\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=812332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=812526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=812974\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=813604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=813922\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=815356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=816451\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=817035\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=817377\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=818465\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819195\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819523\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=819655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=820434\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821052\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821070\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821799\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821859\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=821930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822080\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822164\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822340\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822431\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822722\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=822825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=823082\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=823223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=823342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=823386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=823597\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=823795\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=824159\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=825037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=825591\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=825657\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=825696\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=826186\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-0160.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1774.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1979.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3076.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3222.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3223.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3224.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3225.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3227.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3228.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3229.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3231.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3232.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3234.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-3235.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Apply SAT patch number 7991 / 7992 / 7994 as appropriate.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-pae-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:kernel-xen-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-default-extra-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-extra-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-source-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-syms-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-trace-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-extra-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-default-extra-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-source-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-syms-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-trace-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-extra-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.2_04_3.0.82_0.7-0.9.3\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-default-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-source-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-syms-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"kernel-trace-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-pae-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"i586\", reference:\"kernel-xen-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"s390x\", reference:\"kernel-default-man-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.82-0.7.9\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, cpu:\"x86_64\", reference:\"xen-kmp-default-4.2.2_04_3.0.82_0.7-0.9.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:11:52", "description": "Fixes a large number of network related information leak CVEs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-04-29T00:00:00", "title": "Fedora 18 : kernel-3.8.8-203.fc18 (2013-6537)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-3232", "CVE-2013-3231", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3223"], "modified": "2013-04-29T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:18", "p-cpe:/a:fedoraproject:fedora:kernel"], "id": "FEDORA_2013-6537.NASL", "href": "https://www.tenable.com/plugins/nessus/66248", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-6537.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66248);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1979\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3228\", \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\");\n script_bugtraq_id(59377, 59380, 59383, 59385, 59387, 59389, 59390, 59394, 59396, 59397, 59398);\n script_xref(name:\"FEDORA\", value:\"2013-6537\");\n\n script_name(english:\"Fedora 18 : kernel-3.8.8-203.fc18 (2013-6537)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes a large number of network related information leak CVEs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956088\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956162\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-April/103750.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c1fe322\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"kernel-3.8.8-203.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:11:55", "description": "Update to latest upstream stable release, Linux v3.8.11. A variety of\nfixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2013-05-04T00:00:00", "title": "Fedora 17 : kernel-3.8.11-100.fc17 (2013-6999)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-3232", "CVE-2013-3231", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3223"], "modified": "2013-05-04T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-6999.NASL", "href": "https://www.tenable.com/plugins/nessus/66310", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-6999.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66310);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1979\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3228\", \"CVE-2013-3230\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3233\", \"CVE-2013-3234\");\n script_bugtraq_id(59377, 59380, 59383, 59385, 59387, 59389, 59390, 59394, 59396, 59397, 59398, 59538);\n script_xref(name:\"FEDORA\", value:\"2013-6999\");\n\n script_name(english:\"Fedora 17 : kernel-3.8.11-100.fc17 (2013-6999)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, Linux v3.8.11. A variety of\nfixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955216\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955599\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=955662\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956088\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956135\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=956162\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-May/104480.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3fc72dec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"kernel-3.8.11-100.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:39:40", "description": "Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual\nMachine) emulated the IOAPIC. A privileged guest user could exploit\nthis flaw to read host memory or cause a denial of service (crash the\nhost). (CVE-2013-1798)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2013-06-16T00:00:00", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1877-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-1798", "CVE-2013-3235", "CVE-2013-3223"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2"], "id": "UBUNTU_USN-1877-1.NASL", "href": "https://www.tenable.com/plugins/nessus/66901", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1877-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66901);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1798\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_bugtraq_id(58604);\n script_xref(name:\"USN\", value:\"1877-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1877-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual\nMachine) emulated the IOAPIC. A privileged guest user could exploit\nthis flaw to read host memory or cause a denial of service (crash the\nhost). (CVE-2013-1798)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1877-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:H/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-1798\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1877-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-353-ec2\", pkgver:\"2.6.32-353.66\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "cvss": {"score": 6.2, "vector": "AV:A/AC:H/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2021-01-01T06:39:40", "description": "Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual\nMachine) emulated the IOAPIC. A privileged guest user could exploit\nthis flaw to read host memory or cause a denial of service (crash the\nhost). (CVE-2013-1798)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2013-06-16T00:00:00", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-1876-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-1798", "CVE-2013-3235", "CVE-2013-3223"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia"], "id": "UBUNTU_USN-1876-1.NASL", "href": "https://www.tenable.com/plugins/nessus/66900", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1876-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(66900);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1798\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n script_bugtraq_id(58604);\n script_xref(name:\"USN\", value:\"1876-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerabilities (USN-1876-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual\nMachine) emulated the IOAPIC. A privileged guest user could exploit\nthis flaw to read host memory or cause a denial of service (crash the\nhost). (CVE-2013-1798)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path\nfor ATM (Asynchronous Transfer Mode). A local user could exploit this\nflaw to examine potentially sensitive information from the kernel's\nstack memory. (CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor ax25 address family. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path\nfor the bluetooth address family. A local user could exploit this flaw\nto examine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth\nrfcomm protocol support. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's IRDA\n(infrared) support subsystem. A local user could exploit this flaw to\nexamine potentially sensitive information from the kernel's stack\nmemory. (CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM\nsupport. A local user could exploit this flaw to examine potentially\nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical\nLink Layer 2) support. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive\nmessage handling for the netrom address family. A local user could\nexploit this flaw to obtain sensitive information from the kernel's\nstack memory. (CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25\nprotocol layer. A local user could exploit this flaw to examine\npotentially sensitive information from the kernel's stack memory.\n(CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC\n(Transparent Inter Process Communication) protocol implementation. A\nlocal user could exploit this flaw to examine potentially sensitive\ninformation from the kernel's stack memory. (CVE-2013-3235).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1876-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:A/AC:H/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/03/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/06/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-1798\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3232\", \"CVE-2013-3234\", \"CVE-2013-3235\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1876-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-48-386\", pkgver:\"2.6.32-48.110\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-48-generic\", pkgver:\"2.6.32-48.110\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-48-generic-pae\", pkgver:\"2.6.32-48.110\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-48-lpia\", pkgver:\"2.6.32-48.110\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-48-preempt\", pkgver:\"2.6.32-48.110\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-48-server\", pkgver:\"2.6.32-48.110\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-48-versatile\", pkgver:\"2.6.32-48.110\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-48-virtual\", pkgver:\"2.6.32-48.110\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 6.2, "vector": "AV:A/AC:H/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2021-01-12T09:47:49", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2013-0160\n vladz reported a timing leak with the /dev/ptmx\n character device. A local user could use this to\n determine sensitive information such as password length.\n\n - CVE-2013-1796\n Andrew Honig of Google reported an issue in the KVM\n subsystem. A user in a guest operating system could\n corrupt kernel memory, resulting in a denial of service.\n\n - CVE-2013-1929\n Oded Horovitz and Brad Spengler reported an issue in the\n device driver for Broadcom Tigon3 based gigabit\n Ethernet. Users with the ability to attach untrusted\n devices can create an overflow condition, resulting in a\n denial of service or elevated privileges.\n\n - CVE-2013-1979\n Andy Lutomirski reported an issue in the socket level\n control message processing subsystem. Local users may be\n able to gain eleveated privileges.\n\n - CVE-2013-2015\n Theodore Ts'o provided a fix for an issue in the ext4\n filesystem. Local users with the ability to mount a\n specially crafted filesystem can cause a denial of\n service (infinite loop).\n\n - CVE-2013-2094\n Tommie Rantala discovered an issue in the perf\n subsystem. An out-of-bounds access vulnerability allows\n local users to gain elevated privileges.\n\n - CVE-2013-3076\n Mathias Krause discovered an issue in the userspace\n interface for hash algorithms. Local users can gain\n access to sensitive kernel memory.\n\n - CVE-2013-3222\n Mathias Krause discovered an issue in the Asynchronous\n Transfer Mode (ATM) protocol support. Local users can\n gain access to sensitive kernel memory.\n\n - CVE-2013-3223\n Mathias Krause discovered an issue in the Amateur Radio\n AX.25 protocol support. Local users can gain access to\n sensitive kernel memory.\n\n - CVE-2013-3224\n Mathias Krause discovered an issue in the Bluetooth\n subsystem. Local users can gain access to sensitive\n kernel memory.\n\n - CVE-2013-3225\n Mathias Krause discovered an issue in the Bluetooth\n RFCOMM protocol support. Local users can gain access to\n sensitive kernel memory.\n\n - CVE-2013-3227\n Mathias Krause discovered an issue in the Communication\n CPU to Application CPU Interface (CAIF). Local users can\n gain access to sensitive kernel memory.\n\n - CVE-2013-3228\n Mathias Krause discovered an issue in the IrDA\n (infrared) subsystem support. Local users can gain\n access to sensitive kernel memory.\n\n - CVE-2013-3229\n Mathias Krause discovered an issue in the IUCV support\n on s390 systems. Local users can gain access to\n sensitive kernel memory.\n\n - CVE-2013-3231\n Mathias Krause discovered an issue in the ANSI/IEEE\n 802.2 LLC type 2 protocol support. Local users can gain\n access to sensitive kernel memory.\n\n - CVE-2013-3234\n Mathias Krause discovered an issue in the Amateur Radio\n X.25 PLP (Rose) protocol support. Local users can gain\n access to sensitive kernel memory.\n\n - CVE-2013-3235\n Mathias Krause discovered an issue in the Transparent\n Inter Process Communication (TIPC) protocol support.\n Local users can gain access to sensitive kernel memory.\n\n - CVE-2013-3301\n Namhyung Kim reported an issue in the tracing subsystem.\n A privileged local user could cause a denial of service\n (system crash). This vulnerabililty is not applicable to\n Debian systems by default.", "edition": 16, "published": "2013-05-17T00:00:00", "title": "Debian DSA-2669-1 : linux - privilege escalation/denial of service/information leak", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-3228", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3301", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-2015", "CVE-2013-1929", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-2094", "CVE-2013-1796", "CVE-2013-3235", "CVE-2013-3223"], "modified": "2013-05-17T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:7.0", "p-cpe:/a:debian:debian_linux:linux"], "id": "DEBIAN_DSA-2669.NASL", "href": "https://www.tenable.com/plugins/nessus/66486", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2669. