ID OPENVAS:1361412562310123920 Type openvas Reporter Eero Volotinen Modified 2018-09-28T00:00:00
Description
Oracle Linux Local Security Checks ELSA-2012-2014
###############################################################################
# OpenVAS Vulnerability Test
# $Id: ELSA-2012-2014.nasl 11688 2018-09-28 13:36:28Z cfischer $
#
# Oracle Linux Local Check
#
# Authors:
# Eero Volotinen <eero.volotinen@solinor.com>
#
# Copyright:
# Copyright (c) 2015 Eero Volotinen, http://solinor.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.123920");
script_version("$Revision: 11688 $");
script_tag(name:"creation_date", value:"2015-10-06 14:10:18 +0300 (Tue, 06 Oct 2015)");
script_tag(name:"last_modification", value:"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $");
script_name("Oracle Linux Local Check: ELSA-2012-2014");
script_tag(name:"insight", value:"ELSA-2012-2014 - Unbreakable Enterprise kernel security update. Please see the references for more insight.");
script_tag(name:"solution", value:"Update the affected packages to the latest available version.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"summary", value:"Oracle Linux Local Security Checks ELSA-2012-2014");
script_xref(name:"URL", value:"http://linux.oracle.com/errata/ELSA-2012-2014.html");
script_cve_id("CVE-2011-4086");
script_tag(name:"cvss_base", value:"4.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_tag(name:"qod_type", value:"package");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/oracle_linux", "ssh/login/release", re:"ssh/login/release=OracleLinux(5|6)");
script_category(ACT_GATHER_INFO);
script_copyright("Eero Volotinen");
script_family("Oracle Linux Local Security Checks");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release) exit(0);
res = "";
if(release == "OracleLinux5")
{
if ((res = isrpmvuln(pkg:"kernel-uek", rpm:"kernel-uek~2.6.32~300.25.1.el5uek", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-debug", rpm:"kernel-uek-debug~2.6.32~300.25.1.el5uek", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-debug-devel", rpm:"kernel-uek-debug-devel~2.6.32~300.25.1.el5uek", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-devel", rpm:"kernel-uek-devel~2.6.32~300.25.1.el5uek", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-doc", rpm:"kernel-uek-doc~2.6.32~300.25.1.el5uek", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-firmware", rpm:"kernel-uek-firmware~2.6.32~300.25.1.el5uek", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-headers", rpm:"kernel-uek-headers~2.6.32~300.25.1.el5uek", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mlnx_en", rpm:"mlnx_en~2.6.32~300.25.1.el5uek~1.5.7~2", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mlnx_en", rpm:"mlnx_en~2.6.32~300.25.1.el5uekdebug~1.5.7~2", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ofa", rpm:"ofa~2.6.32~300.25.1.el5uek~1.5.1~4.0.58", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ofa", rpm:"ofa~2.6.32~300.25.1.el5uekdebug~1.5.1~4.0.58", rls:"OracleLinux5")) != NULL) {
security_message(data:res);
exit(0);
}
}
if(release == "OracleLinux6")
{
if ((res = isrpmvuln(pkg:"kernel-uek", rpm:"kernel-uek~2.6.32~300.25.1.el6uek", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-debug", rpm:"kernel-uek-debug~2.6.32~300.25.1.el6uek", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-debug-devel", rpm:"kernel-uek-debug-devel~2.6.32~300.25.1.el6uek", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-devel", rpm:"kernel-uek-devel~2.6.32~300.25.1.el6uek", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-doc", rpm:"kernel-uek-doc~2.6.32~300.25.1.el6uek", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-firmware", rpm:"kernel-uek-firmware~2.6.32~300.25.1.el6uek", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-uek-headers", rpm:"kernel-uek-headers~2.6.32~300.25.1.el6uek", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mlnx_en", rpm:"mlnx_en~2.6.32~300.25.1.el6uek~1.5.7~0.1", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"mlnx_en", rpm:"mlnx_en~2.6.32~300.25.1.el6uekdebug~1.5.7~0.1", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ofa", rpm:"ofa~2.6.32~300.25.1.el6uek~1.5.1~4.0.47", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"ofa", rpm:"ofa~2.6.32~300.25.1.el6uekdebug~1.5.1~4.0.47", rls:"OracleLinux6")) != NULL) {
security_message(data:res);
exit(0);
}
}
if (__pkg_match) exit(99);
exit(0);
{"id": "OPENVAS:1361412562310123920", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle Linux Local Check: ELSA-2012-2014", "description": "Oracle Linux Local Security Checks ELSA-2012-2014", "published": "2015-10-06T00:00:00", "modified": "2018-09-28T00:00:00", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123920", "reporter": "Eero Volotinen", "references": ["http://linux.oracle.com/errata/ELSA-2012-2014.html"], "cvelist": ["CVE-2011-4086"], "lastseen": "2019-05-29T18:36:36", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4086"]}, {"type": "ubuntu", "idList": ["USN-1432-1", "USN-1440-1", "USN-1433-1", "USN-1458-1", "USN-1454-1", "USN-1453-1", "USN-1446-1", "USN-1431-1", "USN-1445-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310123922", "OPENVAS:870627", "OPENVAS:1361412562310123921", "OPENVAS:841001", "OPENVAS:1361412562310120252", "OPENVAS:1361412562310870627", "OPENVAS:841016", "OPENVAS:881093", "OPENVAS:1361412562310841016", "OPENVAS:1361412562310881093"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0107", "ELSA-2012-2013", "ELSA-2012-2014", "ELSA-2012-0862", "ELSA-2012-0571"]}, {"type": "amazon", "idList": ["ALAS-2012-045"]}, {"type": "nessus", "idList": ["FEDORA_2012-1497.NASL", "ORACLELINUX_ELSA-2012-2013.NASL", "FEDORA_2012-1503.NASL", "CENTOS_RHSA-2012-0571.NASL", "ALA_ALAS-2012-45.NASL", "REDHAT-RHSA-2012-0670.NASL", "ORACLELINUX_ELSA-2012-0571.NASL", "ORACLELINUX_ELSA-2012-2014.NASL", "REDHAT-RHSA-2012-0571.NASL", "UBUNTU_USN-1454-1.NASL"]}, {"type": "redhat", "idList": ["RHSA-2012:0107", "RHSA-2012:0571", "RHSA-2012:0670"]}, {"type": "centos", "idList": ["CESA-2012:0107", "CESA-2012:0571"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:28071"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2469-1:2DCF0"]}, {"type": "suse", "idList": ["SUSE-SU-2012:0616-1", "SUSE-SU-2012:0554-2", "SUSE-SU-2012:0554-1"]}], "modified": "2019-05-29T18:36:36", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2019-05-29T18:36:36", "rev": 2}, "vulnersScore": 6.4}, "pluginID": "1361412562310123920", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-2014.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123920\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:18 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-2014\");\n script_tag(name:\"insight\", value:\"ELSA-2012-2014 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-2014\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-2014.html\");\n script_cve_id(\"CVE-2011-4086\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~300.25.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~300.25.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~300.25.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~300.25.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~300.25.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~300.25.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~300.25.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~300.25.1.el5uek~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~300.25.1.el5uekdebug~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~300.25.1.el5uek~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~300.25.1.el5uekdebug~1.5.1~4.0.58\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~300.25.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~300.25.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~300.25.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~300.25.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~300.25.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~300.25.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~300.25.