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66486);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0160\", \"CVE-2013-1796\", \"CVE-2013-1929\", \"CVE-2013-1979\", \"CVE-2013-2015\", \"CVE-2013-2094\", \"CVE-2013-3076\", \"CVE-2013-3222\", \"CVE-2013-3223\", \"CVE-2013-3224\", \"CVE-2013-3225\", \"CVE-2013-3227\", \"CVE-2013-3228\", \"CVE-2013-3229\", \"CVE-2013-3231\", \"CVE-2013-3234\", \"CVE-2013-3235\", \"CVE-2013-3301\");\n script_bugtraq_id(57176, 58607, 58908, 59055, 59377, 59380, 59381, 59383, 59385, 59388, 59389, 59390, 59393, 59397, 59398, 59512, 59538);\n script_xref(name:\"DSA\", value:\"2669\");\n\n script_name(english:\"Debian DSA-2669-1 : linux - privilege escalation/denial of service/information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service, information leak or privilege\nescalation. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2013-0160\n vladz reported a timing leak with the /dev/ptmx\n character device. A local user could use this to\n determine sensitive information such as password length.\n\n - CVE-2013-1796\n Andrew Honig of Google reported an issue in the KVM\n subsystem. A user in a guest operating system could\n corrupt kernel memory, resulting in a denial of service.\n\n - CVE-2013-1929\n Oded Horovitz and Brad Spengler reported an issue in the\n device driver for Broadcom Tigon3 based gigabit\n Ethernet. Users with the ability to attach untrusted\n devices can create an overflow condition, resulting in a\n denial of service or elevated privileges.\n\n - CVE-2013-1979\n Andy Lutomirski reported an issue in the socket level\n control message processing subsystem. Local users may be\n able to gain eleveated privileges.\n\n - CVE-2013-2015\n Theodore Ts'o provided a fix for an issue in the ext4\n filesystem. Local users with the ability to mount a\n specially crafted filesystem can cause a denial of\n service (infinite loop).\n\n - CVE-2013-2094\n Tommie Rantala discovered an issue in the perf\n subsystem. An out-of-bounds access vulnerability allows\n local users to gain elevated privileges.\n\n - CVE-2013-3076\n Mathias Krause discovered an issue in the userspace\n interface for hash algorithms. Local users can gain\n access to sensitive kernel memory.\n\n - CVE-2013-3222\n Mathias Krause discovered an issue in the Asynchronous\n Transfer Mode (ATM) protocol support. Local users can\n gain access to sensitive kernel memory.\n\n - CVE-2013-3223\n Mathias Krause discovered an issue in the Amateur Radio\n AX.25 protocol support. Local users can gain access to\n sensitive kernel memory.\n\n - CVE-2013-3224\n Mathias Krause discovered an issue in the Bluetooth\n subsystem. Local users can gain access to sensitive\n kernel memory.\n\n - CVE-2013-3225\n Mathias Krause discovered an issue in the Bluetooth\n RFCOMM protocol support. Local users can gain access to\n sensitive kernel memory.\n\n - CVE-2013-3227\n Mathias Krause discovered an issue in the Communication\n CPU to Application CPU Interface (CAIF). Local users can\n gain access to sensitive kernel memory.\n\n - CVE-2013-3228\n Mathias Krause discovered an issue in the IrDA\n (infrared) subsystem support. Local users can gain\n access to sensitive kernel memory.\n\n - CVE-2013-3229\n Mathias Krause discovered an issue in the IUCV support\n on s390 systems. Local users can gain access to\n sensitive kernel memory.\n\n - CVE-2013-3231\n Mathias Krause discovered an issue in the ANSI/IEEE\n 802.2 LLC type 2 protocol support. Local users can gain\n access to sensitive kernel memory.\n\n - CVE-2013-3234\n Mathias Krause discovered an issue in the Amateur Radio\n X.25 PLP (Rose) protocol support. Local users can gain\n access to sensitive kernel memory.\n\n - CVE-2013-3235\n Mathias Krause discovered an issue in the Transparent\n Inter Process Communication (TIPC) protocol support.\n Local users can gain access to sensitive kernel memory.\n\n - CVE-2013-3301\n Namhyung Kim reported an issue in the tracing subsystem.\n A privileged local user could cause a denial of service\n (system crash). This vulnerabililty is not applicable to\n Debian systems by default.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-0160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-1796\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-1929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-1979\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2015\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-2094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3076\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3223\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3225\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3228\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3231\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-3301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2669\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux and user-mode-linux packages.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.2.41-2+deb7u1.\n\nNote: Updates are currently available for the amd64, i386, ia64, s390,\ns390x and sparc architectures. Updates for the remaining architectures\nwill be released as they become available.\n\nThe following matrix lists additional source packages that were\nrebuilt for compatibility with or to take advantage of this update :\n\n Debian 7.0 (wheezy) \n user-mode-linux 3.2-2um-1+deb7u1 \nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or 'leap-frog' fashion.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux\", reference:\"3.2.41-2+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:32:12", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3226", "CVE-2013-3235", "CVE-2013-3223"], "description": "An information leak was discovered in the Linux kernel's tkill and tgkill \nsystem calls when used from compat processes. A local user could exploit \nthis flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for Intel \nSandy Bridge and Ivy Bridge processors. A local user could exploit this \nflaw to cause a denial of service (system crash). (CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A \nlocal user could exploit this flaw to examine potentially sensitive \ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's bluetooth SCO \nsockets implementation. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3226)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol \nimplementation. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer Two \nTunneling Protocol) implementation. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near field \ncommunication) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-05-24T00:00:00", "published": "2013-05-24T00:00:00", "id": "USN-1837-1", "href": "https://ubuntu.com/security/notices/USN-1837-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-07-09T00:35:20", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Andy Lutomirski discover an error in the Linux kernel's credential handling \non unix sockets. A local user could exploit this flaw to gain \nadministrative privileges. (CVE-2013-1979)\n\nAn information leak was discovered in the Linux kernel when inotify is used \nto monitor the /dev/ptmx device. A local user could exploit this flaw to \ndiscover keystroke timing and potentially discover sensitive information \nlike password length. (CVE-2013-0160)\n\nAn information leak was discovered in the Linux kernel's tkill and tgkill \nsystem calls when used from compat processes. A local user could exploit \nthis flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for Intel \nSandy Bridge and Ivy Bridge processors. A local user could exploit this \nflaw to cause a denial of service (system crash). (CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A \nlocal user could exploit this flaw to examine potentially sensitive \ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol \nimplementation. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer Two \nTunneling Protocol) implementation. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near field \ncommunication) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-06-14T00:00:00", "published": "2013-06-14T00:00:00", "id": "USN-1881-1", "href": "https://ubuntu.com/security/notices/USN-1881-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:32:57", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Andy Lutomirski discover an error in the Linux kernel's credential handling \non unix sockets. A local user could exploit this flaw to gain \nadministrative privileges. (CVE-2013-1979)\n\nAn information leak was discovered in the Linux kernel when inotify is used \nto monitor the /dev/ptmx device. A local user could exploit this flaw to \ndiscover keystroke timing and potentially discover sensitive information \nlike password length. (CVE-2013-0160)\n\nAn information leak was discovered in the Linux kernel's tkill and tgkill \nsystem calls when used from compat processes. A local user could exploit \nthis flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for Intel \nSandy Bridge and Ivy Bridge processors. A local user could exploit this \nflaw to cause a denial of service (system crash). (CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A \nlocal user could exploit this flaw to examine potentially sensitive \ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol \nimplementation. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer Two \nTunneling Protocol) implementation. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near field \ncommunication) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-06-14T00:00:00", "published": "2013-06-14T00:00:00", "id": "USN-1880-1", "href": "https://ubuntu.com/security/notices/USN-1880-1", "title": "Linux kernel (Quantal HWE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:41:31", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "An information leak was discovered in the Linux kernel when inotify is used \nto monitor the /dev/ptmx device. A local user could exploit this flaw to \ndiscover keystroke timing and potentially discover sensitive information \nlike password length. (CVE-2013-0160)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for Intel \nSandy Bridge and Ivy Bridge processors. A local user could exploit this \nflaw to cause a denial of service (system crash). (CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A \nlocal user could exploit this flaw to examine potentially sensitive \ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol \nimplementation. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-06-14T00:00:00", "published": "2013-06-14T00:00:00", "id": "USN-1878-1", "href": "https://ubuntu.com/security/notices/USN-1878-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2020-07-09T00:31:58", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-2850", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote \nunauthenticated attacker could exploit this flaw to cause a denial of \nservice (system crash) or potentially gain administrative privileges. \n(CVE-2013-2850)\n\nAndy Lutomirski discover an error in the Linux kernel's credential handling \non unix sockets. A local user could exploit this flaw to gain \nadministrative privileges. (CVE-2013-1979)\n\nAn information leak was discovered in the Linux kernel when inotify is used \nto monitor the /dev/ptmx device. A local user could exploit this flaw to \ndiscover keystroke timing and potentially discover sensitive information \nlike password length. (CVE-2013-0160)\n\nAn information leak was discovered in the Linux kernel's tkill and tgkill \nsystem calls when used from compat processes. A local user could exploit \nthis flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for Intel \nSandy Bridge and Ivy Bridge processors. A local user could exploit this \nflaw to cause a denial of service (system crash). (CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A \nlocal user could exploit this flaw to examine potentially sensitive \ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol \nimplementation. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer Two \nTunneling Protocol) implementation. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near field \ncommunication) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-06-14T00:00:00", "published": "2013-06-14T00:00:00", "id": "USN-1882-1", "href": "https://ubuntu.com/security/notices/USN-1882-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-02T11:39:38", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-2850", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote \nunauthenticated attacker could exploit this flaw to cause a denial of \nservice (system crash) or potentially gain administrative privileges. \n(CVE-2013-2850)\n\nAn information leak was discovered in the Linux kernel when inotify is used \nto monitor the /dev/ptmx device. A local user could exploit this flaw to \ndiscover keystroke timing and potentially discover sensitive information \nlike password length. (CVE-2013-0160)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for Intel \nSandy Bridge and Ivy Bridge processors. A local user could exploit this \nflaw to cause a denial of service (system crash). (CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A \nlocal user could exploit this flaw to examine potentially sensitive \ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol \nimplementation. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-06-14T00:00:00", "published": "2013-06-14T00:00:00", "id": "USN-1879-1", "href": "https://ubuntu.com/security/notices/USN-1879-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:28:02", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-2850", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote \nunauthenticated attacker could exploit this flaw to cause a denial of \nservice (system crash) or potentially gain administrative privileges. \n(CVE-2013-2850)\n\nAndy Lutomirski discover an error in the Linux kernel's credential handling \non unix sockets. A local user could exploit this flaw to gain \nadministrative privileges. (CVE-2013-1979)\n\nAn information leak was discovered in the Linux kernel when inotify is used \nto monitor the /dev/ptmx device. A local user could exploit this flaw to \ndiscover keystroke timing and potentially discover sensitive information \nlike password length. (CVE-2013-0160)\n\nAn information leak was discovered in the Linux kernel's tkill and tgkill \nsystem calls when used from compat processes. A local user could exploit \nthis flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\nAn information leak was discovered in the Linux kernel's crypto API. A \nlocal user could exploit this flaw to examine potentially sensitive \ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol \nimplementation. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer Two \nTunneling Protocol) implementation. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near field \ncommunication) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-06-14T00:00:00", "published": "2013-06-14T00:00:00", "id": "USN-1883-1", "href": "https://ubuntu.com/security/notices/USN-1883-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-18T01:41:48", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-2850", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3226", "CVE-2013-2094", "CVE-2013-3235", "CVE-2013-3223"], "description": "Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote \nunauthenticated attacker could exploit this flaw to cause a denial of \nservice (system crash) or potentially gain administrative privileges. \n(CVE-2013-2850)\n\nAn flaw was discovered in the Linux kernel's perf_events interface. A local \nuser could exploit this flaw to escalate privileges on the system. \n(CVE-2013-2094)\n\nAn information leak was discovered in the Linux kernel's tkill and tgkill \nsystem calls when used from compat processes. A local user could exploit \nthis flaw to examine potentially sensitive kernel memory. (CVE-2013-2141)\n\nA flaw was discovered in the Linux kernel's perf events subsystem for Intel \nSandy Bridge and Ivy Bridge processors. A local user could exploit this \nflaw to cause a denial of service (system crash). (CVE-2013-2146)\n\nAn information leak was discovered in the Linux kernel's crypto API. A \nlocal user could exploit this flaw to examine potentially sensitive \ninformation from the kernel's stack memory. (CVE-2013-3076)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's bluetooth SCO \nsockets implementation. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3226)\n\nAn information leak was discovered in the Linux kernel's CAIF protocol \nimplementation. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3227)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's l2tp (Layer Two \nTunneling Protocol) implementation. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3230)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's nfc (near field \ncommunication) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3233)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 6, "modified": "2013-05-31T00:00:00", "published": "2013-05-31T00:00:00", "id": "USN-1849-1", "href": "https://ubuntu.com/security/notices/USN-1849-1", "title": "Linux kernel (Raring HWE) vulnerability", "type": "ubuntu", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:25:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-1798", "CVE-2013-3235", "CVE-2013-3223"], "description": "Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) \nemulated the IOAPIC. A privileged guest user could exploit this flaw to \nread host memory or cause a denial of service (crash the host). \n(CVE-2013-1798)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-06-14T00:00:00", "published": "2013-06-14T00:00:00", "id": "USN-1876-1", "href": "https://ubuntu.com/security/notices/USN-1876-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.2, "vector": "AV:A/AC:H/Au:N/C:C/I:N/A:C"}}, {"lastseen": "2020-07-09T00:30:19", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-1798", "CVE-2013-3235", "CVE-2013-3223"], "description": "Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) \nemulated the IOAPIC. A privileged guest user could exploit this flaw to \nread host memory or cause a denial of service (crash the host). \n(CVE-2013-1798)\n\nAn information leak was discovered in the Linux kernel's rcvmsg path for \nATM (Asynchronous Transfer Mode). A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3222)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nax25 address family. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3223)\n\nAn information leak was discovered in the Linux kernel's recvmsg path for \nthe bluetooth address family. A local user could exploit this flaw to \nexamine potentially sensitive information from the kernel's stack memory. \n(CVE-2013-3224)\n\nAn information leak was discovered in the Linux kernel's bluetooth rfcomm \nprotocol support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3225)\n\nAn information leak was discovered in the Linux kernel's IRDA (infrared) \nsupport subsystem. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3228)\n\nAn information leak was discovered in the Linux kernel's s390 - z/VM \nsupport. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3229)\n\nAn information leak was discovered in the Linux kernel's llc (Logical Link \nLayer 2) support. A local user could exploit this flaw to examine \npotentially sensitive information from the kernel's stack memory. \n(CVE-2013-3231)\n\nAn information leak was discovered in the Linux kernel's receive message \nhandling for the netrom address family. A local user could exploit this \nflaw to obtain sensitive information from the kernel's stack memory. \n(CVE-2013-3232)\n\nAn information leak was discovered in the Linux kernel's Rose X.25 protocol \nlayer. A local user could exploit this flaw to examine potentially \nsensitive information from the kernel's stack memory. (CVE-2013-3234)\n\nAn information leak was discovered in the Linux kernel's TIPC (Transparent \nInter Process Communication) protocol implementation. A local user could \nexploit this flaw to examine potentially sensitive information from the \nkernel's stack memory. (CVE-2013-3235)", "edition": 5, "modified": "2013-06-14T00:00:00", "published": "2013-06-14T00:00:00", "id": "USN-1877-1", "href": "https://ubuntu.com/security/notices/USN-1877-1", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.2, "vector": "AV:A/AC:H/Au:N/C:C/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:48", "bulletinFamily": "software", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-1878-1\r\nJune 14, 2013\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nAn information leak was discovered in the Linux kernel when inotify is used\r\nto monitor the /dev/ptmx device. A local user could exploit this flaw to\r\ndiscover keystroke timing and potentially discover sensitive information\r\nlike password length. &#40;CVE-2013-0160&#41;\r\n\r\nA flaw was discovered in the Linux kernel&#39;s perf events subsystem for Intel\r\nSandy Bridge and Ivy Bridge processors. A local user could exploit this\r\nflaw to cause a denial of service &#40;system crash&#41;. &#40;CVE-2013-2146&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s crypto API. A\r\nlocal user could exploit this flaw to examine potentially sensitive\r\ninformation from the kernel&#39;s stack memory. &#40;CVE-2013-3076&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s rcvmsg path for\r\nATM &#40;Asynchronous Transfer Mode&#41;. A local user could exploit this flaw to\r\nexamine potentially sensitive information from the kernel&#39;s stack memory.\r\n&#40;CVE-2013-3222&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s recvmsg path for\r\nax25 address family. A local user could exploit this flaw to examine\r\npotentially sensitive information from the kernel&#39;s stack memory.\r\n&#40;CVE-2013-3223&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s recvmsg path for\r\nthe bluetooth address family. A local user could exploit this flaw to\r\nexamine potentially sensitive information from the kernel&#39;s stack memory.\r\n&#40;CVE-2013-3224&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s bluetooth rfcomm\r\nprotocol support. A local user could exploit this flaw to examine\r\npotentially sensitive information from the kernel&#39;s stack memory.\r\n&#40;CVE-2013-3225&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s CAIF protocol\r\nimplementation. A local user could exploit this flaw to examine potentially\r\nsensitive information from the kernel&#39;s stack memory. &#40;CVE-2013-3227&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s IRDA &#40;infrared&#41;\r\nsupport subsystem. A local user could exploit this flaw to examine\r\npotentially sensitive information from the kernel&#39;s stack memory.\r\n&#40;CVE-2013-3228&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s s390 - z/VM\r\nsupport. A local user could exploit this flaw to examine potentially\r\nsensitive information from the kernel&#39;s stack memory. &#40;CVE-2013-3229&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s llc &#40;Logical Link\r\nLayer 2&#41; support. A local user could exploit this flaw to examine\r\npotentially sensitive information from the kernel&#39;s stack memory.\r\n&#40;CVE-2013-3231&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s receive message\r\nhandling for the netrom address family. A local user could exploit this\r\nflaw to obtain sensitive information from the kernel&#39;s stack memory.\r\n&#40;CVE-2013-3232&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s Rose X.25 protocol\r\nlayer. A local user could exploit this flaw to examine potentially\r\nsensitive information from the kernel&#39;s stack memory. &#40;CVE-2013-3234&#41;\r\n\r\nAn information leak was discovered in the Linux kernel&#39;s TIPC &#40;Transparent\r\nInter Process Communication&#41; protocol implementation. A local user could\r\nexploit this flaw to examine potentially sensitive information from the\r\nkernel&#39;s stack memory. &#40;CVE-2013-3235&#41;\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 12.04 LTS:\r\n linux-image-3.2.0-48-generic 3.2.0-48.74\r\n linux-image-3.2.0-48-generic-pae 3.2.0-48.74\r\n linux-image-3.2.0-48-highbank 3.2.0-48.74\r\n linux-image-3.2.0-48-omap 3.2.0-48.74\r\n linux-image-3.2.0-48-powerpc-smp 3.2.0-48.74\r\n linux-image-3.2.0-48-powerpc64-smp 3.2.0-48.74\r\n linux-image-3.2.0-48-virtual 3.2.0-48.74\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nATTENTION: Due to an unavoidable ABI change the kernel updates have\r\nbeen given a new version number, which requires you to recompile and\r\nreinstall all third party kernel modules you might have installed. If\r\nyou use linux-restricted-modules, you have to update that package as\r\nwell to get modules which work with the new kernel version. Unless you\r\nmanually uninstalled the standard kernel metapackages &#40;e.g. linux-generic,\r\nlinux-server, linux-powerpc&#41;, a standard system upgrade will automatically\r\nperform this as well.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1878-1\r\n CVE-2013-0160, CVE-2013-2146, CVE-2013-3076, CVE-2013-3222,\r\n CVE-2013-3223, CVE-2013-3224, CVE-2013-3225, CVE-2013-3227,\r\n CVE-2013-3228, CVE-2013-3229, CVE-2013-3231, CVE-2013-3232,\r\n CVE-2013-3234, CVE-2013-3235\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/3.2.0-48.74\r\n\r\n\r\nAttached Message Part\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n", "edition": 1, "modified": "2013-06-17T00:00:00", "published": "2013-06-17T00:00:00", "id": "SECURITYVULNS:DOC:29460", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:29460", "title": "[USN-1878-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:51", "bulletinFamily": "software", "cvelist": ["CVE-2013-3228", "CVE-2013-2234", "CVE-2013-3230", "CVE-2013-2141", "CVE-2013-3232", "CVE-2013-4127", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-2852", "CVE-2013-2147", "CVE-2013-3234", "CVE-2013-3233", "CVE-2013-3227", "CVE-2013-1059", "CVE-2013-2148", "CVE-2013-1774", "CVE-2013-2232", "CVE-2013-3225", "CVE-2013-2851", "CVE-2013-2850", "CVE-2013-0231", "CVE-2013-3222", "CVE-2013-2146", "CVE-2013-3076", "CVE-2013-4125", "CVE-2012-5517", "CVE-2013-2237", "CVE-2013-2094", "CVE-2013-3235", "CVE-2013-3223", "CVE-2013-2164"], "description": "iSCSI memory corruption, multiple information leaks, DoS, Broadcom B43 driver privilege escalation.", "edition": 1, "modified": "2013-07-15T00:00:00", "published": "2013-07-15T00:00:00", "id": "SECURITYVULNS:VULN:13100", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13100", "title": "Linux kernel security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.9, "vector": "AV:ADJACENT_NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2016-09-04T12:05:42", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "edition": 1, "description": "The SUSE Linux Enterprise 11 Service Pack 2 kernel was\n updated to Linux kernel 3.0.80, fixing various bugs and\n security issues.\n\n Following security issues were fixed: CVE-2013-0160: Timing\n side channel on attacks were possible on /dev/ptmx that\n could allow local attackers to predict keypresses like e.g.\n passwords. This has been fixed again by updating\n accessed/modified time on the pty devices in resolution of\n 8 seconds, so that idle time detection can still work.\n\n CVE-2013-3222: The vcc_recvmsg function in net/atm/common.c\n in the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted recvmsg\n or recvfrom system call.\n\n CVE-2013-3223: The ax25_recvmsg function in\n net/ax25/af_ax25.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3224: The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call.\n\n CVE-2013-3225: The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3227: The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3228: The irda_recvmsg_dgram function in\n net/irda/af_irda.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3229: The iucv_sock_recvmsg function in\n net/iucv/af_iucv.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3231: The llc_ui_recvmsg function in\n net/llc/af_llc.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3232: The nr_recvmsg function in\n net/netrom/af_netrom.c in the Linux kernel did not\n initialize a certain data structure, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3234: The rose_recvmsg function in\n net/rose/af_rose.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3235: net/tipc/socket.c in the Linux kernel did\n not initialize a certain data structure and a certain\n length variable, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3076: The crypto API in the Linux kernel did not\n initialize certain length variables, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call,\n related to the hash_recvmsg function in crypto/algif_hash.c\n and the skcipher_recvmsg function in\n crypto/algif_skcipher.c.\n\n CVE-2013-1979: The scm_set_cred function in\n include/net/scm.h in the Linux kernel used incorrect uid\n and gid values during credentials passing, which allowed\n local users to gain privileges via a crafted application.\n\n A kernel information leak via tkill/tgkill was fixed.\n\n\n Following bugs were fixed:\n - reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry (bnc#822722).\n\n - libfc: do not exch_done() on invalid sequence ptr\n (bnc#810722).\n\n - netfilter: ip6t_LOG: fix logging of packet mark\n (bnc#821930).\n\n - hyperv: use 3.4 as LIC version string (bnc#822431).\n\n - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID\n (bnc#819655).\n\n - xen/netback: do not disconnect frontend when seeing\n oversize packet.\n - xen/netfront: reduce gso_max_size to account for max TCP\n header.\n - xen/netfront: fix kABI after &quot;reduce gso_max_size to\n account for max TCP header&quot;.\n\n - xfs: Fix kABI due to change in xfs_buf (bnc#815356).\n\n - xfs: fix race while discarding buffers [V4] (bnc#815356\n (comment 36)).\n\n - xfs: Serialize file-extending direct IO (bnc#818371).\n\n - xhci: Do not switch webcams in some HP ProBooks to XHCI\n (bnc#805804).\n - bluetooth: Do not switch BT on HP ProBook 4340\n (bnc#812281).\n\n - s390/ftrace: fix mcount adjustment (bnc#809895).\n\n - mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections (bnc#804609,\n bnc#820434).\n\n - patches.fixes/xfs-backward-alloc-fix.diff: xfs: Avoid\n pathological backwards allocation (bnc#805945).\n\n - mm: compaction: Restart compaction from near where it\n left off\n - mm: compaction: cache if a pageblock was scanned and no\n pages were isolated\n - mm: compaction: clear PG_migrate_skip based on compaction\n and reclaim activity\n - mm: compaction: Scan PFN caching KABI workaround\n - mm: page_allocator: Remove first_pass guard\n - mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles (bnc#816451)\n\n - qlge: fix dma map leak when the last chunk is not\n allocated (bnc#819519).\n\n - SUNRPC: Get rid of the redundant xprt-&gt;shutdown bit field\n (bnc#800907).\n - SUNRPC: Ensure that we grab the XPRT_LOCK before calling\n xprt_alloc_slot (bnc#800907).\n - SUNRPC: Fix a UDP transport regression (bnc#800907).\n - SUNRPC: Allow caller of rpc_sleep_on() to select priority\n levels (bnc#800907).\n - SUNRPC: Replace xprt-&gt;resend and xprt-&gt;sending with a\n priority queue (bnc#800907).\n - SUNRPC: Fix potential races in xprt_lock_write_next()\n (bnc#800907).\n\n - md: cannot re-add disks after recovery (bnc#808647).\n\n - fs/xattr.c:getxattr(): improve handling of allocation\n failures (bnc#818053).\n - fs/xattr.c:listxattr(): fall back to vmalloc() if\n kmalloc() failed (bnc#818053).\n - fs/xattr.c:setxattr(): improve handling of allocation\n failures (bnc#818053).\n - fs/xattr.c: suppress page allocation failure warnings\n from sys_listxattr() (bnc#818053).\n\n - virtio-blk: Call revalidate_disk() upon online disk\n resize (bnc#817339).\n\n - usb-storage: CY7C68300A chips do not support Cypress\n ATACB (bnc#819295).\n\n - patches.kernel.org/patch-3.0.60-61: Update references\n (add bnc#810580).\n\n - usb: Using correct way to clear usb3.0 devices remote\n wakeup feature (bnc#818516).\n\n - xhci: Fix TD size for isochronous URBs (bnc#818514).\n\n - ALSA: hda - fixup D3 pin and right channel mute on\n Haswell HDMI audio (bnc#818798).\n - ALSA: hda - Apply pin-enablement workaround to all\n Haswell HDMI codecs (bnc#818798).\n\n - xfs: fallback to vmalloc for large buffers in\n xfs_attrmulti_attr_get (bnc#818053).\n - xfs: fallback to vmalloc for large buffers in\n xfs_attrlist_by_handle (bnc#818053).\n - xfs: xfs: fallback to vmalloc for large buffers in\n xfs_compat_attrlist_by_handle (bnc#818053).\n\n - xHCI: store rings type.\n - xhci: Fix hang on back-to-back Set TR Deq Ptr commands.\n - xHCI: check enqueue pointer advance into dequeue seg.\n - xHCI: store rings last segment and segment numbers.\n - xHCI: Allocate 2 segments for transfer ring.\n - xHCI: count free TRBs on transfer ring.\n - xHCI: factor out segments allocation and free function.\n - xHCI: update sg tablesize.\n - xHCI: set cycle state when allocate rings.\n - xhci: Reserve one command for USB3 LPM disable.\n - xHCI: dynamic ring expansion.\n - xhci: Do not warn on empty ring for suspended devices.\n\n - md/raid1: Do not release reference to device while\n handling read error (bnc#809122, bnc#814719).\n\n - rpm/mkspec: Stop generating the get_release_number.sh\n file.\n\n - rpm/kernel-spec-macros: Properly handle KOTD release\n numbers with .g&lt;commit&gt; suffix.\n\n - rpm/kernel-spec-macros: Drop the %release_num macro We no\n longer put the -rcX tag into the release string.\n\n - rpm/kernel-*.spec.in, rpm/mkspec: Do not force the\n &quot;&lt;RELEASE&gt;&quot; string in specfiles.\n\n - mm/mmap: check for RLIMIT_AS before unmapping\n (bnc#818327).\n\n - mm: Fix add_page_wait_queue() to work for PG_Locked bit\n waiters (bnc#792584).\n\n - mm: Fix add_page_wait_queue() to work for PG_Locked bit\n waiters (bnc#792584).\n\n - bonding: only use primary address for ARP (bnc#815444).\n - bonding: remove entries for master_ip and vlan_ip and\n query devices instead (bnc#815444).\n\n\n - mm: speedup in __early_pfn_to_nid (bnc#810624).\n\n - TTY: fix atime/mtime regression (bnc#815745).\n\n - sd_dif: problem with verify of type 1 protection\n information (PI) (bnc#817010).\n\n - sched: harden rq rt usage accounting (bnc#769685,\n bnc#788590).\n\n - rcu: Avoid spurious RCU CPU stall warnings (bnc#816586).\n - rcu: Dump local stack if cannot dump all CPUs stacks\n (bnc#816586).\n - rcu: Fix detection of abruptly-ending stall (bnc#816586).\n - rcu: Suppress NMI backtraces when stall ends before dump\n (bnc#816586).\n\n - Update Xen patches to 3.0.74.\n\n - btrfs: do not re-enter when allocating a chunk.