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~300.25.1.el6uek~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~300.25.1.el6uekdebug~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~300.25.1.el6uek~1.5.1~4.0.47\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~300.25.1.el6uekdebug~1.5.1~4.0.47\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "naslFamily": "Oracle Linux Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:51:07", "description": "The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal.", "edition": 6, "cvss3": {}, "published": "2012-07-03T16:40:00", "title": "CVE-2011-4086", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4086"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.2.10"], "id": "CVE-2011-4086", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4086", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-03-17T23:03:45", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4086"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120252", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120252", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-45)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120252\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:21:34 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-45)\");\n script_tag(name:\"insight\", value:\"The journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-45.html\");\n script_cve_id(\"CVE-2011-4086\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.35.14~107.1.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.35.14~107.1.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.35.14~107.1.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.35.14~107.1.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~107.1.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.35.14~107.1.36.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4086"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1454-1", "modified": "2019-03-13T00:00:00", "published": "2012-05-28T00:00:00", "id": "OPENVAS:1361412562310841016", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841016", "type": "openvas", "title": "Ubuntu Update for linux USN-1454-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1454_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1454-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1454-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841016\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-28 11:00:10 +0530 (Mon, 28 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2011-4086\");\n script_xref(name:\"USN\", value:\"1454-1\");\n script_name(\"Ubuntu Update for linux USN-1454-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU8\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1454-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 8.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A flaw was found in the Linux's kernels ext4 file system when mounted with\n a journal. A local, unprivileged user could exploit this flaw to cause a\n denial of service.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-386\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-generic\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-hppa32\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-hppa64\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-itanium\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-lpia\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-lpiacompat\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-mckinley\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-openvz\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-powerpc\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-powerpc-smp\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-powerpc64-smp\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-rt\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-server\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-sparc64\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-sparc64-smp\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-virtual\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-xen\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:19:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4086"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1454-1", "modified": "2017-12-01T00:00:00", "published": "2012-05-28T00:00:00", "id": "OPENVAS:841016", "href": "http://plugins.openvas.org/nasl.php?oid=841016", "type": "openvas", "title": "Ubuntu Update for linux USN-1454-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1454_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1454-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was found in the Linux's kernels ext4 file system when mounted with\n a journal. A local, unprivileged user could exploit this flaw to cause a\n denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1454-1\";\ntag_affected = \"linux on Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1454-1/\");\n script_id(841016);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-28 11:00:10 +0530 (Mon, 28 May 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2011-4086\");\n script_xref(name: \"USN\", value: \"1454-1\");\n script_name(\"Ubuntu Update for linux USN-1454-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-386\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-generic\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-hppa32\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-hppa64\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-itanium\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-lpia\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-lpiacompat\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-mckinley\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-openvz\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-powerpc\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-powerpc-smp\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-powerpc64-smp\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-rt\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-server\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-sparc64\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-sparc64-smp\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-virtual\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.24-31-xen\", ver:\"2.6.24-31.101\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "Oracle Linux Local Security Checks ELSA-2012-0571", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123922", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123922", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0571", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0571.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123922\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:19 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0571\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0571 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0571\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0571.html\");\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~220.17.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:30", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-07-09T00:00:00", "id": "OPENVAS:1361412562310870627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870627", "type": "openvas", "title": "RedHat Update for kernel RHSA-2012:0571-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2012:0571-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-May/msg00009.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870627\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:35:26 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0571-01\");\n script_name(\"RedHat Update for kernel RHSA-2012:0571-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in the way the Linux kernel's journal_unmap_buffer()\n function handled buffer head states. On systems that have an ext4 file\n system with a journal mounted, a local, unprivileged user could use this\n flaw to cause a denial of service. (CVE-2011-4086, Moderate)\n\n * A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled.\n Calling this ioctl when at least one virtual CPU (VCPU) already existed\n could lead to a NULL pointer dereference later when the VCPU is scheduled\n to run. A local, unprivileged user on a KVM host could use this flaw to\n crash the host. (CVE-2012-1601, Moderate)\n\n This update also fixes several bugs. Documentation for these changes will\n be available shortly from the Technical Notes document linked to in the\n References section.\n\n Users should upgrade to these updated packages, which contain backported\n patches to correct these issues, and fix the bugs noted in the Technical\n Notes. The system must be rebooted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-02T10:57:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "Check for the Version of kernel", "modified": "2017-12-28T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881093", "href": "http://plugins.openvas.org/nasl.php?oid=881093", "type": "openvas", "title": "CentOS Update for kernel CESA-2012:0571 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2012:0571 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A flaw was found in the way the Linux kernel's journal_unmap_buffer()\n function handled buffer head states. On systems that have an ext4 file\n system with a journal mounted, a local, unprivileged user could use this\n flaw to cause a denial of service. (CVE-2011-4086, Moderate)\n \n * A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled.\n Calling this ioctl when at least one virtual CPU (VCPU) already existed\n could lead to a NULL pointer dereference later when the VCPU is scheduled\n to run. A local, unprivileged user on a KVM host could use this flaw to\n crash the host. (CVE-2012-1601, Moderate)\n \n This update also fixes several bugs. Documentation for these changes will\n be available shortly from the Technical Notes document linked to in the\n References section.\n \n Users should upgrade to these updated packages, which contain backported\n patches to correct these issues, and fix the bugs noted in the Technical\n Notes. The system must be rebooted for this update to take effect.\";\n\ntag_affected = \"kernel on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-May/018643.html\");\n script_id(881093);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:07:30 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0571\");\n script_name(\"CentOS Update for kernel CESA-2012:0571 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-18T11:07:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "Check for the Version of kernel", "modified": "2018-01-17T00:00:00", "published": "2012-07-09T00:00:00", "id": "OPENVAS:870627", "href": "http://plugins.openvas.org/nasl.php?oid=870627", "type": "openvas", "title": "RedHat Update for kernel RHSA-2012:0571-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2012:0571-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in the way the Linux kernel's journal_unmap_buffer()\n function handled buffer head states. On systems that have an ext4 file\n system with a journal mounted, a local, unprivileged user could use this\n flaw to cause a denial of service. (CVE-2011-4086, Moderate)\n\n * A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled.\n Calling this ioctl when at least one virtual CPU (VCPU) already existed\n could lead to a NULL pointer dereference later when the VCPU is scheduled\n to run. A local, unprivileged user on a KVM host could use this flaw to\n crash the host. (CVE-2012-1601, Moderate)\n\n This update also fixes several bugs. Documentation for these changes will\n be available shortly from the Technical Notes document linked to in the\n References section.\n\n Users should upgrade to these updated packages, which contain backported\n patches to correct these issues, and fix the bugs noted in the Technical\n Notes. The system must be rebooted for this update to take effect.\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-May/msg00009.html\");\n script_id(870627);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:35:26 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0571-01\");\n script_name(\"RedHat Update for kernel RHSA-2012:0571-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~220.17.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:1361412562310881093", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881093", "type": "openvas", "title": "CentOS Update for kernel CESA-2012:0571 centos6", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2012:0571 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\n\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-May/018643.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881093\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:07:30 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0571\");\n script_name(\"CentOS Update for kernel CESA-2012:0571 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A flaw was found in the way the Linux kernel's journal_unmap_buffer()\n function handled buffer head states. On systems that have an ext4 file\n system with a journal mounted, a local, unprivileged user could use this\n flaw to cause a denial of service. (CVE-2011-4086, Moderate)\n\n * A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled.\n Calling this ioctl when at least one virtual CPU (VCPU) already existed\n could lead to a NULL pointer dereference later when the VCPU is scheduled\n to run. A local, unprivileged user on a KVM host could use this flaw to\n crash the host. (CVE-2012-1601, Moderate)\n\n This update also fixes several bugs. Documentation for these changes will\n be available shortly from the Technical Notes document linked to in the\n References section.\n\n Users should upgrade to these updated packages, which contain backported\n patches to correct these issues, and fix the bugs noted in the Technical\n Notes. The system must be rebooted for this update to take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~220.17.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "Oracle Linux Local Security Checks ELSA-2012-2013", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123921", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123921", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-2013", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-2013.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123921\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:19 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-2013\");\n script_tag(name:\"insight\", value:\"ELSA-2012-2013 - Unbreakable Enterprise kernel security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-2013\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-2013.html\");\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~100.7.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~100.7.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~100.7.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~100.7.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~100.7.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~100.7.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.39~100.7.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.39~100.7.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.39~100.7.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.39~100.7.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.39~100.7.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.39~100.7.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:20:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2123", "CVE-2012-1601", "CVE-2011-4086"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1453-1", "modified": "2017-12-01T00:00:00", "published": "2012-05-28T00:00:00", "id": "OPENVAS:841017", "href": "http://plugins.openvas.org/nasl.php?oid=841017", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-1453-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1453_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-ec2 USN-1453-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw was found in the Linux's kernels ext4 file system when mounted with\n a journal. A local, unprivileged user could exploit this flaw to cause a\n denial of service. (CVE-2011-4086)\n\n A flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual\n cpu setup. An unprivileged local user could exploit this flaw to crash the\n system leading to a denial of service. (CVE-2012-1601)\n\n Steve Grubb reported a flaw with Linux fscaps (file system base\n capabilities) when used to increase the permissions of a process. For\n application on which fscaps are in use a local attacker can disable address\n space randomization to make attacking the process with raised privileges\n easier. (CVE-2012-2123)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1453-1\";\ntag_affected = \"linux-ec2 on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1453-1/\");\n script_id(841017);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-28 11:00:11 +0530 (Mon, 28 May 2012)\");\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\", \"CVE-2012-2123\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1453-1\");\n script_name(\"Ubuntu Update for linux-ec2 USN-1453-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-345-ec2\", ver:\"2.6.32-345.48\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:06", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086"], "description": "kernel-uek:\n[2.6.32-300.25.1.el6uek]\n- jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen)\n [Bugdb: 13871] {CVE-2011-4086}", "edition": 4, "modified": "2012-05-16T00:00:00", "published": "2012-05-16T00:00:00", "id": "ELSA-2012-2014", "href": "http://linux.oracle.com/errata/ELSA-2012-2014.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:45", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "[2.6.39-100.7.1.el6uek]\n- KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi\n Kivity) [Bugdb: 13871] {CVE-2012-1601}\n- jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen)\n [Bugdb: 13871] {CVE-2011-4086}", "edition": 4, "modified": "2012-05-16T00:00:00", "published": "2012-05-16T00:00:00", "id": "ELSA-2012-2013", "href": "http://linux.oracle.com/errata/ELSA-2012-2013.html", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:12", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "[2.6.32-220.17.1.el6]\n- [scsi] fcoe: Do not switch context in vport_delete callback (Neil Horman) [809388 806119]\n[2.6.32-220.16.1.el6]\n- Revert: [x86] Ivy Bridge kernel rdrand support (Jay Fenlason) [800268 696442]\n[2.6.32-220.15.1.el6]\n- [net] SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up() (Steve Dickson) [811299 809928]\n- [char] ipmi: Increase KCS timeouts (Matthew Garrett) [806906 803378]\n- [kernel] sched: Fix ancient race in do_exit() (Frantisek Hrbata) [805457 784758]\n- [scsi] sd: Unmap discard alignment needs to be converted to bytes (Mike Snitzer) [810322 805519]\n- [scsi] sd: Fix VPD buffer allocations (Mike Snitzer) [810322 805519]\n- [x86] Ivy Bridge kernel rdrand support (Jay Fenlason) [800268 696442]\n- [scsi] fix system lock up from scsi error flood (Frantisek Hrbata) [809378 800555]\n- [sound] ALSA: pcm midlevel code - add time check for (Jaroslav Kysela) [801329 798984]\n- [pci] Add pcie_hp=nomsi to disable MSI/MSI-X for pciehp driver (hiro muneda) [807426 728852]\n- [sound] ALSA: enable OSS emulation layer for PCM and mixer (Jaroslav Kysela) [812960 657291]\n- [scsi] qla4xxx: Fixed BFS with sendtargets as boot index (Chad Dupuis) [803881 722297]\n- [fs] nfs: Additional readdir cookie loop information (Steve Dickson) [811135 770250]\n- [fs] NFS: Fix spurious readdir cookie loop messages (Steve Dickson) [811135 770250]\n- [x86] powernow-k8: Fix indexing issue (Frank Arnold) [809391 781566]\n- [x86] powernow-k8: Avoid Pstate MSR accesses on systems supporting CPB (Frank Arnold) [809391 781566]\n- [redhat] spec: Add python-perf-debuginfo subpackage (Josh Boyer) [806859 806859]\n[2.6.32-220.14.1.el6]\n- [net] fix vlan gro path (Jiri Pirko) [810454 720611]\n- [virt] VMX: vmx_set_cr0 expects kvm->srcu locked (Marcelo Tosatti) [808206 807507] {CVE-2012-1601}\n- [virt] KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Marcelo Tosatti) [808206 807507] {CVE-2012-1601}\n- [scsi] fcoe: Move destroy_work to a private work queue (Neil Horman) [809388 806119]\n- [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [749727 748713] {CVE-2011-4086}\n- [net] af_iucv: offer new getsockopt SO_MSGSIZE (Hendrik Brueckner) [804547 786997]\n- [net] af_iucv: performance improvements for new HS transport (Hendrik Brueckner) [804548 786996]\n- [s390x] af_iucv: remove IUCV-pathes completely (Hendrik Brueckner) [807158 786960]\n- [x86] iommu/amd: Fix wrong shift direction (Don Dutile) [809376 781531]\n- [x86] iommu/amd: Don't use MSI address range for DMA addresses (Don Dutile) [809374 781524]\n- [fs] NFSv4: Further reduce the footprint of the idmapper (Steve Dickson) [802852 730045]\n- [fs] NFSv4: Reduce the footprint of the idmapper (Steve Dickson) [802852 730045]\n- [scsi] fcoe: Make fcoe_transport_destroy a synchronous operation (Neil Horman) [809372 771251]\n- [net] ipv4: Constrain UFO fragment sizes to multiples of 8 bytes (Jiri Benc) [809104 797731]\n- [net] ipv4: Don't use ufo handling on later transformed packets (Jiri Benc) [809104 797731]\n- [net] udp: Add UFO to NETIF_F_GSO_SOFTWARE (Jiri Benc) [809104 797731]\n- [fs] nfs: Try using machine credentials for RENEW calls (Sachin Prabhu) [806205 795441]", "edition": 4, "modified": "2012-05-15T00:00:00", "published": "2012-05-15T00:00:00", "id": "ELSA-2012-0571", "href": "http://linux.oracle.com/errata/ELSA-2012-0571.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:45", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4127", "CVE-2012-0207", "CVE-2011-4086", "CVE-2012-0028", "CVE-2011-3638"], "description": "[2.6.18-274.18.1.0.1.el5] \r\n- [net] bonding: fix carrier detect when bond is down (John Haxby) [orabug 13652598]\r\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\r\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\r\n- [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887]\r\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\r\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\r\n [orabug 12342275]\r\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\r\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\r\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\r\n- [scsi] fix scsi hotplug and rescan race [orabug 10260172]\r\n- fix filp_close() race (Joe Jin) [orabug 10335998]\r\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\r\n- [xen] check to see if hypervisor supports memory reservation change\r\n (Chuck Anderson) [orabug 7556514]\r\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\r\n [orabug 10315433]\r\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\r\n- [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839]\r\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\r\n- [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105]\r\n RDS: Fix BUG_ONs to not fire when in a tasklet\r\n ipoib: Fix lockup of the tx queue\r\n RDS: Do not call set_page_dirty() with irqs off (Sherman Pun)\r\n RDS: Properly unmap when getting a remote access error (Tina Yang)\r\n RDS: Fix locking in rds_send_drop_to()\r\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\r\n [orabug 9107465]\r\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\r\n [orabug 9764220]\r\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\r\n- fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro,\r\n Guru Anbalagane) [orabug 6124033]\r\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\r\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\r\n- [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782]\r\n- [loop] Do not call loop_unplug for not configured loop device (orabug 10314497)\r\n \n[2.6.18-274.18.1.el5]\r\n- [misc] Move exit_robust_list to mm_release, null lists on cleanup (Laszlo Ersek) [771774 750283] {CVE-2012-0028}\r\n- [block] disable SG_IO ioctls on virtio-blk devices (Paolo Bonzini) [773322 771592]\r\n- [scsi] fix 32-on-64 block device ioctls (Paolo Bonzini) [752385 752386] {CVE-2011-4127}\r\n- [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752385 752386] {CVE-2011-4127}\r\n- [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752385 752386] {CVE-2011-4127}\r\n- [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752385 752386] {CVE-2011-4127}\r\n- [fs] ext4: fix BUG_ON() in ext4_ext_insert_extent() (Lukas Czerner) [747943 747946] {CVE-2011-3638}\r\n- [scsi] don't fail scans when host is in recovery (Rob Evers) [772162 657345]\r\n- [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [783477 783284] {CVE-2011-4086}\r\n- [net] igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Jiri Pirko) [772868 772869] {CVE-2012-0207}", "edition": 4, "modified": "2012-02-09T00:00:00", "published": "2012-02-09T00:00:00", "id": "ELSA-2012-0107", "href": "http://linux.oracle.com/errata/ELSA-2012-0107.