\n - btrfs: save us a read_lock.\n - btrfs: Check CAP_DAC_READ_SEARCH for BTRFS_IOC_INO_PATHS.\n - btrfs: remove unused fs_info from btrfs_decode_error().\n - btrfs: handle null fs_info in btrfs_panic().\n - btrfs: fix varargs in __btrfs_std_error.\n - btrfs: fix the race between bio and btrfs_stop_workers.\n - btrfs: fix NULL pointer after aborting a transaction.\n - btrfs: fix infinite loop when we abort on mount.\n\n - xfs: Do not allocate new buffers on every call to\n _xfs_buf_find (bnc#763968).\n - xfs: fix buffer lookup race on allocation failure\n (bnc#763968).\n\n", "modified": "2013-06-17T15:04:14", "published": "2013-06-17T15:04:14", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00013.html", "id": "SUSE-SU-2013:1022-1", "type": "suse", "title": "kernel update for SLE11 SP2 (important)", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:20:20", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "The SUSE Linux Enterprise 11 Service Pack 2 kernel has been\n updated to Linux kernel 3.0.80 which fixes various bugs\n and security issues.\n\n The following security issues have been fixed:\n\n *\n\n CVE-2013-0160: Timing side channel on attacks were\n possible on /dev/ptmx that could allow local attackers to\n predict keypresses like e.g. passwords. This has been fixed\n again by updating accessed/modified time on the pty devices\n in resolution of 8 seconds, so that idle time detection can\n still work.\n\n *\n\n CVE-2013-3222: The vcc_recvmsg function in\n net/atm/common.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3223: The ax25_recvmsg function in\n net/ax25/af_ax25.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3224: The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call.\n\n *\n\n CVE-2013-3225: The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3227: The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3228: The irda_recvmsg_dgram function in\n net/irda/af_irda.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3229: The iucv_sock_recvmsg function in\n net/iucv/af_iucv.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3231: The llc_ui_recvmsg function in\n net/llc/af_llc.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3232: The nr_recvmsg function in\n net/netrom/af_netrom.c in the Linux kernel did not\n initialize a certain data structure, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3234: The rose_recvmsg function in\n net/rose/af_rose.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3235: net/tipc/socket.c in the Linux kernel\n did not initialize a certain data structure and a certain\n length variable, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3076: The crypto API in the Linux kernel did\n not initialize certain length variables, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call,\n related to the hash_recvmsg function in crypto/algif_hash.c\n and the skcipher_recvmsg function in\n crypto/algif_skcipher.c.\n\n *\n\n CVE-2013-1979: The scm_set_cred function in\n include/net/scm.h in the Linux kernel used incorrect uid\n and gid values during credentials passing, which allowed\n local users to gain privileges via a crafted application.\n\n *\n\n A kernel information leak via tkill/tgkill was fixed.\n\n The following bugs have been fixed:\n\n * reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry (bnc#822722).\n * libfc: do not exch_done() on invalid sequence ptr\n (bnc#810722).\n * netfilter: ip6t_LOG: fix logging of packet mark\n (bnc#821930).\n * hyperv: use 3.4 as LIC version string (bnc#822431).\n * virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID\n (bnc#819655).\n * xen/netback: do not disconnect frontend when seeing\n oversize packet.\n * xen/netfront: reduce gso_max_size to account for max\n TCP header.\n * xen/netfront: fix kABI after &quot;reduce gso_max_size to\n account for max TCP header&quot;.\n * xfs: Fix kABI due to change in xfs_buf (bnc#815356).\n * xfs: fix race while discarding buffers [V4]\n (bnc#815356 (comment 36)).\n * xfs: Serialize file-extending direct IO (bnc#818371).\n * xhci: Do not switch webcams in some HP ProBooks to\n XHCI (bnc#805804).\n * bluetooth: Do not switch BT on HP ProBook 4340\n (bnc#812281).\n * s390/ftrace: fix mcount adjustment (bnc#809895).\n * mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections (bnc#804609,\n bnc#820434).\n * patches.fixes/xfs-backward-alloc-fix.diff: xfs: Avoid\n pathological backwards allocation (bnc#805945).\n * mm: compaction: Restart compaction from near where it\n left off\n * mm: compaction: cache if a pageblock was scanned and\n no pages were isolated\n * mm: compaction: clear PG_migrate_skip based on\n compaction and reclaim activity\n * mm: compaction: Scan PFN caching KABI workaround\n * mm: page_allocator: Remove first_pass guard\n * mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles (bnc#816451)\n * qlge: fix dma map leak when the last chunk is not\n allocated (bnc#819519).\n * SUNRPC: Get rid of the redundant xprt-&gt;shutdown bit\n field (bnc#800907).\n * SUNRPC: Ensure that we grab the XPRT_LOCK before\n calling xprt_alloc_slot (bnc#800907).\n * SUNRPC: Fix a UDP transport regression (bnc#800907).\n * SUNRPC: Allow caller of rpc_sleep_on() to select\n priority levels (bnc#800907).\n * SUNRPC: Replace xprt-&gt;resend and xprt-&gt;sending with a\n priority queue (bnc#800907).\n * SUNRPC: Fix potential races in xprt_lock_write_next()\n (bnc#800907).\n * md: cannot re-add disks after recovery (bnc#808647).\n * fs/xattr.c:getxattr(): improve handling of allocation\n failures (bnc#818053).\n * fs/xattr.c:listxattr(): fall back to vmalloc() if\n kmalloc() failed (bnc#818053).\n * fs/xattr.c:setxattr(): improve handling of allocation\n failures (bnc#818053).\n * fs/xattr.c: suppress page allocation failure warnings\n from sys_listxattr() (bnc#818053).\n * virtio-blk: Call revalidate_disk() upon online disk\n resize (bnc#817339).\n * usb-storage: CY7C68300A chips do not support Cypress\n ATACB (bnc#819295).\n * patches.kernel.org/patch-3.0.60-61: Update references\n (add bnc#810580).\n * usb: Using correct way to clear usb3.0 devices remote\n wakeup feature (bnc#818516).\n * xhci: Fix TD size for isochronous URBs (bnc#818514).\n * ALSA: hda - fixup D3 pin and right channel mute on\n Haswell HDMI audio (bnc#818798).\n * ALSA: hda - Apply pin-enablement workaround to all\n Haswell HDMI codecs (bnc#818798).\n * xfs: fallback to vmalloc for large buffers in\n xfs_attrmulti_attr_get (bnc#818053).\n * xfs: fallback to vmalloc for large buffers in\n xfs_attrlist_by_handle (bnc#818053).\n * xfs: xfs: fallback to vmalloc for large buffers in\n xfs_compat_attrlist_by_handle (bnc#818053).\n * xHCI: store rings type.\n * xhci: Fix hang on back-to-back Set TR Deq Ptr\n commands.\n * xHCI: check enqueue pointer advance into dequeue seg.\n * xHCI: store rings last segment and segment numbers.\n * xHCI: Allocate 2 segments for transfer ring.\n * xHCI: count free TRBs on transfer ring.\n * xHCI: factor out segments allocation and free\n function.\n * xHCI: update sg tablesize.\n * xHCI: set cycle state when allocate rings.\n * xhci: Reserve one command for USB3 LPM disable.\n * xHCI: dynamic ring expansion.\n * xhci: Do not warn on empty ring for suspended devices.\n * md/raid1: Do not release reference to device while\n handling read error (bnc#809122, bnc#814719).\n * rpm/mkspec: Stop generating the get_release_number.sh\n file.\n * rpm/kernel-spec-macros: Properly handle KOTD release\n numbers with .g suffix.\n * rpm/kernel-spec-macros: Drop the %release_num macro\n We no longer put the -rcX tag into the release string.\n * rpm/kernel-*.spec.in, rpm/mkspec: Do not force the\n &quot;&lt;RELEASE&gt;&quot; string in specfiles.\n * mm/mmap: check for RLIMIT_AS before unmapping\n (bnc#818327).\n * mm: Fix add_page_wait_queue() to work for PG_Locked\n bit waiters (bnc#792584).\n * mm: Fix add_page_wait_queue() to work for PG_Locked\n bit waiters (bnc#792584).\n * bonding: only use primary address for ARP\n (bnc#815444).\n * bonding: remove entries for master_ip and vlan_ip and\n query devices instead (bnc#815444).\n * mm: speedup in __early_pfn_to_nid (bnc#810624).\n * TTY: fix atime/mtime regression (bnc#815745).\n * sd_dif: problem with verify of type 1 protection\n information (PI) (bnc#817010).\n * sched: harden rq rt usage accounting (bnc#769685,\n bnc#788590).\n * rcu: Avoid spurious RCU CPU stall warnings\n (bnc#816586).\n * rcu: Dump local stack if cannot dump all CPUs stacks\n (bnc#816586).\n * rcu: Fix detection of abruptly-ending stall\n (bnc#816586).\n * rcu: Suppress NMI backtraces when stall ends before\n dump (bnc#816586).\n * Update Xen patches to 3.0.74.\n * btrfs: do not re-enter when allocating a chunk.\n * btrfs: save us a read_lock.\n * btrfs: Check CAP_DAC_READ_SEARCH for\n BTRFS_IOC_INO_PATHS.\n * btrfs: remove unused fs_info from\n btrfs_decode_error().\n * btrfs: handle null fs_info in btrfs_panic().\n * btrfs: fix varargs in __btrfs_std_error.\n * btrfs: fix the race between bio and\n btrfs_stop_workers.\n * btrfs: fix NULL pointer after aborting a transaction.\n * btrfs: fix infinite loop when we abort on mount.\n * xfs: Do not allocate new buffers on every call to\n _xfs_buf_find (bnc#763968).\n * xfs: fix buffer lookup race on allocation failure\n (bnc#763968).\n", "edition": 1, "modified": "2013-06-17T23:04:15", "published": "2013-06-17T23:04:15", "id": "SUSE-SU-2013:1022-2", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00014.html", "type": "suse", "title": "Security update for Linux kernel (important)", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:42:02", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "edition": 1, "description": "The SUSE Linux Enterprise 11 Service Pack 2 kernel has been\n updated to Linux kernel 3.0.80 which fixes various bugs\n and security issues.\n\n The following security issues have been fixed:\n\n *\n\n CVE-2013-0160: Timing side channel on attacks were\n possible on /dev/ptmx that could allow local attackers to\n predict keypresses like e.g. passwords. This has been fixed\n again by updating accessed/modified time on the pty devices\n in resolution of 8 seconds, so that idle time detection can\n still work.\n\n *\n\n CVE-2013-3222: The vcc_recvmsg function in\n net/atm/common.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3223: The ax25_recvmsg function in\n net/ax25/af_ax25.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3224: The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call.\n\n *\n\n CVE-2013-3225: The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3227: The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3228: The irda_recvmsg_dgram function in\n net/irda/af_irda.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3229: The iucv_sock_recvmsg function in\n net/iucv/af_iucv.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3231: The llc_ui_recvmsg function in\n net/llc/af_llc.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3232: The nr_recvmsg function in\n net/netrom/af_netrom.c in the Linux kernel did not\n initialize a certain data structure, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3234: The rose_recvmsg function in\n net/rose/af_rose.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3235: net/tipc/socket.c in the Linux kernel\n did not initialize a certain data structure and a certain\n length variable, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3076: The crypto API in the Linux kernel did\n not initialize certain length variables, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call,\n related to the hash_recvmsg function in crypto/algif_hash.c\n and the skcipher_recvmsg function in\n crypto/algif_skcipher.c.\n\n *\n\n CVE-2013-1979: The scm_set_cred function in\n include/net/scm.h in the Linux kernel used incorrect uid\n and gid values during credentials passing, which allowed\n local users to gain privileges via a crafted application.\n\n *\n\n A kernel information leak via tkill/tgkill was fixed.\n\n The following bugs have been fixed:\n\n * reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry (bnc#822722).\n * libfc: do not exch_done() on invalid sequence ptr\n (bnc#810722).\n * netfilter: ip6t_LOG: fix logging of packet mark\n (bnc#821930).\n * hyperv: use 3.4 as LIC version string (bnc#822431).\n * virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID\n (bnc#819655).\n * xen/netback: do not disconnect frontend when seeing\n oversize packet.\n * xen/netfront: reduce gso_max_size to account for max\n TCP header.\n * xen/netfront: fix kABI after &quot;reduce gso_max_size to\n account for max TCP header&quot;.\n * xfs: Fix kABI due to change in xfs_buf (bnc#815356).\n * xfs: fix race while discarding buffers [V4]\n (bnc#815356 (comment 36)).\n * xfs: Serialize file-extending direct IO (bnc#818371).\n * xhci: Do not switch webcams in some HP ProBooks to\n XHCI (bnc#805804).\n * bluetooth: Do not switch BT on HP ProBook 4340\n (bnc#812281).\n * s390/ftrace: fix mcount adjustment (bnc#809895).\n * mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections (bnc#804609,\n bnc#820434).\n * patches.fixes/xfs-backward-alloc-fix.diff: xfs: Avoid\n pathological backwards allocation (bnc#805945).\n * mm: compaction: Restart compaction from near where it\n left off\n * mm: compaction: cache if a pageblock was scanned and\n no pages were isolated\n * mm: compaction: clear PG_migrate_skip based on\n compaction and reclaim activity\n * mm: compaction: Scan PFN caching KABI workaround\n * mm: page_allocator: Remove first_pass guard\n * mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles (bnc#816451)\n * qlge: fix dma map leak when the last chunk is not\n allocated (bnc#819519).\n * SUNRPC: Get rid of the redundant xprt-&gt;shutdown bit\n field (bnc#800907).\n * SUNRPC: Ensure that we grab the XPRT_LOCK before\n calling xprt_alloc_slot (bnc#800907).\n * SUNRPC: Fix a UDP transport regression (bnc#800907).\n * SUNRPC: Allow caller of rpc_sleep_on() to select\n priority levels (bnc#800907).\n * SUNRPC: Replace xprt-&gt;resend and xprt-&gt;sending with a\n priority queue (bnc#800907).\n * SUNRPC: Fix potential races in xprt_lock_write_next()\n (bnc#800907).\n * md: cannot re-add disks after recovery (bnc#808647).\n * fs/xattr.c:getxattr(): improve handling of allocation\n failures (bnc#818053).\n * fs/xattr.c:listxattr(): fall back to vmalloc() if\n kmalloc() failed (bnc#818053).\n * fs/xattr.c:setxattr(): improve handling of allocation\n failures (bnc#818053).\n * fs/xattr.c: suppress page allocation failure warnings\n from sys_listxattr() (bnc#818053).\n * virtio-blk: Call revalidate_disk() upon online disk\n resize (bnc#817339).\n * usb-storage: CY7C68300A chips do not support Cypress\n ATACB (bnc#819295).\n * patches.kernel.org/patch-3.0.60-61: Update references\n (add bnc#810580).\n * usb: Using correct way to clear usb3.0 devices remote\n wakeup feature (bnc#818516).\n * xhci: Fix TD size for isochronous URBs (bnc#818514).\n * ALSA: hda - fixup D3 pin and right channel mute on\n Haswell HDMI audio (bnc#818798).\n * ALSA: hda - Apply pin-enablement workaround to all\n Haswell HDMI codecs (bnc#818798).\n * xfs: fallback to vmalloc for large buffers in\n xfs_attrmulti_attr_get (bnc#818053).\n * xfs: fallback to vmalloc for large buffers in\n xfs_attrlist_by_handle (bnc#818053).\n * xfs: xfs: fallback to vmalloc for large buffers in\n xfs_compat_attrlist_by_handle (bnc#818053).\n * xHCI: store rings type.\n * xhci: Fix hang on back-to-back Set TR Deq Ptr\n commands.\n * xHCI: check enqueue pointer advance into dequeue seg.\n * xHCI: store rings last segment and segment numbers.\n * xHCI: Allocate 2 segments for transfer ring.\n * xHCI: count free TRBs on transfer ring.\n * xHCI: factor out segments allocation and free\n function.\n * xHCI: update sg tablesize.\n * xHCI: set cycle state when allocate rings.\n * xhci: Reserve one command for USB3 LPM disable.\n * xHCI: dynamic ring expansion.\n * xhci: Do not warn on empty ring for suspended devices.\n * md/raid1: Do not release reference to device while\n handling read error (bnc#809122, bnc#814719).\n * rpm/mkspec: Stop generating the get_release_number.sh\n file.\n * rpm/kernel-spec-macros: Properly handle KOTD release\n numbers with .g suffix.\n * rpm/kernel-spec-macros: Drop the %release_num macro\n We no longer put the -rcX tag into the release string.\n * rpm/kernel-*.spec.in, rpm/mkspec: Do not force the\n &quot;&lt;RELEASE&gt;&quot; string in specfiles.\n * mm/mmap: check for RLIMIT_AS before unmapping\n (bnc#818327).\n * mm: Fix add_page_wait_queue() to work for PG_Locked\n bit waiters (bnc#792584).\n * mm: Fix add_page_wait_queue() to work for PG_Locked\n bit waiters (bnc#792584).\n * bonding: only use primary address for ARP\n (bnc#815444).\n * bonding: remove entries for master_ip and vlan_ip and\n query devices instead (bnc#815444).\n * mm: speedup in __early_pfn_to_nid (bnc#810624).\n * TTY: fix atime/mtime regression (bnc#815745).\n * sd_dif: problem with verify of type 1 protection\n information (PI) (bnc#817010).\n * sched: harden rq rt usage accounting (bnc#769685,\n bnc#788590).\n * rcu: Avoid spurious RCU CPU stall warnings\n (bnc#816586).\n * rcu: Dump local stack if cannot dump all CPUs stacks\n (bnc#816586).\n * rcu: Fix detection of abruptly-ending stall\n (bnc#816586).\n * rcu: Suppress NMI backtraces when stall ends before\n dump (bnc#816586).\n * Update Xen patches to 3.0.74.\n * btrfs: do not re-enter when allocating a chunk.\n * btrfs: save us a read_lock.\n * btrfs: Check CAP_DAC_READ_SEARCH for\n BTRFS_IOC_INO_PATHS.\n * btrfs: remove unused fs_info from\n btrfs_decode_error().