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:31", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2012-2123", "CVE-2012-2119", "CVE-2011-1083", "CVE-2012-1097", "CVE-2011-4127", "CVE-2012-2136", "CVE-2012-2137", "CVE-2012-1601", "CVE-2011-4086", "CVE-2012-1179", "CVE-2012-2121", "CVE-2012-2372"], "description": "[2.6.32-279.el6]\n- [netdrv] mlx4: ignore old module parameters (Jay Fenlason) [830553]\n[2.6.32-278.el6]\n- [kernel] sysctl: silence warning about missing strategy for file-max at boot time (Jeff Layton) [803431]\n- [net] sunrpc: make new tcp_max_slot_table_entries sysctl use CTL_UNNUMBERED (Jeff Layton) [803431]\n- [drm] i915: set AUD_CONFIG N_value_index for DisplayPort (Dave Airlie) [747890]\n- [scsi] scsi_lib: fix scsi_io_completions SG_IO error propagation (Mike Snitzer) [827163]\n- [fs] nfs: Fix corrupt read data after short READ from server (Sachin Prabhu) [817738]\n[2.6.32-277.el6]\n- [scsi] be2iscsi: fix dma free size mismatch regression (Mike Christie) [824287]\n- [scsi] libsas: check dev->gone before submitting sata i/o (David Milburn) [824025]\n[2.6.32-276.el6]\n- [net] ipv4/netfilter: TCP and raw fix for ip_route_me_harder (Jiri Benc) [812108]\n[2.6.32-275.el6]\n- [net] bridge: fix broadcast flood regression (Jesper Brouer) [817157]\n- [ipc] mqueue: use correct gfp flags in msg_insert (Doug Ledford) [750260]\n- [security] fix compile error in commoncap.c (Eric Paris) [806726] {CVE-2012-2123}\n- [security] fcaps: clear the same personality flags as suid when fcaps are used (Eric Paris) [806726] {CVE-2012-2123}\n- [fs] proc: Fix vmstat crashing with trap divide error (Larry Woodman) [820507]\n- [net] rds: fix rds-ping inducing kernel panic (Jay Fenlason) [803936] {CVE-2012-2372}\n- [net] sock: validate data_len before allocating skb in sock_alloc_send_pskb() (Jason Wang) [814504] {CVE-2012-2136}\n- [virt] kvm: Fix buffer overflow in kvm_set_irq() (Avi Kivity) [816155] {CVE-2012-2137}\n[2.6.32-274.el6]\n- [net] sunrpc: fix loss of task->tk_status after rpc_delay call in xprt_alloc_slot (Jeff Layton) [822189]\n- [net] sunrpc: suppress page allocation warnings in xprt_alloc_slot() (Jeff Layton) [822189]\n- [net] netfilter: Fix ip_route_me_harder triggering ip_rt_bug (Jiri Benc) [812108]\n- [net] netfilter/tproxy: do not assign timewait sockets to skb->sk (Jiri Benc) [812108]\n- [usb] Dont fail USB3 probe on missing legacy PCI IRQ (Don Zickus) [812254]\n- [usb] Fix handoff when BIOS disables host PCI device (Don Zickus) [812254]\n- [usb] Remove duplicate USB 3.0 hub feature #defines (Don Zickus) [812254]\n- [usb] Set hub depth after USB3 hub reset (Don Zickus) [812254]\n- [usb] xhci: Fix encoding for HS bulk/control NAK rate (Don Zickus) [812254]\n- [usb] Fix issue with USB 3.0 devices after system resume (Don Zickus) [812254]\n- [virt] xenpv: avoid paravirt __pmd in read_pmd_atomic (Andrew Jones) [822697]\n[2.6.32-273.el6]\n- [s390] qeth: remove siga retry for HiperSockets devices (Hendrik Brueckner) [817090]\n- [scsi] lpfc: Changed version number to 8.3.5.68.5p (Rob Evers) [821515]\n- [scsi] lpfc: Fixed system crash due to not providing SCSI error-handling host reset handler (Rob Evers) [821515]\n- [scsi] lpfc: Correct handling of SLI4-port XRI resource-provisioning profile change (Rob Evers) [821515]\n- [scsi] lpfc: Fix driver crash during back-to-back ramp events. (Rob Evers) [821515]\n- [scsi] lpfc: Fixed system panic due to midlayer abort and driver complete race on SCSI cmd (Rob Evers) [821515]\n- [scsi] sd: Fix device removal NULL pointer dereference (Rob Evers) [817853]\n- [md] Add del_timer_sync to mddev_suspend, fixes a panic (Jonathan E Brassow) [818371]\n- [virt] virtio_net: invoke softirqs after __napi_schedule (Michael S. Tsirkin) [819435]\n- [virt] virtio_net: do not reschedule rx refill forever (Michael S. Tsirkin) [819435]\n[2.6.32-272.el6]\n- [md] bitmap: ensure to load bitmap when creating via sysfs (Jes Sorensen) [821329]\n- [infiniband] mlx4: fix RoCE oops (Doug Ledford) [749059]\n- [x86] setup: Add rh_check_supported() (Prarit Bhargava) [821561]\n- [mm] read_pmd_atomic: fix pmd_populate SMP race condition (Andrea Arcangeli) [820762] {CVE-2012-1179}\n- [drm] i915: add Ivy Bridge GT2 Server entries (Dave Airlie) [817926]\n[2.6.32-271.el6]\n- [scsi] qla2xxx: Update version number to 8.04.00.04.06.3-k (Chad Dupuis) [816331]\n- [scsi] qla2xxx: Properly check for current state after the fabric-login request (Chad Dupuis) [816331]\n- [scsi] qla2xxx: Proper completion to scsi-ml for scsi status task_set_full and busy (Chad Dupuis) [816331]\n- [scsi] qla2xxx: Fix reset time out as qla2xxx not ack to reset request (Chad Dupuis) [816331]\n- [scsi] qla2xxx: Block flash access from application when device is initialized for ISP82xx (Chad Dupuis) [816331]\n- [scsi] qla2xxx: Remove resetting memory during device initialization for ISP82xx (Chad Dupuis) [816331]\n- [scsi] qla2xxx: Proper detection of firmware abort error code for ISP82xx (Chad Dupuis) [816331]\n- [scsi] qla2xxx: Additional corrections for ISP83xx support (Chad Dupuis) [816331]\n- [scsi] bfa: remove tech-preview tainting (Rob Evers) [744301]\n- [input] wacom: add support for Cintiq 24HD (Aristeu Rozanski) [773052]\n- [netdrv] bna: remove tech-preview status (Ivan Vecera) [744302]\n- [net] xfrm: impement kabi work-arounds for alg_trunc_len (Jarod Wilson) [768460]\n- [net] xfrm: Add SHA384 and SHA512 HMAC authentication algorithms to XFRM (Jarod Wilson) [768460]\n- [net] xfrm: Use the user specified truncation length in ESP and AH (Jarod Wilson) [768460]\n- [net] xfrm: Store aalg in xfrm_state with a user specified truncation length (Jarod Wilson) [768460]\n- [net] xfrm: Define new XFRM netlink auth attribute with specified truncation bits (Jarod Wilson) [768460]\n- [scsi] bxn2fc: Bumped version to 1.0.11 (Mike Christie) [813065]\n- [scsi] bnx2fc: cleanup task management IO when it times out. (Mike Christie) [813065]\n- [scsi] bnx2fc: Decrememnt io ref count when abort times out (Mike Christie) [813065]\n- [scsi] bnx2fc: Allow FLOGI to be retried when receiving bad responses. (Mike Christie) [813065]\n- [netdrv] be2net: Ignore status of some ioctls during driver load (Ivan Vecera) [818561]\n- [netdrv] be2net: Fix wrong status getting returned for MCC commands (Ivan Vecera) [818561]\n- [netdrv] be2net: Fix traffic stall INTx mode (Ivan Vecera) [818561]\n- [netdrv] be2net: Fix FW download in Lancer (Ivan Vecera) [818561]\n- [netdrv] be2net: enable RSS for ipv6 pkts (Ivan Vecera) [818561]\n- [s390] af_iucv: allow shutdown for HS transport sockets (Hendrik Brueckner) [815273]\n- [infiniband] cxgb4: handle wake up waiters and add check for invalid endpoint (Steve Best) [811023]\n- [drm] radeon: deal with errors from framebuffer init path (Dave Airlie) [736376]\n- [fs] proc: restore 'huge' tag for hugetlb vmas in numa_maps (Larry Woodman) [818746]\n- [fs] proc: teach /proc//numa_maps about transparent hugepages (Larry Woodman) [818746]\n- [fs] proc: break out numa_maps gather_pte_stats() checks (Larry Woodman) [818746]\n- [fs] proc: make /proc//numa_maps gather_stats() take variable page size (Larry Woodman) [818746]\n- [fs] proc: allocate storage for numa_maps statistics once (Larry Woodman) [818746]\n- [fs] proc: make struct proc_maps_private truly private (Larry Woodman) [818746]\n- [fs] proc: move show_numa_map() to fs/proc/task_mmu.c (Larry Woodman) [818746]\n- [mm] mempolicy: declare mpol_to_str() when CONFIG_TMPFS=n (Larry Woodman) [818746]\n- [mm] mempolicy: remove check_huge_range() (Larry Woodman) [818746]\n- [mm] mempolicy: make gather_stats() type-safe and remove forward declaration (Larry Woodman) [818746]\n- [mm] mempolicy: remove MPOL_MF_STATS (Larry Woodman) [818746]\n- [mm] mempolicy: use walk_page_range() instead of custom page table walking code (Larry Woodman) [818746]\n- [mm] mempolicy: export get_vma_policy() (Larry Woodman) [818746]\n- [block] mtip32xx: fix missing mtip32xx.ko in installer initrd (Shyam Iyer) [819947]\n- [input] wacom: add LED support for Cintiq 24HD (Aristeu Rozanski) [808315]\n- [input] wacom: make LED status readable through sysfs (Aristeu Rozanski) [808315]\n- [input] wacom: add LED support for Cintiq 21ux2 (Aristeu Rozanski) [808315]\n- [input] wacom: add interface to control LEDs in Wacom tablets (Aristeu Rozanski) [808315]\n- [vhost] net: fix possible NULL pointer dereference of vq->bufs (Jason Wang) [814288] {CVE-2012-2119}\n- [net] macvtap: validate zerocopy vectors before building skb (Jason Wang) [814288] {CVE-2012-2119}\n- [net] macvtap: set SKBTX_DEV_ZEROCOPY only when skb is built successfully (Jason Wang) [814288] {CVE-2012-2119}\n- [net] macvtap: put zerocopy page when fail to get all requested user pages (Jason Wang) [814288] {CVE-2012-2119}\n- [net] macvtap: fix zerocopy offset calculation when building skb (Jason Wang) [814288] {CVE-2012-2119}\n- [netdrv] be2net: Fix EEH error reset before a flash dump completes (Ivan Vecera) [818568]\n- [netdrv] be2net: cancel be_worker during EEH recovery (Ivan Vecera) [818568]\n- [net] bonding: assign slaves their own vlan_groups (Neil Horman) [804232]\n- [net] vlan: Add helper functions to manage vlans on bonds and slaves (Neil Horman) [804232]\n- [virt] kvm: Fix kvm_arch_vcpu_put() crash with vmm_exclusive=0 (Avi Kivity) [704173]\n[2.6.32-270.el6]\n- [netdrv] be2net: Record receive queue index in skb to aid RPS (Ivan Vecera) [818558]\n- [scsi] bnx2i: Updated version and copyright year (Mike Christie) [816376]\n- [scsi] bnx2i: Added the setting of target can_queue via target_alloc (Mike Christie) [816376]\n- [netdrv] be2net: fix calling __vlan_put_tag() after eth_type_trans() (Ivan Vecera) [815670]\n- [s390] af_iucv: detect down state of HS transport interface (Hendrik Brueckner) [815274]\n- [s390] qeth: Improve OSA Express 4 blkt defaults (Hendrik Brueckner) [808486]\n- [netdrv] ixgbe: Correct Adaptive Interrupt Moderation so that it will change values (Andy Gospodarek) [802837]\n- [mm] x86: Move do_page_fault()s error path under unlikely() (Motohiro Kosaki) [770376]\n- [mm] x86: make pagefault killable (Motohiro Kosaki) [770376]\n- [mm] x86: Handle mm_fault_error() in kernel space (Motohiro Kosaki) [770376]\n- [mm] introduce wait_on_page_locked_killable() (Motohiro Kosaki) [770376]\n- [mm] oom_kill: remove memcg argument from oom_kill_task() (Motohiro Kosaki) [770376]\n- [mm] oom-kill: remove boost_dying_task_prio() (Motohiro Kosaki) [770376]\n- [net] rds: RDS over QLogic hardware fails to work (Jay Fenlason) [797530]\n- [net] netpoll: fix Allow netpoll_setup/cleanup recursion (Herbert Xu) [816034]\n- [netdrv] atl1c: add workaround for issue of bit INTX-disable for MSI interrupt (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: enlarge L1 response waiting timer (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove PHY polling from atl1c_change_mtu (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Disable L0S when no cable link (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: do MAC-reset when PHY link down (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: cancel task when interface closed (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: refine mac address related code (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove code of closing register writable attribution (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: clear WoL status when reset pcie (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: add PHY link event(up/down) patch (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: refine start/enable code for MAC module (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: add function atl1c_power_saving (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove PHY reset/init for link down event (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: update PHY reset related routine (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove PHY polling from atl1c_open (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: refine SERDES-clock related code (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove PHY contrl in atl1c_reset_pcie (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: refine phy-register read/write function (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove REG_PHY_STATUS (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove MDIO_REG_ADDR_MASK in atl1c_mdio_read/write (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: fix WoL(magic) issue for l2cb 1.1 (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: refine atl1c_pcie_patch (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: refine/update ASPM configuration (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: clear bit MASTER_CTRL_CLK_SEL_DIS in atl1c_pcie_patch (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: refine reg definition of REG_MASTER_CTRL (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: clear PCIE error status in atl1c_reset_pcie (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove dmar_dly_cnt and dmaw_dly_cnt (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: update right threshold for TSO (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: add module parameter for l1c_wait_until_idle (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: threshold for ASPM is changed based on chip capability (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: restore max-read-request-size in Device Conrol Register (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: using fixed TXQ configuration for l2cb and l1c (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove dmaw_block (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: correct wrong definition of REG_DMA_CTRL (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: wrong register used to stop TXQ (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove code related to rxq 1/2/3 (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: split 2 32bit registers of TPD to 4 16bit registers (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove SMB/CMB DMA related code (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove VPD register (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove HDS register (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove multiple-RX-Q code (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: update author contact info & company/driver desciption (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: stop using net_device.