\n * btrfs: handle null fs_info in btrfs_panic().\n * btrfs: fix varargs in __btrfs_std_error.\n * btrfs: fix the race between bio and\n btrfs_stop_workers.\n * btrfs: fix NULL pointer after aborting a transaction.\n * btrfs: fix infinite loop when we abort on mount.\n * xfs: Do not allocate new buffers on every call to\n _xfs_buf_find (bnc#763968).\n * xfs: fix buffer lookup race on allocation failure\n (bnc#763968).\n", "modified": "2013-06-18T15:04:11", "published": "2013-06-18T15:04:11", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00015.html", "id": "SUSE-SU-2013:1022-3", "type": "suse", "title": "Security update for Linux kernel (important)", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:46:24", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-1774", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel has been\n updated to 3.0.82 and to fix various bugs and security\n issues.\n\n The following security issues have been fixed:\n\n *\n\n CVE-2013-1774: The chase_port function in\n drivers/usb/serial/io_ti.c in the Linux kernel allowed\n local users to cause a denial of service (NULL pointer\n dereference and system crash) via an attempted /dev/ttyUSB\n read or write operation on a disconnected Edgeport USB\n serial converter.\n\n *\n\n CVE-2013-0160: Timing side channel on attacks were\n possible on /dev/ptmx that could allow local attackers to\n predict keypresses like e.g. passwords. This has been fixed\n again by updating accessed/modified time on the pty devices\n in resolution of 8 seconds, so that idle time detection can\n still work.\n\n *\n\n CVE-2013-3222: The vcc_recvmsg function in\n net/atm/common.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3223: The ax25_recvmsg function in\n net/ax25/af_ax25.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3224: The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call.\n\n *\n\n CVE-2013-3225: The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3227: The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3228: The irda_recvmsg_dgram function in\n net/irda/af_irda.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3229: The iucv_sock_recvmsg function in\n net/iucv/af_iucv.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3231: The llc_ui_recvmsg function in\n net/llc/af_llc.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3232: The nr_recvmsg function in\n net/netrom/af_netrom.c in the Linux kernel did not\n initialize a certain data structure, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3234: The rose_recvmsg function in\n net/rose/af_rose.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3235: net/tipc/socket.c in the Linux kernel\n did not initialize a certain data structure and a certain\n length variable, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n *\n\n CVE-2013-3076: The crypto API in the Linux kernel did\n not initialize certain length variables, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call,\n related to the hash_recvmsg function in crypto/algif_hash.c\n and the skcipher_recvmsg function in\n crypto/algif_skcipher.c.\n\n *\n\n CVE-2013-1979: The scm_set_cred function in\n include/net/scm.h in the Linux kernel used incorrect uid\n and gid values during credentials passing, which allowed\n local users to gain privileges via a crafted application.\n\n *\n\n A kernel information leak via tkill/tgkill was fixed.\n\n The following non-security bugs have been fixed:\n\n S/390:\n\n * af_iucv: Missing man page (bnc#825037, LTC#94825).\n * iucv: fix kernel panic at reboot (bnc#825037,\n LTC#93803).\n * kernel: lost IPIs on CPU hotplug (bnc#825037,\n LTC#94784).\n * dasd: Add missing descriptions for dasd timeout\n messages (bnc#825037, LTC#94762).\n * dasd: Fix hanging device after resume with internal\n error 13 (bnc#825037, LTC#94554).\n * cio: Suppress 2nd path verification during resume\n (bnc#825037, LTC#94554).\n * vmcp: Missing man page (bnc#825037, LTC#94453).\n * kernel: 3215 console crash (bnc#825037, LTC#94302).\n * netiucv: Hold rtnl between name allocation and device\n registration (bnc#824159).\n * s390/ftrace: fix mcount adjustment (bnc#809895).\n\n HyperV:\n\n * Drivers: hv: Fix a bug in get_vp_index().\n * hyperv: Fix a compiler warning in netvsc_send().\n * Tools: hv: Fix a checkpatch warning.\n * tools: hv: skip iso9660 mounts in hv_vss_daemon.\n * tools: hv: use FIFREEZE/FITHAW in hv_vss_daemon.\n * tools: hv: use getmntent in hv_vss_daemon.\n * Tools: hv: Fix a checkpatch warning.\n * tools: hv: fix checks for origin of netlink message\n in hv_vss_daemon.\n * Tools: hv: fix warnings in hv_vss_daemon.\n * x86, hyperv: Handle Xen emulation of Hyper-V more\n gracefully.\n * hyperv: Fix a kernel warning from\n netvsc_linkstatus_callback().\n * Drivers: hv: balloon: make local functions static.\n * tools: hv: daemon should check type of received\n Netlink msg.\n * tools: hv: daemon setsockopt should use options\n macros.\n * tools: hv: daemon should subscribe only to CN_KVP_IDX\n group.\n * driver: hv: remove cast for kmalloc return value.\n * hyperv: use 3.4 as LIC version string (bnc#822431).\n\n BTRFS:\n\n * btrfs: flush delayed inodes if we are short on space\n (bnc#801427).\n * btrfs: rework shrink_delalloc (bnc#801427).\n * btrfs: fix our overcommit math (bnc#801427).\n * btrfs: delay block group item insertion (bnc#801427).\n * btrfs: remove bytes argument from do_chunk_alloc\n (bnc#801427).\n * btrfs: run delayed refs first when out of space\n (bnc#801427).\n * btrfs: do not commit instead of overcommitting\n (bnc#801427).\n * btrfs: do not take inode delalloc mutex if we are a\n free space inode (bnc#801427).\n * btrfs: fix chunk allocation error handling\n (bnc#801427).\n * btrfs: remove extent mapping if we fail to add chunk\n (bnc#801427).\n * btrfs: do not overcommit if we do not have enough\n space for global rsv (bnc#801427).\n * btrfs: rework the overcommit logic to be based on the\n total size (bnc#801427).\n * btrfs: steal from global reserve if we are cleaning\n up orphans (bnc#801427).\n * btrfs: clear chunk_alloc flag on retryable failure\n (bnc#801427).\n * btrfs: use reserved space for creating a snapshot\n (bnc#801427).\n * btrfs: cleanup to make the function\n btrfs_delalloc_reserve_metadata more logic (bnc#801427).\n * btrfs: fix space leak when we fail to reserve\n metadata space (bnc#801427).\n * btrfs: fix space accounting for unlink and rename\n (bnc#801427).\n * btrfs: allocate new chunks if the space is not enough\n for global rsv (bnc#801427).\n * btrfs: various abort cleanups (bnc#812526 bnc#801427).\n * btrfs: simplify unlink reservations (bnc#801427).\n\n XFS:\n\n * xfs: Move allocation stack switch up to xfs_bmapi\n (bnc#815356).\n * xfs: introduce XFS_BMAPI_STACK_SWITCH (bnc#815356).\n * xfs: zero allocation_args on the kernel stack\n (bnc#815356).\n * xfs: fix debug_object WARN at xfs_alloc_vextent()\n (bnc#815356).\n * xfs: do not defer metadata allocation to the\n workqueue (bnc#815356).\n * xfs: introduce an allocation workqueue (bnc#815356).\n * xfs: fix race while discarding buffers [V4]\n (bnc#815356 (comment 36)).\n * xfs: Serialize file-extending direct IO (bnc#818371).\n * xfs: Do not allocate new buffers on every call to\n _xfs_buf_find (bnc#763968).\n * xfs: fix buffer lookup race on allocation failure\n (bnc#763968).\n\n ALSA:\n\n * Fix VT1708 jack detection on SLEPOS machines\n (bnc#813922).\n * ALSA: hda - Avoid choose same converter for unused\n pins (bnc#826186).\n * ALSA: hda - Cache the MUX selection for generic HDMI\n (bnc#826186).\n * ALSA: hda - Haswell converter power state D0 verify\n (bnc#826186).\n * ALSA: hda - Do not take unresponsive D3 transition\n too serious (bnc#823597).\n * ALSA: hda - Introduce bit flags to\n snd_hda_codec_read/write() (bnc#823597).\n * ALSA: hda - Check CORB overflow (bnc#823597).\n * ALSA: hda - Check validity of CORB/RIRB WP reads\n (bnc#823597).\n * ALSA: hda - Fix system panic when DMA &gt; 40 bits for\n Nvidia audio controllers (bnc#818465).\n * ALSA: hda - Add hint for suppressing lower cap for\n IDT codecs (bnc#812332).\n * ALSA: hda - Enable mic-mute LED on more HP laptops\n (bnc#821859).\n\n Direct Rendering Manager (DRM):\n\n * drm/i915: Add wait_for in init_ring_common\n (bnc#813604).\n * drm/i915: Mark the ringbuffers as being in the GTT\n domain (bnc#813604).\n * drm/edid: Do not print messages regarding stereo or\n csync by default (bnc #821235).\n * drm/i915: force full modeset if the connector is in\n DPMS OFF mode (bnc #809975).\n * drm/i915/sdvo: Use &amp;intel_sdvo-&gt;ddc instead of\n intel_sdvo-&gt;i2c for DDC (bnc #808855).\n * drm/mm: fix dump table BUG. (bnc#808837)\n * drm/i915: Clear the stolen fb before enabling\n (bnc#808015).\n\n XEN:\n\n * xen/netback: Update references (bnc#823342).\n * xen: Check for insane amounts of requests on the ring.\n * Update Xen patches to 3.0.82.\n * netback: do not disconnect frontend when seeing\n oversize packet.\n * netfront: reduce gso_max_size to account for max TCP\n header.\n * netfront: fix kABI after &quot;reduce gso_max_size to\n account for max TCP header&quot;.\n\n Other:\n\n * x86, efi: retry ExitBootServices() on failure\n (bnc#823386).\n * x86/efi: Fix dummy variable buffer allocation\n (bnc#822080).\n * ext4: avoid hang when mounting non-journal\n filesystems with orphan list (bnc#817377).\n * mm: compaction: Scan PFN caching KABI workaround (Fix\n KABI breakage (bnc#825657)).\n * autofs4 - fix get_next_positive_subdir() (bnc#819523).\n * ocfs2: Add bits_wanted while calculating credits in\n ocfs2_calc_extend_credits (bnc#822077).\n * writeback: Avoid needless scanning of b_dirty list\n (bnc#819018).\n * writeback: Do not sort b_io list only because of\n block device inode (bnc#819018).\n * re-enable io tracing (bnc#785901).\n * pciehp: Corrected the old mismatching DMI strings.\n * SUNRPC: Prevent an rpc_task wakeup race (bnc#825591).\n * tg3: Prevent system hang during repeated EEH errors\n (bnc#822066).\n * scsi_dh_alua: multipath failover fails with error 15\n (bnc#825696).\n * Do not switch camera on HP EB 8780 (bnc#797090).\n * Do not switch webcam for HP EB 8580w (bnc#797090).\n * mm: fixup compilation error due to an asm write\n through a const pointer. (bnc#823795)\n * do not switch cam port on HP EliteBook 840\n (bnc#822164).\n * net/sunrpc: xpt_auth_cache should be ignored when\n expired (bnc#803320).\n * sunrpc/cache: ensure items removed from cache do not\n have pending upcalls (bnc#803320).\n * sunrpc/cache: remove races with queuing an upcall\n (bnc#803320).\n * sunrpc/cache: use cache_fresh_unlocked consistently\n and correctly (bnc#803320).\n * KVM: x86: emulate movdqa (bnc#821070).\n * KVM: x86: emulator: add support for vector alignment\n (bnc#821070).\n * KVM: x86: emulator: expand decode flags to 64 bits\n (bnc#821070).\n * xhci - correct comp_mode_recovery_timer on return\n from hibernate (bnc#808136).\n * md/raid10 enough fixes (bnc#773837).\n * lib/Makefile: Fix oid_registry build dependency\n (bnc#823223).\n * Update config files: disable IP_PNP (bnc#822825)\n * Fix kABI breakage for addition of\n snd_hda_bus.no_response_fallback (bnc#823597).\n * Disable efi pstore by default (bnc#804482 bnc#820172).\n * md: Fix problem with GET_BITMAP_FILE returning wrong\n status (bnc#812974).\n * bnx2x: Fix bridged GSO for 57710/57711 chips\n (bnc#819610).\n * USB: xHCI: override bogus bulk wMaxPacketSize values\n (bnc#823082).\n * BTUSB: Add MediaTek bluetooth MT76x0E support\n (bnc#797727 bnc#822340).\n * qlge: Update version to 1.00.00.32 (bnc#819195).\n * qlge: Fix ethtool autoneg advertising (bnc#819195).\n * qlge: Fix receive path to drop error frames\n (bnc#819195).\n * qlge: remove NETIF_F_TSO6 flag (bnc#819195).\n * remove init of dev-&gt;perm_addr in drivers (bnc#819195).\n * drivers/net: fix up function prototypes after __dev*\n removals (bnc#819195).\n * qlge: remove __dev* attributes (bnc#819195).\n * drivers: ethernet: qlogic: qlge_dbg.c: Fixed a coding\n style issue (bnc#819195).\n * cxgb4: Force uninitialized state if FW_ON_ADAPTER is\n &lt; FW_VERSION and we are the MASTER_PF (bnc#809130).\n * USB: UHCI: fix for suspend of virtual HP controller\n (bnc#817035).\n * timer_list: Convert timer list to be a proper\n seq_file (bnc#818047).\n * timer_list: Split timer_list_show_tickdevices\n (bnc#818047).\n * sched: Fix /proc/sched_debug failure on very very\n large systems (bnc#818047).\n * sched: Fix /proc/sched_stat failure on very very\n large systems (bnc#818047).\n * reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry (bnc#822722).\n * libfc: do not exch_done() on invalid sequence ptr\n (bnc#810722).\n * netfilter: ip6t_LOG: fix logging of packet mark\n (bnc#821930).\n * virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID\n (bnc#819655).\n * HWPOISON: fix misjudgement of page_action() for\n errors on mlocked pages (Memory failure RAS (bnc#821799)).\n * HWPOISON: check dirty flag to match against clean\n page (Memory failure RAS (bnc#821799)).\n * HWPOISON: change order of error_states elements\n (Memory failure RAS (bnc#821799)).\n * mm: hwpoison: fix action_result() to print out\n dirty/clean (Memory failure RAS (bnc#821799)).\n * mm: mmu_notifier: re-fix freed page still mapped in\n secondary MMU (bnc#821052).\n * Do not switch webcams in some HP ProBooks to XHCI\n (bnc#805804).\n * Do not switch BT on HP ProBook 4340 (bnc#812281).\n * mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections (bnc#804609,\n bnc#820434).\n * mm: compaction: Restart compaction from near where it\n left off\n * mm: compaction: cache if a pageblock was scanned and\n no pages were isolated\n * mm: compaction: clear PG_migrate_skip based on\n compaction and reclaim activity\n * mm: compaction: Scan PFN caching KABI workaround\n * mm: page_allocator: Remove first_pass guard\n * mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles (bnc#816451)\n", "edition": 1, "modified": "2013-07-12T08:04:15", "published": "2013-07-12T08:04:15", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00017.html", "id": "SUSE-SU-2013:1182-2", "title": "Security update for Linux kernel (important)", "type": "suse", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:57:19", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-3232", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-1774", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-3235", "CVE-2013-3223"], "edition": 1, "description": "The SUSE Linux Enterprise 11 Service Pack 3 kernel was\n updated to 3.0.82 and to fix various bugs and security\n issues.\n\n Following security issues were fixed: CVE-2013-1774: The\n chase_port function in drivers/usb/serial/io_ti.c in the\n Linux kernel allowed local users to cause a denial of\n service (NULL pointer dereference and system crash) via an\n attempted /dev/ttyUSB read or write operation on a\n disconnected Edgeport USB serial converter.\n\n CVE-2013-0160: Timing side channel on attacks were possible\n on /dev/ptmx that could allow local attackers to predict\n keypresses like e.g. passwords. This has been fixed again\n by updating accessed/modified time on the pty devices in\n resolution of 8 seconds, so that idle time detection can\n still work.\n\n CVE-2013-3222: The vcc_recvmsg function in net/atm/common.c\n in the Linux kernel did not initialize a certain length\n variable, which allowed local users to obtain sensitive\n information from kernel stack memory via a crafted recvmsg\n or recvfrom system call.\n\n CVE-2013-3223: The ax25_recvmsg function in\n net/ax25/af_ax25.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3224: The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call.\n\n CVE-2013-3225: The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3227: The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3228: The irda_recvmsg_dgram function in\n net/irda/af_irda.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3229: The iucv_sock_recvmsg function in\n net/iucv/af_iucv.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3231: The llc_ui_recvmsg function in\n net/llc/af_llc.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3232: The nr_recvmsg function in\n net/netrom/af_netrom.c in the Linux kernel did not\n initialize a certain data structure, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3234: The rose_recvmsg function in\n net/rose/af_rose.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3235: net/tipc/socket.c in the Linux kernel did\n not initialize a certain data structure and a certain\n length variable, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3076: The crypto API in the Linux kernel did not\n initialize certain length variables, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call,\n related to the hash_recvmsg function in crypto/algif_hash.c\n and the skcipher_recvmsg function in\n crypto/algif_skcipher.c.\n\n CVE-2013-1979: The scm_set_cred function in\n include/net/scm.h in the Linux kernel used incorrect uid\n and gid values during credentials passing, which allowed\n local users to gain privileges via a crafted application.\n\n A kernel information leak via tkill/tgkill was fixed.\n\n Following non security bugs were fixed: S/390:\n - af_iucv: Missing man page (bnc#825037, LTC#94825).\n - iucv: fix kernel panic at reboot (bnc#825037, LTC#93803).\n - kernel: lost IPIs on CPU hotplug (bnc#825037, LTC#94784).\n - dasd: Add missing descriptions for dasd timeout messages\n (bnc#825037, LTC#94762).\n - dasd: Fix hanging device after resume with internal error\n 13 (bnc#825037, LTC#94554).\n - cio: Suppress 2nd path verification during resume\n (bnc#825037, LTC#94554).\n - vmcp: Missing man page (bnc#825037, LTC#94453).\n - kernel: 3215 console crash (bnc#825037, LTC#94302).\n - netiucv: Hold rtnl between name allocation and device\n registration (bnc#824159).\n - s390/ftrace: fix mcount adjustment (bnc#809895).\n\n HyperV:\n - Drivers: hv: Fix a bug in get_vp_index().\n - hyperv: Fix a compiler warning in netvsc_send().\n - Tools: hv: Fix a checkpatch warning.\n - tools: hv: skip iso9660 mounts in hv_vss_daemon.\n - tools: hv: use FIFREEZE/FITHAW in hv_vss_daemon.\n - tools: hv: use getmntent in hv_vss_daemon.\n - Tools: hv: Fix a checkpatch warning.\n - tools: hv: fix checks for origin of netlink message in\n hv_vss_daemon.\n - Tools: hv: fix warnings in hv_vss_daemon.\n - x86, hyperv: Handle Xen emulation of Hyper-V more\n gracefully.\n - hyperv: Fix a kernel warning from\n netvsc_linkstatus_callback().\n - Drivers: hv: balloon: make local functions static.\n - tools: hv: daemon should check type of received Netlink\n msg.\n - tools: hv: daemon setsockopt should use options macros.\n - tools: hv: daemon should subscribe only to CN_KVP_IDX\n group.\n - driver: hv: remove cast for kmalloc return value.\n - hyperv: use 3.4 as LIC version string (bnc#822431).\n\n BTRFS:\n - btrfs: flush delayed inodes if we are short on space\n (bnc#801427).\n - btrfs: rework shrink_delalloc (bnc#801427).\n - btrfs: fix our overcommit math (bnc#801427).\n - btrfs: delay block group item insertion (bnc#801427).\n - btrfs: remove bytes argument from do_chunk_alloc\n (bnc#801427).\n - btrfs: run delayed refs first when out of space\n (bnc#801427).\n - btrfs: do not commit instead of overcommitting\n (bnc#801427).\n - btrfs: do not take inode delalloc mutex if we are a free\n space inode (bnc#801427).\n - btrfs: fix chunk allocation error handling (bnc#801427).\n - btrfs: remove extent mapping if we fail to add chunk\n (bnc#801427).\n - btrfs: do not overcommit if we do not have enough space\n for global rsv (bnc#801427).\n - btrfs: rework the overcommit logic to be based on the\n total size (bnc#801427).\n - btrfs: steal from global reserve if we are cleaning up\n orphans (bnc#801427).\n - btrfs: clear chunk_alloc flag on retryable failure\n (bnc#801427).\n - btrfs: use reserved space for creating a snapshot\n (bnc#801427).\n - btrfs: cleanup to make the function\n btrfs_delalloc_reserve_metadata more logic (bnc#801427).\n - btrfs: fix space leak when we fail to reserve metadata\n space (bnc#801427).\n - btrfs: fix space accounting for unlink and rename\n (bnc#801427).\n - btrfs: allocate new chunks if the space is not enough for\n global rsv (bnc#801427).\n - btrfs: various abort cleanups (bnc#812526 bnc#801427).\n - btrfs: simplify unlink reservations (bnc#801427).\n\n XFS:\n - xfs: Move allocation stack switch up to xfs_bmapi\n (bnc#815356).\n - xfs: introduce XFS_BMAPI_STACK_SWITCH (bnc#815356).\n - xfs: zero allocation_args on the kernel stack\n (bnc#815356).\n - xfs: fix debug_object WARN at xfs_alloc_vextent()\n (bnc#815356).\n - xfs: do not defer metadata allocation to the workqueue\n (bnc#815356).\n - xfs: introduce an allocation workqueue (bnc#815356).\n - xfs: fix race while discarding buffers [V4] (bnc#815356\n (comment 36)).\n - xfs: Serialize file-extending direct IO (bnc#818371).\n - xfs: Do not allocate new buffers on every call to\n _xfs_buf_find (bnc#763968).\n - xfs: fix buffer lookup race on allocation failure\n (bnc#763968).\n\n ALSA:\n - Fix VT1708 jack detection on SLEPOS machines (bnc#813922).\n - ALSA: hda - Avoid choose same converter for unused pins\n (bnc#826186).\n - ALSA: hda - Cache the MUX selection for generic HDMI\n (bnc#826186).\n - ALSA: hda - Haswell converter power state D0 verify\n (bnc#826186).\n - ALSA: hda - Do not take unresponsive D3 transition too\n serious (bnc#823597).\n - ALSA: hda - Introduce bit flags to\n snd_hda_codec_read/write() (bnc#823597).\n - ALSA: hda - Check CORB overflow (bnc#823597).\n - ALSA: hda - Check validity of CORB/RIRB WP reads\n (bnc#823597).\n - ALSA: hda - Fix system panic when DMA &gt; 40 bits for\n Nvidia audio controllers (bnc#818465).\n - ALSA: hda - Add hint for suppressing lower cap for IDT\n codecs (bnc#812332).\n - ALSA: hda - Enable mic-mute LED on more HP laptops\n (bnc#821859).\n\n Direct Rendering Manager (DRM):\n - drm/i915: Add wait_for in init_ring_common (bnc#813604).\n - drm/i915: Mark the ringbuffers as being in the GTT domain\n (bnc#813604).\n - drm/edid: Do not print messages regarding stereo or csync\n by default (bnc #821235).\n - drm/i915: force full modeset if the connector is in DPMS\n OFF mode (bnc #809975).\n - drm/i915/sdvo: Use &amp;intel_sdvo-&gt;ddc instead of\n intel_sdvo-&gt;i2c for DDC (bnc #808855).\n - drm/mm: fix dump table BUG. (bnc#808837)\n - drm/i915: Clear the stolen fb before enabling\n (bnc#808015).\n\n XEN:\n - xen/netback: Update references (bnc#823342).\n - xen: Check for insane amounts of requests on the ring.\n - Update Xen patches to 3.0.82.\n - netback: do not disconnect frontend when seeing oversize\n packet.\n - netfront: reduce gso_max_size to account for max TCP\n header.\n - netfront: fix kABI after &quot;reduce gso_max_size to account\n for max TCP header&quot;.\n\n Other:\n - x86, efi: retry ExitBootServices() on failure\n (bnc#823386).\n - x86/efi: Fix dummy variable buffer allocation\n (bnc#822080).\n\n - ext4: avoid hang when mounting non-journal filesystems\n with orphan list (bnc#817377).\n\n - mm: compaction: Scan PFN caching KABI workaround (Fix\n KABI breakage (bnc#825657)).\n\n - autofs4 - fix get_next_positive_subdir() (bnc#819523).\n\n - ocfs2: Add bits_wanted while calculating credits in\n ocfs2_calc_extend_credits (bnc#822077).\n\n - writeback: Avoid needless scanning of b_dirty list\n (bnc#819018).\n - writeback: Do not sort b_io list only because of block\n device inode (bnc#819018).\n\n - re-enable io tracing (bnc#785901).\n\n - pciehp: Corrected the old mismatching DMI strings.\n\n - SUNRPC: Prevent an rpc_task wakeup race (bnc#825591).\n\n - tg3: Prevent system hang during repeated EEH errors\n (bnc#822066).\n\n - scsi_dh_alua: multipath failover fails with error 15\n (bnc#825696).\n\n - Do not switch camera on HP EB 8780 (bnc#797090).\n\n - Do not switch webcam for HP EB 8580w (bnc#797090).\n\n - mm: fixup compilation error due to an asm write through a\n const pointer. (bnc#823795)\n\n - do not switch cam port on HP EliteBook 840 (bnc#822164).\n\n - net/sunrpc: xpt_auth_cache should be ignored when expired\n (bnc#803320).\n - sunrpc/cache: ensure items removed from cache do not have\n pending upcalls (bnc#803320).\n - sunrpc/cache: remove races with queuing an upcall\n (bnc#803320).\n - sunrpc/cache: use cache_fresh_unlocked consistently and\n correctly (bnc#803320).\n\n - KVM: x86: emulate movdqa (bnc#821070).\n - KVM: x86: emulator: add support for vector alignment\n (bnc#821070).\n - KVM: x86: emulator: expand decode flags to 64 bits\n (bnc#821070).\n\n - xhci - correct comp_mode_recovery_timer on return from\n hibernate (bnc#808136).\n\n - md/raid10 enough fixes (bnc#773837).\n\n - lib/Makefile: Fix oid_registry build dependency\n (bnc#823223).\n\n - Update config files: disable IP_PNP (bnc#822825)\n\n - Fix kABI breakage for addition of\n snd_hda_bus.no_response_fallback (bnc#823597).\n\n - Disable efi pstore by default (bnc#804482 bnc#820172).\n\n - md: Fix problem with GET_BITMAP_FILE returning wrong\n status (bnc#812974).\n\n - bnx2x: Fix bridged GSO for 57710/57711 chips (bnc#819610).\n\n - USB: xHCI: override bogus bulk wMaxPacketSize values\n (bnc#823082).\n\n - BTUSB: Add MediaTek bluetooth MT76x0E support (bnc#797727\n bnc#822340).\n\n - qlge: Update version to 1.00.00.32 (bnc#819195).\n - qlge: Fix ethtool autoneg advertising (bnc#819195).\n - qlge: Fix receive path to drop error frames (bnc#819195).\n - qlge: remove NETIF_F_TSO6 flag (bnc#819195).\n - remove init of dev-&gt;perm_addr in drivers (bnc#819195).\n - drivers/net: fix up function prototypes after __dev*\n removals (bnc#819195).\n - qlge: remove __dev* attributes (bnc#819195).\n - drivers: ethernet: qlogic: qlge_dbg.c: Fixed a coding\n style issue (bnc#819195).\n\n - cxgb4: Force uninitialized state if FW_ON_ADAPTER is &lt;\n FW_VERSION and we are the MASTER_PF (bnc#809130).\n\n - USB: UHCI: fix for suspend of virtual HP controller\n (bnc#817035).\n\n - timer_list: Convert timer list to be a proper seq_file\n (bnc#818047).\n - timer_list: Split timer_list_show_tickdevices\n (bnc#818047).\n - sched: Fix /proc/sched_debug failure on very very large\n systems (bnc#818047).\n - sched: Fix /proc/sched_stat failure on very very large\n systems (bnc#818047).\n\n - reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry (bnc#822722).\n\n - libfc: do not exch_done() on invalid sequence ptr\n (bnc#810722).\n\n - netfilter: ip6t_LOG: fix logging of packet mark\n (bnc#821930).\n\n\n - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID\n (bnc#819655).\n\n - HWPOISON: fix misjudgement of page_action() for errors on\n mlocked pages (Memory failure RAS (bnc#821799)).\n - HWPOISON: check dirty flag to match against clean page\n (Memory failure RAS (bnc#821799)).\n - HWPOISON: change order of error_states elements (Memory\n failure RAS (bnc#821799)).\n - mm: hwpoison: fix action_result() to print out\n dirty/clean (Memory failure RAS (bnc#821799)).\n\n - mm: mmu_notifier: re-fix freed page still mapped in\n secondary MMU (bnc#821052).\n\n - Do not switch webcams in some HP ProBooks to XHCI\n (bnc#805804).\n\n - Do not switch BT on HP ProBook 4340 (bnc#812281).\n\n - mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections (bnc#804609,\n bnc#820434).\n\n - mm: compaction: Restart compaction from near where it\n left off\n - mm: compaction: cache if a pageblock was scanned and no\n pages were isolated\n - mm: compaction: clear PG_migrate_skip based on compaction\n and reclaim activity\n - mm: compaction: Scan PFN caching KABI workaround\n - mm: page_allocator: Remove first_pass guard\n - mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles (bnc#816451)\n\n", "modified": "2013-07-11T21:04:15", "published": "2013-07-11T21:04:15", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html", "id": "SUSE-SU-2013:1182-1", "type": "suse", "title": "kernel update for SLE11 SP3 (important)", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:14:44", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2635", "CVE-2013-3228", "CVE-2013-1797", "CVE-2012-6548", "CVE-2013-3232", "CVE-2013-0268", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-1792", "CVE-2013-3224", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-1772", "CVE-2013-0311", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2012-6549", "CVE-2013-0914", "CVE-2013-2634", "CVE-2013-1796", "CVE-2013-1798", "CVE-2013-3235", "CVE-2013-3223"], "description": "The kernel was updated to Linux kernel 3.0.80, fixing\n various bugs and security issues.\n\n Following security issues were fixed: CVE-2013-0160:\n Timing side channel on attacks were possible on /dev/ptmx\n that could allow local attackers to predict keypresses like\n e.g. passwords. This has been fixed again by updating\n accessed/modified time on the pty devices in resolution of\n 8 seconds, so that idle time detection can still work.\n\n CVE-2013-3222: The vcc_recvmsg function in\n net/atm/common.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3223: The ax25_recvmsg function in\n net/ax25/af_ax25.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3224: The bt_sock_recvmsg function in\n net/bluetooth/af_bluetooth.c in the Linux kernel did not\n properly initialize a certain length variable, which\n allowed local users to obtain sensitive information from\n kernel stack memory via a crafted recvmsg or recvfrom\n system call.\n\n CVE-2013-3225: The rfcomm_sock_recvmsg function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3227: The caif_seqpkt_recvmsg function in\n net/caif/caif_socket.c in the Linux kernel did not\n initialize a certain length variable, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3228: The irda_recvmsg_dgram function in\n net/irda/af_irda.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3229: The iucv_sock_recvmsg function in\n net/iucv/af_iucv.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3231: The llc_ui_recvmsg function in\n net/llc/af_llc.c in the Linux kernel did not initialize a\n certain length variable, which allowed local users to\n obtain sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3232: The nr_recvmsg function in\n net/netrom/af_netrom.c in the Linux kernel did not\n initialize a certain data structure, which allowed local\n users to obtain sensitive information from kernel stack\n memory via a crafted recvmsg or recvfrom system call.\n\n CVE-2013-3234: The rose_recvmsg function in\n net/rose/af_rose.c in the Linux kernel did not initialize a\n certain data structure, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3235: net/tipc/socket.c in the Linux kernel did\n not initialize a certain data structure and a certain\n length variable, which allowed local users to obtain\n sensitive information from kernel stack memory via a\n crafted recvmsg or recvfrom system call.\n\n CVE-2013-3076: The crypto API in the Linux kernel did\n not initialize certain length variables, which allowed\n local users to obtain sensitive information from kernel\n stack memory via a crafted recvmsg or recvfrom system call,\n related to the hash_recvmsg function in crypto/algif_hash.c\n and the skcipher_recvmsg function in\n crypto/algif_skcipher.c.\n\n CVE-2013-1979: The scm_set_cred function in\n include/net/scm.h in the Linux kernel used incorrect uid\n and gid values during credentials passing, which allowed\n local users to gain privileges via a crafted application.\n\n A kernel information leak via tkill/tgkill was fixed.\n\n\n Following bugs were fixed:\n - reiserfs: fix spurious multiple-fill in\n reiserfs_readdir_dentry (bnc#822722).\n\n - libfc: do not exch_done() on invalid sequence ptr\n (bnc#810722).\n\n - netfilter: ip6t_LOG: fix logging of packet mark\n (bnc#821930).\n\n - hyperv: use 3.4 as LIC version string (bnc#822431).\n\n - virtio_net: introduce VIRTIO_NET_HDR_F_DATA_VALID\n (bnc#819655).\n\n - xen/netback: do not disconnect frontend when seeing\n oversize packet.\n - xen/netfront: reduce gso_max_size to account for max\n TCP header.\n - xen/netfront: fix kABI after &quot;reduce gso_max_size to\n account for max TCP header&quot;.\n\n - xfs: Fix kABI due to change in xfs_buf (bnc#815356).\n\n - xfs: fix race while discarding buffers [V4]\n (bnc#815356 (comment 36)).\n\n - xfs: Serialize file-extending direct IO (bnc#818371).\n\n - xhci: Do not switch webcams in some HP ProBooks to\n XHCI (bnc#805804).\n - bluetooth: Do not switch BT on HP ProBook 4340\n (bnc#812281).\n\n - s390/ftrace: fix mcount adjustment (bnc#809895).\n\n - mm: memory_dev_init make sure nmi watchdog does not\n trigger while registering memory sections (bnc#804609,\n bnc#820434).\n\n - patches.fixes/xfs-backward-alloc-fix.diff: xfs: Avoid\n pathological backwards allocation (bnc#805945).\n\n - mm: compaction: Restart compaction from near where it\n left off\n - mm: compaction: cache if a pageblock was scanned and\n no pages were isolated\n - mm: compaction: clear PG_migrate_skip based on\n compaction and reclaim activity\n - mm: compaction: Scan PFN caching KABI workaround\n - mm: page_allocator: Remove first_pass guard\n - mm: vmscan: do not stall on writeback during memory\n compaction Cache compaction restart points for faster\n compaction cycles (bnc#816451)\n\n - qlge: fix dma map leak when the last chunk is not\n allocated (bnc#819519).\n\n - SUNRPC: Get rid of the redundant xprt-&gt;shutdown bit\n field (bnc#800907).\n - SUNRPC: Ensure that we grab the XPRT_LOCK before\n calling xprt_alloc_slot (bnc#800907).\n - SUNRPC: Fix a UDP transport regression (bnc#800907).\n - SUNRPC: Allow caller of rpc_sleep_on() to select\n priority levels (bnc#800907).\n - SUNRPC: Replace xprt-&gt;resend and xprt-&gt;sending with a\n priority queue (bnc#800907).\n - SUNRPC: Fix potential races in xprt_lock_write_next()\n (bnc#800907).\n\n - md: cannot re-add disks after recovery (bnc#808647).\n\n - fs/xattr.c:getxattr(): improve handling of allocation\n failures (bnc#818053).\n - fs/xattr.c:listxattr(): fall back to vmalloc() if\n kmalloc() failed (bnc#818053).\n - fs/xattr.c:setxattr(): improve handling of allocation\n failures (bnc#818053).\n - fs/xattr.c: suppress page allocation failure warnings\n from sys_listxattr() (bnc#818053).\n\n - virtio-blk: Call revalidate_disk() upon online disk\n resize (bnc#817339).\n\n - usb-storage: CY7C68300A chips do not support Cypress\n ATACB (bnc#819295).\n\n - patches.kernel.org/patch-3.0.60-61: Update references\n (add bnc#810580).\n\n - usb: Using correct way to clear usb3.0 devices remote\n wakeup feature (bnc#818516).\n\n - xhci: Fix TD size for isochronous URBs (bnc#818514).\n\n - ALSA: hda - fixup D3 pin and right channel mute on\n Haswell HDMI audio (bnc#818798).\n - ALSA: hda - Apply pin-enablement workaround to all\n Haswell HDMI codecs (bnc#818798).\n\n - xfs: fallback to vmalloc for large buffers in\n xfs_attrmulti_attr_get (bnc#818053).\n - xfs: fallback to vmalloc for large buffers in\n xfs_attrlist_by_handle (bnc#818053).\n - xfs: xfs: fallback to vmalloc for large buffers in\n xfs_compat_attrlist_by_handle (bnc#818053).\n\n - xHCI: store rings type.\n - xhci: Fix hang on back-to-back Set TR Deq Ptr commands.\n - xHCI: check enqueue pointer advance into dequeue seg.\n - xHCI: store rings last segment and segment numbers.\n - xHCI: Allocate 2 segments for transfer ring.\n - xHCI: count free TRBs on transfer ring.\n - xHCI: factor out segments allocation and free function.\n - xHCI: update sg tablesize.\n - xHCI: set cycle state when allocate rings.\n - xhci: Reserve one command for USB3 LPM disable.\n - xHCI: dynamic ring expansion.\n - xhci: Do not warn on empty ring for suspended devices.\n\n - md/raid1: Do not release reference to device while\n handling read error (bnc#809122, bnc#814719).\n\n - rpm/mkspec: Stop generating the get_release_number.sh\n file.\n\n - rpm/kernel-spec-macros: Properly handle KOTD release\n numbers with .g&lt;commit&gt; suffix.\n\n - rpm/kernel-spec-macros: Drop the %release_num macro We\n no longer put the -rcX tag into the release string.\n\n - rpm/kernel-*.spec.in, rpm/mkspec: Do not force the\n &quot;&lt;RELEASE&gt;&quot; string in specfiles.\n\n - mm/mmap: check for RLIMIT_AS before unmapping\n (bnc#818327).\n\n - mm: Fix add_page_wait_queue() to work for PG_Locked\n bit waiters (bnc#792584).\n\n - mm: Fix add_page_wait_queue() to work for PG_Locked\n bit waiters (bnc#792584).\n\n - bonding: only use primary address for ARP (bnc#815444).\n - bonding: remove entries for master_ip and vlan_ip and\n query devices instead (bnc#815444).\n\n\n - mm: speedup in __early_pfn_to_nid (bnc#810624).\n\n - TTY: fix atime/mtime regression (bnc#815745).\n\n - sd_dif: problem with verify of type 1 protection\n information (PI) (bnc#817010).\n\n - sched: harden rq rt usage accounting (bnc#769685,\n bnc#788590).\n\n - rcu: Avoid spurious RCU CPU stall warnings\n (bnc#816586).\n - rcu: Dump local stack if cannot dump all CPUs stacks\n (bnc#816586).\n - rcu: Fix detection of abruptly-ending stall\n (bnc#816586).\n - rcu: Suppress NMI backtraces when stall ends before\n dump (bnc#816586).\n\n - Update Xen patches to 3.0.74.\n\n - btrfs: do not re-enter when allocating a chunk.\n - btrfs: save us a read_lock.\n - btrfs: Check CAP_DAC_READ_SEARCH for\n BTRFS_IOC_INO_PATHS.\n - btrfs: remove unused fs_info from btrfs_decode_error().\n - btrfs: handle null fs_info in btrfs_panic().\n - btrfs: fix varargs in __btrfs_std_error.\n - btrfs: fix the race between bio and btrfs_stop_workers.\n - btrfs: fix NULL pointer after aborting a transaction.\n - btrfs: fix infinite loop when we abort on mount.\n\n - xfs: Do not allocate new buffers on every call to\n _xfs_buf_find (bnc#763968).\n - xfs: fix buffer lookup race on allocation failure\n (bnc#763968).\n\n", "edition": 1, "modified": "2013-07-12T09:04:49", "published": "2013-07-12T09:04:49", "id": "OPENSUSE-SU-2013:1187-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html", "type": "suse", "title": "3.0.80 kernel update (important)", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-08-12T01:00:43", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3228", "CVE-2013-0160", "CVE-2013-3231", "CVE-2013-3229", "CVE-2013-3224", "CVE-2013-3301", "CVE-2013-3234", "CVE-2013-3227", "CVE-2013-2015", "CVE-2013-1929", "CVE-2013-3225", "CVE-2013-1979", "CVE-2013-3222", "CVE-2013-3076", "CVE-2013-2094", "CVE-2013-1796", "CVE-2013-3235", "CVE-2013-3223"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-2669-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nMay 15, 2013 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux\nVulnerability : privilege escalation/denial of service/information leak\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2013-0160 CVE-2013-1796 CVE-2013-1929 CVE-2013-1979\n CVE-2013-2015 CVE-2013-2094 CVE-2013-3076 CVE-2013-3222\n CVE-2013-3223 CVE-2013-3224 CVE-2013-3225 CVE-2013-3227\n CVE-2013-3228 CVE-2013-3229 CVE-2013-3231 CVE-2013-3234\n CVE-2013-3235 CVE-2013-3301\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service, information leak or privilege escalation. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2013-0160\n\n vladz reported a timing leak with the /dev/ptmx character device. A local\n user could use this to determine sensitive information such as password\n length.\n\nCVE-2013-1796\n\n Andrew Honig of Google reported an issue in the KVM subsystem. A user in\n a guest operating system could corrupt kernel memory, resulting in a\n denial of service.\n\nCVE-2013-1929\n\n Oded Horovitz and Brad Spengler reported an issue in the device driver for\n Broadcom Tigon3 based gigabit Ethernet. Users with the ability to attach\n untrusted devices can create an overflow condition, resulting in a denial\n of service or elevated privileges.\n\nCVE-2013-1979\n\n Andy Lutomirski reported an issue in the socket level control message\n processing subsystem. Local users maybe able to gain eleveated privileges.\n\nCVE-2013-2015\n\n Theodore Ts&#x27;o provided a fix for an issue in the ext4 filesystem. Local\n users with the ability to mount a specially crafted filesystem can cause\n a denial of service (infinite loop).\n\nCVE-2013-2094\n\n Tommie Rantala discovered an issue in the perf subsystem. An out-of-bounds\n access vulnerability allows local users to gain elevated privileges.\n\nCVE-2013-3076\n\n Mathias Krauss discovered an issue in the userspace interface for hash\n algorithms. Local users can gain access to sensitive kernel memory.\n \nCVE-2013-3222\n\n Mathias Krauss discovered an issue in the Asynchronous Transfer Mode (ATM)\n protocol support. Local users can gain access to sensitive kernel memory.\n\nCVE-2013-3223\n\n Mathias Krauss discovered an issue in the Amateur Radio AX.25 protocol\n support. Local users can gain access to sensitive kernel memory.\n\nCVE-2013-3224\n\n Mathias Krauss discovered an issue in the Bluetooth subsystem. Local users\n can gain access to sensitive kernel memory.\n\nCVE-2013-3225\n\n Mathias Krauss discovered an issue in the Bluetooth RFCOMM protocol\n support. Local users can gain access to sensitive kernel memory.\n \nCVE-2013-3227\n\n Mathias Krauss discovered an issue in the Communication CPU to Application\n CPU Interface (CAIF). Local users can gain access to sensitive kernel\n memory.\n\nCVE-2013-3228\n\n Mathias Krauss discovered an issue in the IrDA (infrared) subsystem\n support. Local users can gain access to sensitive kernel memory.\n\nCVE-2013-3229\n\n Mathias Krauss discovered an issue in the IUCV support on s390 systems.\n Local users can gain access to sensitive kernel memory.\n\nCVE-2013-3231\n\n Mathias Krauss discovered an issue in the ANSI/IEEE 802.2 LLC type 2\n protocol support. Local users can gain access to sensitive kernel memory.\n\nCVE-2013-3234\n\n Mathias Krauss discovered an issue in the Amateur Radio X.25 PLP (Rose)\n protocol support. Local users can gain access to sensitive kernel memory.\n\nCVE-2013-3235\n\n Mathias Krauss discovered an issue in the Transparent Inter Process\n Communication (TIPC) protocol support. Local users can gain access to\n sensitive kernel memory.\n\nCVE-2013-3301\n\n Namhyung Kim reported an issue in the tracing subsystem. A privileged\n local user could cause a denial of service (system crash). This\n vulnerabililty is not applicable to Debian systems by default.\n\nFor the stable distribution (wheezy), this problem has been fixed in version\n3.2.41-2+deb7u1.\n\nNote: Updates are currently available for the amd64, i386, ia64, s390, s390x\nand sparc architectures. Updates for the remaining architectures will be\nreleased as they become available.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 7.0 (wheezy)\n user-mode-linux 3.2-2um-1+deb7u1\n\nWe recommend that you upgrade your linux and user-mode-linux packages.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or &quot;leap-frog&quot; fashion.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 7, "modified": "2013-05-16T02:56:25", "published": "2013-05-16T02:56:25", "id": "DEBIAN:DSA-2669-1:6658C", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2013/msg00077.html", "title": "[SECURITY] [DSA 2669-1] linux security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2020-12-09T19:52:40", "description": "arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial of service (general protection fault and system crash) by attempting to set a reserved bit.", "edition": 5, "cvss3": {}, "published": "2013-06-07T14:03:00", "title": "CVE-2013-2146", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2146"], "modified": "2014-02-07T04:46:00", "cpe": ["cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.8.2"], "id": "CVE-2013-2146", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2146", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3227", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3227"], "modified": "2017-11-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3227", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3227", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable and a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3233", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3233"], "modified": "2014-01-04T04:47:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3233", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3233", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3224", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3224"], "modified": "2017-11-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3224", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3224", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3229", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3229"], "modified": "2017-11-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3229", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3229", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3235", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3235"], "modified": "2017-11-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3235", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3235", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3234", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3234"], "modified": "2017-11-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3234", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3234", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3232", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3232"], "modified": "2017-11-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3232", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3232", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3228", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3228"], "modified": "2017-11-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3228", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3228", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:52:43", "description": "The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.", "edition": 5, "cvss3": {}, "published": "2013-04-22T11:41:00", "title": "CVE-2013-3225", "type": "cve", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-3225"], "modified": "2017-11-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.9"], "id": "CVE-2013-3225", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3225", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0190", "CVE-2013-0228", "CVE-2013-0290", "CVE-2013-0913", "CVE-2013-0914", "CVE-2013-1763", "CVE-2013-1767", "CVE-2013-1792", "CVE-2013-1796", "CVE-2013-1797", "CVE-2013-1798", "CVE-2013-1828", "CVE-2013-1860", "CVE-2013-1873", "CVE-2013-1929", "CVE-2013-1979", "CVE-2013-3076", "CVE-2013-3222", "CVE-2013-3223", "CVE-2013-3224", "CVE-2013-3225", "CVE-2013-3228", "CVE-2013-3230", "CVE-2013-3231", "CVE-2013-3232", "CVE-2013-3233", "CVE-2013-3234"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2013-04-27T00:09:52", "published": "2013-04-27T00:09:52", "id": "FEDORA:98C7A20D38", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: kernel-3.8.8-203.fc18", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0190", "CVE-2013-0228", "CVE-2013-0290", "CVE-2013-0913", "CVE-2013-0914", "CVE-2013-1763", "CVE-2013-1767", "CVE-2013-1792", "CVE-2013-1796", "CVE-2013-1797", "CVE-2013-1798", "CVE-2013-1828", "CVE-2013-1860", "CVE-2013-1873", "CVE-2013-1929", "CVE-2013-1979", "CVE-2013-2140", "CVE-2013-2147", "CVE-2013-2148", "CVE-2013-2164", "CVE-2013-2850", "CVE-2013-2851", "CVE-2013-2852", "CVE-2013-3076", "CVE-2013-3222", "CVE-2013-3223", "CVE-2013-3224", "CVE-2013-3225", "CVE-2013-3228", "CVE-2013-3230", "CVE-2013-3231", "CVE-2013-3232", "CVE-2013-3233", "CVE-2013-3234"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2013-06-13T06:05:52", "published": "2013-06-13T06:05:52", "id": "FEDORA:645032107F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: kernel-3.9.5-201.fc18", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:51", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0190", "CVE-2013-0228", "CVE-2013-0290", "CVE-2013-0913", "CVE-2013-0914", "CVE-2013-1059", "CVE-2013-1763", "CVE-2013-1767", "CVE-2013-1792", "CVE-2013-1796", "CVE-2013-1797", "CVE-2013-1798", "CVE-2013-1828", "CVE-2013-1860", "CVE-2013-1873", "CVE-2013-1929", "CVE-2013-1979", "CVE-2013-2140", "CVE-2013-2147", "CVE-2013-2148", "CVE-2013-2164", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2850", "CVE-2013-2851", "CVE-2013-2852", "CVE-2013-3076", "CVE-2013-3222", "CVE-2013-3223", "CVE-2013-3224", "CVE-2013-3225", "CVE-2013-3228", "CVE-2013-3230", "CVE-2013-3231", "CVE-2013-3232", "CVE-2013-3233", "CVE-2013-3234"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2013-07-12T03:11:58", "published": "2013-07-12T03:11:58", "id": "FEDORA:1F0D821165", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: kernel-3.9.9-201.fc18", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:24:53", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3231", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-1929", "CVE-2012-6544", "CVE-2013-3222", "CVE-2013-0914", "CVE-2013-3235"], "description": "**CentOS Errata and Security Advisory** CESA-2013:1034\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* Information leaks in the Linux kernel could allow a local, unprivileged\nuser to leak kernel memory to user-space. (CVE-2012-6544, CVE-2012-6545,\nCVE-2013-3222, CVE-2013-3224, CVE-2013-3231, CVE-2013-3235, Low)\n\n* An information leak was found in the Linux kernel's POSIX signals\nimplementation. A local, unprivileged user could use this flaw to bypass\nthe Address Space Layout Randomization (ASLR) security feature.\n(CVE-2013-0914, Low)\n\n* A heap-based buffer overflow in the way the tg3 Ethernet driver parsed\nthe vital product data (VPD) of devices could allow an attacker with\nphysical access to a system to cause a denial of service or, potentially,\nescalate their privileges. (CVE-2013-1929, Low)\n\nThis update also fixes the following bugs:\n\n* Previously on system boot, devices with associated Reserved Memory Region\nReporting (RMRR) information had lost their RMRR information after they\nwere removed from the static identity (SI) domain. Consequently, a system\nunexpectedly terminated in an endless loop due to unexpected NMIs triggered\nby DMA errors. This problem was observed on HP ProLiant Generation 7 (G7)\nand 8 (Gen8) systems. This update prevents non-USB devices that have RMRR\ninformation associated with them from being placed into the SI domain\nduring system boot. HP ProLiant G7 and Gen8 systems that contain devices\nwith the RMRR information now boot as expected. (BZ#957606)\n\n* Previously, the kernel's futex wait code used timeouts that had\ngranularity in milliseconds. Also, when passing these timeouts to system\ncalls, the kernel converted the timeouts to \"jiffies\". Consequently,\nprograms could time out inaccurately which could lead to significant\nlatency problems in certain environments. This update modifies the futex\nwait code to use a high-resolution timer (hrtimer) so the timeout\ngranularity is now in microseconds. Timeouts are no longer converted to\n\"jiffies\" when passed to system calls. Timeouts passed to programs are now\naccurate and the programs time out as expected. (BZ#958021)\n\n* A recent change modified the size of the task_struct structure in the\nfloating point unit (fpu) counter. However, on Intel Itanium systems, this\nchange caused the kernel Application Binary Interface (kABI) to stop\nworking properly when a previously compiled module was loaded, resulting in\na kernel panic. With this update the change causing this bug has been\nreverted so the bug can no longer occur. (BZ#966878)\n\n* The cxgb4 driver previously did not clear data structures used for\nfirmware requests. Consequently, when initializing some Chelsio's\nTerminator 4 (T4) adapters, a probe request could fail because the request\nwas incompatible with the adapter's firmware. This update modifies the\ncxgb4 driver to properly initialize firmware request structures before\nsending a request to the firmware and the problem no longer occurs.\n(BZ#971872)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2013-July/031883.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2013-1034.html", "edition": 3, "modified": "2013-07-10T15:50:41", "published": "2013-07-10T15:50:41", "href": "http://lists.centos.org/pipermail/centos-announce/2013-July/031883.html", "id": "CESA-2013:1034", "title": "kernel security update", "type": "centos", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}], "redhat": [{"lastseen": "2019-08-13T18:46:02", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6544", "CVE-2012-6545", "CVE-2013-0914", "CVE-2013-1929", "CVE-2013-3222", "CVE-2013-3224", "CVE-2013-3231", "CVE-2013-3235"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* Information leaks in the Linux kernel could allow a local, unprivileged\nuser to leak kernel memory to user-space. (CVE-2012-6544, CVE-2012-6545,\nCVE-2013-3222, CVE-2013-3224, CVE-2013-3231, CVE-2013-3235, Low)\n\n* An information leak was found in the Linux kernel's POSIX signals\nimplementation. A local, unprivileged user could use this flaw to bypass\nthe Address Space Layout Randomization (ASLR) security feature.\n(CVE-2013-0914, Low)\n\n* A heap-based buffer overflow in the way the tg3 Ethernet driver parsed\nthe vital product data (VPD) of devices could allow an attacker with\nphysical access to a system to cause a denial of service or, potentially,\nescalate their privileges. (CVE-2013-1929, Low)\n\nThis update also fixes the following bugs:\n\n* Previously on system boot, devices with associated Reserved Memory Region\nReporting (RMRR) information had lost their RMRR information after they\nwere removed from the static identity (SI) domain. Consequently, a system\nunexpectedly terminated in an endless loop due to unexpected NMIs triggered\nby DMA errors. This problem was observed on HP ProLiant Generation 7 (G7)\nand 8 (Gen8) systems. This update prevents non-USB devices that have RMRR\ninformation associated with them from being placed into the SI domain\nduring system boot. HP ProLiant G7 and Gen8 systems that contain devices\nwith the RMRR information now boot as expected. (BZ#957606)\n\n* Previously, the kernel's futex wait code used timeouts that had\ngranularity in milliseconds. Also, when passing these timeouts to system\ncalls, the kernel converted the timeouts to \"jiffies\". Consequently,\nprograms could time out inaccurately which could lead to significant\nlatency problems in certain environments. This update modifies the futex\nwait code to use a high-resolution timer (hrtimer) so the timeout\ngranularity is now in microseconds. Timeouts are no longer converted to\n\"jiffies\" when passed to system calls. Timeouts passed to programs are now\naccurate and the programs time out as expected. (BZ#958021)\n\n* A recent change modified the size of the task_struct structure in the\nfloating point unit (fpu) counter. However, on Intel Itanium systems, this\nchange caused the kernel Application Binary Interface (kABI) to stop\nworking properly when a previously compiled module was loaded, resulting in\na kernel panic. With this update the change causing this bug has been\nreverted so the bug can no longer occur. (BZ#966878)\n\n* The cxgb4 driver previously did not clear data structures used for\nfirmware requests. Consequently, when initializing some Chelsio's\nTerminator 4 (T4) adapters, a probe request could fail because the request\nwas incompatible with the adapter's firmware. This update modifies the\ncxgb4 driver to properly initialize firmware request structures before\nsending a request to the firmware and the problem no longer occurs.\n(BZ#971872)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2017-09-08T12:08:22", "published": "2013-07-10T04:00:00", "id": "RHSA-2013:1034", "href": "https://access.redhat.com/errata/RHSA-2013:1034", "type": "redhat", "title": "(RHSA-2013:1034) Low: kernel security and bug fix update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:30", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3231", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-1929", "CVE-2012-6544", "CVE-2013-3222", "CVE-2012-4398", "CVE-2013-0914", "CVE-2013-3235"], "description": "kernel\n[2.6.18-348.12.1]\n- Revert: [fs] afs: export a couple of core functions for AFS write support (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: drop ec_type from the ext4_ext_cache structure (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: handle NULL p_ext in ext4_ext_next_allocated_block() (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: make FIEMAP and delayed allocation play well together (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: Fix possibly very long loop in fiemap (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: prevent race while walking extent tree for fiemap (Lukas Czerner) [960014 692071]\n[2.6.18-348.11.1]\n- Revert: [kernel] kmod: make request_module() killable (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] kmod: avoid deadlock from recursive kmod call (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] wait_for_helper: remove unneeded do_sigaction() (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] Fix ____call_usermodehelper errs being silently ignored (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] wait_for_helper: SIGCHLD from u/s cause use-after-free (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] kmod: avoid deadlock from recursive request_module call (Frantisek Hrbata) [957152 949568]\n- Revert: [x86-64] non lazy sleazy fpu implementation (Prarit Bhargava) [948187 731531]\n- Revert: [i386] add sleazy FPU optimization (Prarit Bhargava) [948187 731531]\n- Revert: [x86] fpu: fix CONFIG_PREEMPT=y corruption of FPU stack (Prarit Bhargava) [948187 731531]\n- Revert: [ia64] fix KABI breakage on ia64 (Prarit Bhargava) [966878 960783]\n[2.6.18-348.10.1]\n- [net] Bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir Vrbovsky) [955600 955601] {CVE-2013-3224}\n- [net] Bluetooth: HCI & L2CAP information leaks (Jacob Tanenbaum) [922415 922416] {CVE-2012-6544}\n- [misc] signal: use __ARCH_HAS_SA_RESTORER instead of SA_RESTORER (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914}\n- [misc] signal: always clear sa_restorer on execve (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914}\n- [misc] signal: Def __ARCH_HAS_SA_RESTORER for sa_restorer clear (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914}\n- [net] cxgb4: zero out another firmware request struct (Jay Fenlason) [971872 872531]\n- [net] cxgb4: clear out most firmware request structures (Jay Fenlason) [971872 872531]\n- [kernel] Make futex_wait() use an hrtimer for timeout (Prarit Bhargava) [958021 864648]\n[2.6.18-348.9.1]\n- [net] tg3: buffer overflow in VPD firmware parsing (Jacob Tanenbaum) [949939 949940] {CVE-2013-1929}\n- [net] atm: update msg_namelen in vcc_recvmsg() (Nikola Pajkovsky) [955222 955223] {CVE-2013-3222}\n- [fs] ext4: prevent race while walking extent tree for fiemap (Lukas Czerner) [960014 692071]\n- [fs] ext4: Fix possibly very long loop in fiemap (Lukas Czerner) [960014 692071]\n- [fs] ext4: make FIEMAP and delayed allocation play well together (Lukas Czerner) [960014 692071]\n- [fs] ext4: handle NULL p_ext in ext4_ext_next_allocated_block() (Lukas Czerner) [960014 692071]\n- [fs] ext4: drop ec_type from the ext4_ext_cache structure (Lukas Czerner) [960014 692071]\n- [fs] afs: export a couple of core functions for AFS write support (Lukas Czerner) [960014 692071]\n- [net] llc: Fix missing msg_namelen update in llc_ui_recvmsg() (Jesper Brouer) [956096 956097] {CVE-2013-3231}\n- [net] tipc: fix info leaks via msg_name in recv_msg/recv_stream (Jesper Brouer) [956148 956149] {CVE-2013-3235}\n- [net] Bluetooth: RFCOMM Fix info leak in ioctl(RFCOMMGETDEVLIST) (Radomir Vrbovsky) [922406 922407] {CVE-2012-6545}\n- [net] Bluetooth: RFCOMM - Fix info leak via getsockname() (Radomir Vrbovsky) [922406 922407] {CVE-2012-6545}\n- [kernel] kmod: avoid deadlock from recursive request_module call (Frantisek Hrbata) [957152 949568]\n- [kernel] wait_for_helper: SIGCHLD from u/s cause use-after-free (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- [kernel] Fix ____call_usermodehelper errs being silently ignored (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- [kernel] wait_for_helper: remove unneeded do_sigaction() (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- [kernel] kmod: avoid deadlock from recursive kmod call (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- [kernel] kmod: make request_module() killable (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n[2.6.18-348.8.1]\n- [ia64] fix KABI breakage on ia64 (Prarit Bhargava) [966878 960783]\n[2.6.18-348.7.1]\n- [pci] intel-iommu: Prev devs with RMRRs from going in SI Domain (Tony Camuso) [957606 839334]", "edition": 4, "modified": "2013-07-10T00:00:00", "published": "2013-07-10T00:00:00", "id": "ELSA-2013-1034", "href": "http://linux.oracle.com/errata/ELSA-2013-1034.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-30T19:22:27", "bulletinFamily": "unix", "cvelist": ["CVE-2013-3231", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-1929", "CVE-2012-6544", "CVE-2013-3222", "CVE-2012-4398", "CVE-2013-0914", "CVE-2013-3235"], "description": "kernel\n[2.6.18-348.12.1.0.1]\n- [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030]\n- [oprofile] export __get_user_pages_fast() function [orabug 14277030]\n- [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030]\n- [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030]\n- [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] Patch shrink_zone to yield during severe mempressure events, avoiding\n hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839]\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203]\n- [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]\n[2.6.18-348.12.1]\n- Revert: [fs] afs: export a couple of core functions for AFS write support (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: drop ec_type from the ext4_ext_cache structure (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: handle NULL p_ext in ext4_ext_next_allocated_block() (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: make FIEMAP and delayed allocation play well together (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: Fix possibly very long loop in fiemap (Lukas Czerner) [960014 692071]\n- Revert: [fs] ext4: prevent race while walking extent tree for fiemap (Lukas Czerner) [960014 692071]\n[2.6.18-348.11.1]\n- Revert: [kernel] kmod: make request_module() killable (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] kmod: avoid deadlock from recursive kmod call (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] wait_for_helper: remove unneeded do_sigaction() (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] Fix ____call_usermodehelper errs being silently ignored (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] wait_for_helper: SIGCHLD from u/s cause use-after-free (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- Revert: [kernel] kmod: avoid deadlock from recursive request_module call (Frantisek Hrbata) [957152 949568]\n- Revert: [x86-64] non lazy sleazy fpu implementation (Prarit Bhargava) [948187 731531]\n- Revert: [i386] add sleazy FPU optimization (Prarit Bhargava) [948187 731531]\n- Revert: [x86] fpu: fix CONFIG_PREEMPT=y corruption of FPU stack (Prarit Bhargava) [948187 731531]\n- Revert: [ia64] fix KABI breakage on ia64 (Prarit Bhargava) [966878 960783]\n[2.6.18-348.10.1]\n- [net] Bluetooth: fix possible info leak in bt_sock_recvmsg() (Radomir Vrbovsky) [955600 955601] {CVE-2013-3224}\n- [net] Bluetooth: HCI & L2CAP information leaks (Jacob Tanenbaum) [922415 922416] {CVE-2012-6544}\n- [misc] signal: use __ARCH_HAS_SA_RESTORER instead of SA_RESTORER (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914}\n- [misc] signal: always clear sa_restorer on execve (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914}\n- [misc] signal: Def __ARCH_HAS_SA_RESTORER for sa_restorer clear (Nikola Pajkovsky) [920503 920504] {CVE-2013-0914}\n- [net] cxgb4: zero out another firmware request struct (Jay Fenlason) [971872 872531]\n- [net] cxgb4: clear out most firmware request structures (Jay Fenlason) [971872 872531]\n- [kernel] Make futex_wait() use an hrtimer for timeout (Prarit Bhargava) [958021 864648]\n[2.6.18-348.9.1]\n- [net] tg3: buffer overflow in VPD firmware parsing (Jacob Tanenbaum) [949939 949940] {CVE-2013-1929}\n- [net] atm: update msg_namelen in vcc_recvmsg() (Nikola Pajkovsky) [955222 955223] {CVE-2013-3222}\n- [fs] ext4: prevent race while walking extent tree for fiemap (Lukas Czerner) [960014 692071]\n- [fs] ext4: Fix possibly very long loop in fiemap (Lukas Czerner) [960014 692071]\n- [fs] ext4: make FIEMAP and delayed allocation play well together (Lukas Czerner) [960014 692071]\n- [fs] ext4: handle NULL p_ext in ext4_ext_next_allocated_block() (Lukas Czerner) [960014 692071]\n- [fs] ext4: drop ec_type from the ext4_ext_cache structure (Lukas Czerner) [960014 692071]\n- [fs] afs: export a couple of core functions for AFS write support (Lukas Czerner) [960014 692071]\n- [net] llc: Fix missing msg_namelen update in llc_ui_recvmsg() (Jesper Brouer) [956096 956097] {CVE-2013-3231}\n- [net] tipc: fix info leaks via msg_name in recv_msg/recv_stream (Jesper Brouer) [956148 956149] {CVE-2013-3235}\n- [net] Bluetooth: RFCOMM Fix info leak in ioctl(RFCOMMGETDEVLIST) (Radomir Vrbovsky) [922406 922407] {CVE-2012-6545}\n- [net] Bluetooth: RFCOMM - Fix info leak via getsockname() (Radomir Vrbovsky) [922406 922407] {CVE-2012-6545}\n- [kernel] kmod: avoid deadlock from recursive request_module call (Frantisek Hrbata) [957152 949568]\n- [kernel] wait_for_helper: SIGCHLD from u/s cause use-after-free (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- [kernel] Fix ____call_usermodehelper errs being silently ignored (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- [kernel] wait_for_helper: remove unneeded do_sigaction() (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- [kernel] kmod: avoid deadlock from recursive kmod call (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n- [kernel] kmod: make request_module() killable (Frantisek Hrbata) [858752 858753] {CVE-2012-4398}\n[2.6.18-348.8.1]\n- [ia64] fix KABI breakage on ia64 (Prarit Bhargava) [966878 960783]\n[2.6.18-348.7.1]\n- [pci] intel-iommu: Prev devs with RMRRs from going in SI Domain (Tony Camuso) [957606 839334]", "edition": 6, "modified": "2013-07-10T00:00:00", "published": "2013-07-10T00:00:00", "id": "ELSA-2013-1034-1", "href": "http://linux.oracle.com/errata/ELSA-2013-1034-1.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:38", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6548", "CVE-2013-3224", "CVE-2013-2852", "CVE-2013-3225", "CVE-2013-3222", "CVE-2013-0914", "CVE-2013-2634"], "description": "kernel-uek\n[2.6.32-400.29.2uek]\n- Bluetooth: RFCOMM - Fix missing msg_namelen update in rfcomm_sock_recvmsg() (Mathias Krause) [Orabug: 17173824] {CVE-2013-3225}\n- Bluetooth: fix possible info leak in bt_sock_recvmsg() (Mathias Krause) [Orabug: 17173824] {CVE-2013-3224}\n- atm: update msg_namelen in vcc_recvmsg() (Mathias Krause) [Orabug: 17173824] {CVE-2013-3222}\n- dcbnl: fix various netlink info leaks (Mathias Krause) [Orabug: 17173824] {CVE-2013-2634}\n- udf: avoid info leak on export (Mathias Krause) [Orabug: 17173824] {CVE-2012-6548}\n- b43: stop format string leaking into error msgs (Kees Cook) [Orabug: 17173824] {CVE-2013-2852}\n- signal: always clear sa_restorer on execve (Kees Cook) [Orabug: 17173824] {CVE-2013-0914}", "edition": 4, "modified": "2013-07-18T00:00:00", "published": "2013-07-18T00:00:00", "id": "ELSA-2013-2537", "href": "http://linux.oracle.com/errata/ELSA-2013-2537.html", "title": "unbreakable enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:35:49", "bulletinFamily": "unix", "cvelist": ["CVE-2013-1767", "CVE-2013-3231", "CVE-2013-3224", "CVE-2012-6545", "CVE-2013-1929", "CVE-2012-6544", "CVE-2013-1773", "CVE-2013-3222", "CVE-2013-0914", "CVE-2013-3235"], "description": "**Issue Overview:**\n\nHeap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via crafted firmware that specifies a long string in the Vital Product Data (VPD) data structure. \n\nUse-after-free vulnerability in the shmem_remount_fs function in mm/shmem.c in the Linux kernel before 3.7.10 allows local users to gain privileges or cause a denial of service (system crash) by remounting a tmpfs filesystem without specifying a required mpol (aka mempolicy) mount option. \n\nThe vcc_recvmsg function in net/atm/common.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. \n\nThe flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call. \n\nThe llc_ui_recvmsg function in net/llc/af_llc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. \n\nnet/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. \n\nBuffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion. \n\nThe Bluetooth RFCOMM implementation in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application. \n\nThe Bluetooth protocol stack in the Linux kernel before 3.6 does not properly initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application that targets the (1) L2CAP or (2) HCI implementation. \n\nThe bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. \n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-debuginfo-common-i686-3.4.48-45.46.amzn1.i686 \n kernel-tools-debuginfo-3.4.48-45.46.amzn1.i686 \n kernel-debuginfo-3.4.48-45.46.amzn1.i686 \n kernel-tools-3.4.48-45.46.amzn1.i686 \n kernel-headers-3.4.48-45.46.amzn1.i686 \n kernel-devel-3.4.48-45.46.amzn1.i686 \n kernel-3.4.48-45.46.amzn1.i686 \n \n noarch: \n kernel-doc-3.4.48-45.46.amzn1.noarch \n \n src: \n kernel-3.4.48-45.46.amzn1.src \n \n x86_64: \n kernel-tools-3.4.48-45.46.amzn1.x86_64 \n kernel-tools-debuginfo-3.4.48-45.46.amzn1.x86_64 \n kernel-debuginfo-3.4.48-45.46.amzn1.x86_64 \n kernel-headers-3.4.48-45.46.amzn1.x86_64 \n kernel-3.4.48-45.46.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-3.4.48-45.46.amzn1.x86_64 \n kernel-devel-3.4.48-45.46.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2013-06-11T22:45:00", "published": "2013-06-11T22:45:00", "id": "ALAS-2013-200", "href": "https://alas.aws.amazon.com/ALAS-2013-200.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}]}