{base_addr, irq} (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: set ATL1C_WORK_EVENT_RESET bit correctly (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: dont use highprio tx queue (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: set addr_assign_type if random_ether_addr() used (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: ethernet dev_alloc_skb to netdev_alloc_skb (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Remove alloc_etherdev error messages (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Sweep away N/A fw_version dustbunnies from the .get_drvinfo routine (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: add skb frag size accessors (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: use DMA_x_DEVICE and dma_mapping_error with skb_frag_dma_map (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: convert to SKB paged frag API (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Remove unneeded version.h includes from drivers/net/ (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove interrupt.h inclusion from netdevice.h (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: atl1c_resume() is only used when CONFIG_PM_SLEEP is defined (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Use ethtools ethtool_cmd_speed API (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Use full 32 bit speed range in ethtools set_settings (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Fix work event interrupt/task races (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Fix set-but-unused variable (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: fix sparse warnings (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Do not call device_init_wakeup() in atl1c_probe() (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Add missing PCI device ID (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove private #define (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Comment typo fixes for 'descriptor' (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Do not use legacy PCI power management (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Fix hardware type check for enabling OTP CLK (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: make functions static (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Dont check for vlan group before vlan_tx_tag_present (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: avoid some skb->ip_summed initializations (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Remove double test (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: use net_device_stats from struct net_device (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Add AR8151 v2 support and change L0s/L1 routine (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Remove unnecessary returns from void function()s (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove redundant code (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: convert multiple drivers to use netdev_for_each_mc_addr, part3 (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: Add support for Atheros AR8152 and AR8152 (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: use DEFINE_PCI_DEVICE_TABLE() (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: fix assorted typos all over the place (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: use pM to show MAC address (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c:add pci map direction in atl1c_buffer flags (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: remove exceptional & on function name (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: change atl1c_buffer struct and restructure clean atl1c_buffer procedure (Stanislaw Gruszka) [809036]\n- [netdrv] atl1c: duplicate atl1c_get_tpd (Stanislaw Gruszka) [809036]\n- [fs] epoll: clear the tfile_check_list on -ELOOP (Jason Baron) [817140]\n- [fs] epoll: Dont limit non-nested epoll paths (Jason Baron) [817137]\n- [netdrv] tg3: Fix ethtool self tests (John Feeney) [808243 809036]\n- [infiniband] mlx4: check return code and bail on error (Doug Ledford) [749059]\n- [infiniband] mlx4: use locking when walking netdev list (Doug Ledford) [749059]\n- [x86] asm: undo paravirt_patch_template kABI breakage (Rik van Riel) [813682]\n- [fs] cifs: check S_AUTOMOUNT in revalidate (Ian Kent) [786149]\n- [fs] vfs: fix LOOKUP_DIRECTORY not propagated to managed_dentry() (Ian Kent) [786149]\n- [s390x] kdump: Change default action from reipl to stop for on_restart (Hendrik Brueckner) [806152]\n- [s390x] qeth: add missing wake_up call (Hendrik Brueckner) [806151]\n- [s390x] lcs: lcs offline failure (Hendrik Brueckner) [804643]\n- [s390x] ctcmpc: use correct idal word list for ctcmpc (Hendrik Brueckner) [798641]\n- [s390x] dasd: fix fixpoint divide exception in define_extent (Hendrik Brueckner) [798002]\n- [s390x] mm: prevent memory zone interleave (Hendrik Brueckner) [797936]\n- [s390x] qeth: synchronize discipline module loading (Hendrik Brueckner) [795462]\n- [powerpc] perf: Check current->mm in read_user_stack_slow (Steve Best) [804569]\n- [powerpc] perf: Disable pagefaults during callchain stack read (Jiri Olsa) [804569]\n- [tools] selftests: mqueue mq_perf_tests checkpatch fixes (Doug Ledford) [750260]\n- [ipc] mqueue: strengthen checks on mqueue creation fix (Doug Ledford) [750260]\n- [misc] rbtree: backport rb_init_node() (Doug Ledford) [750260]\n- [tools] selftests: add mq_perf_tests (Doug Ledford) [750260]\n- [tools] selftests: add mq_open_tests (Doug Ledford) [750260]\n- [ipc] mqueue: strengthen checks on mqueue creation (Doug Ledford) [750260]\n- [ipc] mqueue: correct mq_attr_ok test (Doug Ledford) [750260]\n- [ipc] mqueue: improve performance of send/recv (Doug Ledford) [750260]\n- [watchdog] iTCO_wdt: default SMI clearing to old behaviour (Prarit Bhargava) [727875 811324]\n- [watchdog] iTCO_wdt: problems with newer hardware due to SMI clearing (Prarit Bhargava) [727875 811324]\n- [sound] alsa: fix Conexant CX20561 audio mute functionality (Jaroslav Kysela) [816569]\n- [s390] kdump: Use 4 GiB for KEXEC_AUTO_THRESHOLD (Hendrik Brueckner) [815599]\n- [net] bonding: verify for NULL when getting bridge from bond_dev->br_port (Veaceslav Falico) [816034 817145]\n- [md] dm-mpath: only try to load the scsi_dh module if the scsi_dh doesnt exist (Mike Snitzer) [788591]\n- [virt] kvm/svm: handle adjustment of negative tsc offsets (Marcelo Tosatti) [817236]\n- [netdrv] be2net: fix programming of VLAN tags for VF (Ivan Vecera) [816013]\n- [scsi] isci: End the RNC resumption wait when the RNC is destroyed. (David Milburn) [809954]\n- [scsi] isci: Fixed RNC bug that lost the suspension or resumption during destroy (David Milburn) [809954]\n- [scsi] isci: Fix RNC AWAIT_SUSPENSION->INVALIDATING transition. (David Milburn) [809954]\n- [scsi] isci: Manage the IREQ_NO_AUTO_FREE_TAG under scic_lock. (David Milburn) [809954]\n- [scsi] isci: Remove obviated host callback list. (David Milburn) [809954]\n- [scsi] isci: Check IDEV_GONE before performing abort path operations. (David Milburn) [809954]\n- [scsi] isci: Restore the ATAPI device RNC management code. (David Milburn) [809954]\n- [scsi] isci: Dont wait for an RNC suspend if its being destroyed. (David Milburn) [809954]\n- [scsi] isci: Change the phy control and link reset interface for HW reasons. (David Milburn) [809954]\n- [scsi] isci: Added timeouts to RNC suspensions in the abort path. (David Milburn) [809954]\n- [scsi] isci: Add protocol indicator for TMF requests. (David Milburn) [809954]\n- [scsi] isci: Directly control IREQ_ABORT_PATH_ACTIVE when completing TMFs. (David Milburn) [809954]\n- [scsi] isci: Wait for RNC resumption before leaving the abort path. (David Milburn) [809954]\n- [scsi] isci: Fix RNC suspend call for SCI_RESUMING state. (David Milburn) [809954]\n- [scsi] isci: Manage tag releases differently when aborting tasks. (David Milburn) [809954]\n- [scsi] isci: Callbacks to libsas occur under scic_lock and are synchronized. (David Milburn) [809954]\n- [scsi] isci: When in the abort path, defeat other resume calls until done. (David Milburn) [809954]\n- [scsi] isci: Implement waiting for suspend in the abort path. (David Milburn) [809954]\n- [scsi] isci: Make sure all TCs are terminated and cleaned in LUN reset. (David Milburn) [809954]\n- [scsi] isci: Manage the LLHANG timer enable/disable per-device. (David Milburn) [809954]\n- [scsi] isci: Save the suspension hint for upcoming suspensions. (David Milburn) [809954]\n- [scsi] isci: Fix the terminated I/O to not call sas_task_abort(). (David Milburn) [809954]\n- [scsi] isci: Distinguish between remote device suspension cases (David Milburn) [809954]\n- [scsi] isci: Remove isci_device reqs_in_process and dev_node from isci_device. (David Milburn) [809954]\n- [scsi] isci: Only set IDEV_GONE in the device stop path. (David Milburn) [809954]\n- [scsi] isci: All pending TCs are terminated when the RNC is invalidated. (David Milburn) [809954]\n- [scsi] isci: Device access in the error path does not depend on IDEV_GONE. (David Milburn) [809954]\n- [scsi] isci: Add suspension cases for RNC INVALIDATING, POSTING states. (David Milburn) [809954]\n- [scsi] isci: Redesign device suspension, abort, cleanup. (David Milburn) [809954]\n- [scsi] isci: Escalate to I_T_Nexus_Reset when the device is gone. (David Milburn) [809954]\n- [scsi] isci: Remote device stop also suspends the RNC and terminates I/O. (David Milburn) [809954]\n- [scsi] isci: Remote device must be suspended for NCQ cleanup. (David Milburn) [809954]\n- [scsi] isci: Manage device suspensions during TC terminations. (David Milburn) [809954]\n- [scsi] isci: Terminate outstanding TCs on TX/RX RNC suspensions. (David Milburn) [809954]\n- [scsi] isci: Handle all suspending TC completions (David Milburn) [809954]\n- [scsi] isci: Fixed bug in resumption from RNC Tx/Rx suspend state. (David Milburn) [809954]\n- [scsi] isci: Manage the link layer hang detect timer for RNC suspensions. (David Milburn) [809954]\n[2.6.32-269.el6]\n- [x86] Revert: kdump: No need to disable ioapic in crash path (Don Zickus) [815785]\n- [mm] mempolicy: do_migrate_pages cleanup (Larry Woodman) [801904]\n- [mm] mempolicy: do_migrate_pages fix (Larry Woodman) [801904]\n- [ata] ahci: add another PCI ID for marvell (David Milburn) [813365]\n- [ata] ahci: recognize Marvell 88se9125 PCIe SATA 6.0 Gb/s controller (David Milburn) [813365]\n- [ata] ahci: HFLAG_YES_FBS fix legacy IDE interface (David Milburn) [813365]\n- [ata] ahci: add HFLAG_YES_FBS and apply it to 88SE9128 (David Milburn) [813365]\n- [sound] alsa: enable OSS emulation in rhel configuration (Jaroslav Kysela) [657291]\n- [sound] alsa: add probe_mask=0x101 automatically for WinFast VP200 H (Jaroslav Kysela) [805658]\n- [target] fcoe: Remove printk message from ft_dump_cmd (Neil Horman) [813678]\n- [scsi] be2iscsi: fix bh use in alloc pdu path (Mike Christie) [813550]\n- [scsi] libsas: fix sas port naming (David Milburn) [759210]\n- [scsi] libsas: fix panic when single phy is disabled on a wide port (David Milburn) [759210]\n- [scsi] isci: firmware update to latest firmware generator (David Milburn) [759210]\n- [scsi] isci: enable BCN in sci_port_add_phy() (David Milburn) [759210]\n- [scsi] isci: Changes in COMSAS timings enabling ISCI to detect buggy disc drives (David Milburn) [759210]\n- [scsi] isci: implement suspend/resume support (David Milburn) [759210]\n- [scsi] isci: kill isci_host.shost (David Milburn) [759210]\n- [scsi] isci: fix interrupt disable (David Milburn) [759210]\n- [scsi] isci: fix 'link-up' events occur after 'start-complete' (David Milburn) [759210]\n- [scsi] isci: fix controller stop (David Milburn) [759210]\n- [scsi] isci: refactor initialization for S3/S4 (David Milburn) [759210]\n- [scsi] isci: kill isci_port.domain_dev_list (David Milburn) [759210]\n- [scsi] isci: kill ->status, and ->state_lock in isci_host (David Milburn) [759210]\n- [scsi] isci: Dont filter BROADCAST CHANGE primitives (David Milburn) [759210]\n- [scsi] isci: kill sci_phy_protocol and sci_request_protocol (David Milburn) [759210]\n- [scsi] isci: kill ->is_direct_attached (David Milburn) [759210]\n- [scsi] isci: improve 'invalid state' warnings (David Milburn) [759210]\n- [scsi] libsas: suspend / resume support (David Milburn) [759210]\n- [ata] libsas: drop sata port multiplier infrastructure (David Milburn) [759210]\n- [ata] libata: export ata_port suspend/resume infrastructure for sas (David Milburn) [759210]\n- [net] bonding: 802.3ad - fix agg_device_up (Veaceslav Falico) [806081]\n- [netdrv] mlx4_core: fix race on comm channel (Jay Fenlason) [808926]\n- [scsi] libfc: cache align struct fc_fcp_pkt fields (Neil Horman) [815984]\n- [scsi] libfc: cache align fc_exch_pool (Neil Horman) [815984]\n- [scsi] fcoe: setup default initial value for DDP threshold (Neil Horman) [815984]\n- [virt] virtio_console: tell host of open ports after resume from s3/s4 (Amit Shah) [816099]\n- [scsi] st: fix memory leak with 1MB tape I/O (David Milburn) [811703]\n- [drm] i915: Dont do MTRR setup if PAT is enabled (Adam Jackson) [802539]\n- [scsi] device_handler: Add Netapp storage array to rdac array list (Rob Evers) [811364]\n- [netdrv] cnic: Fix parity error code conflict (Mike Christie) [808619]\n- [sound] alsa: Fix No sound with Conexant CX20585 / Recording fails (Jaroslav Kysela) [798923]\n- [kernel] default to clocksource unstable switching off (Prarit Bhargava) [804535]\n- [x86] Backout X86_FEATURE_ARAT checks in hpet initialization (Prarit Bhargava) [804535]\n- [kernel] clocksource: Make watchdog robust vs. interruption (Prarit Bhargava) [804535]\n- [fs] cifs: Show various mount options in /proc/mounts (Sachin Prabhu) [815751]\n- [ata] libata: make ata_print_id atomic numbering fix (David Milburn) [815861]\n- [md] raid1: Dont set 'fullsync' unnecessarily (Jonathan E Brassow) [813948]\n- [md] dm-raid: Record and handle missing devices. (Jonathan E Brassow) [809231]\n- [md] dm-raid: Set recovery flags on resume. (Jonathan E Brassow) [811669]\n- [netdrv] bnx2x: changed initial dcb configuration (Michal Schmidt) [812612]\n- [netdrv] tg3: Fix NVRAM writes on newer devices (John Feeney) [808617]\n[2.6.32-268.el6]\n- [x86] efi: Remove unnecessary error message (Matthew Garrett) [788428]\n- [hid] wacom: Add serial and id reporting for Wacom Intuos4 WL (Aristeu Rozanski) [769676]\n- [hid] wacom: fix proximity tool release (Aristeu Rozanski) [769676]\n- [hid] wacom: report distance for Intuos4 WL (Aristeu Rozanski) [769676]\n- [hid] wacom: Add pad buttons reporting on Intuos4 WL (Aristeu Rozanski) [769676]\n- [hid] wacom: set ABS_MISC bit for Intuos4 WL (Aristeu Rozanski) [769676]\n- [hid] wacom: introduce support for Intuos4 bluetooth (Aristeu Rozanski) [769676]\n- [hid] wacom: introduce sysfs interface to control the device reporting speed (Aristeu Rozanski) [769676]\n- [hid] wacom: separate mode switching function (Aristeu Rozanski) [769676]\n- [hid] wacom: add missing events for pad buttons (Aristeu Rozanski) [769676]\n- [bluetooth] hidp: implement raw output support for HIDP layer (Aristeu Rozanski) [769676]\n- [fs] nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) (J. Bruce Fields) [813070]\n- [fs] nfsd: rename 'int access' to 'int may_flags' in nfsd_open() (J. Bruce Fields) [813070]\n- [fs] ext4: return 32/64-bit dir name hash according to usage type (J. Bruce Fields) [813070]\n- [fs] add new FMODE flags FMODE_32bithash and FMODE_64bithash (J. Bruce Fields) [813070]\n- [fs] nfsd: Remove check for a 32-bit cookie in nfsd4_readdir() (J. Bruce Fields) [813070]\n- [net] bonding: remove entries for master_ip and vlan_ip and query devices instead (Andy Gospodarek) [810299]\n- [net] netfilter: place conntrack in source hash after SNAT is done (Neil Horman) [740747]\n- [netdrv] tg3: Fix RSS ring refill race condition (John Feeney) [808247]\n- [scsi] Revert: rdac: Add dynamic match to rdac handler (Jarod Wilson) [811364]\n[2.6.32-267.el6]\n- [x86] therm_throt: Dont report power limit and package level thermal throttle events in mcelog (Naoya Horiguchi) [803913]\n- [x86] Use this_cpu_has for thermal_interrupt current cpu (Naoya Horiguchi) [803913]\n- [x86] percpu: add this_cpu_has() macro (Naoya Horiguchi) [803913]\n- [virt] KVM: lock slots_lock around device assignment (Alex Williamson) [811653]\n- [virt] kvm: unmap pages from the iommu when slots are removed (Alex Williamson) [811653] {CVE-2012-2121}\n- [scsi] fix eh wakeup (scsi_schedule_eh vs scsi_restart_operations) (David Milburn) [798776]\n- [scsi] libsas, libata: fix start of life for a sas ata_port (David Milburn) [798776]\n- [scsi] libsas: continue revalidation (David Milburn) [798776]\n- [ata] libata: make ata_print_id atomic (David Milburn) [798776]\n- [scsi] libsas: fix ata_eh clobbering ex_phys via smp_ata_check_ready (David Milburn) [798776]\n- [scsi] libsas: fix false positive 'device attached' conditions (David Milburn) [798776]\n- [scsi] libsas: unify domain_device sas_rphy lifetimes (David Milburn) [798776]\n- [scsi] scsi_transport_sas: fix delete vs scan race (David Milburn) [798776]\n- [ata] libata: reset once (David Milburn) [798776]\n- [scsi] libsas: fix sas_get_port_device regression (David Milburn) [798776]\n- [scsi] libsas: sas_rediscover_dev did not look at the SMP exec status. (David Milburn) [798776]\n- [scsi] libsas: fix sas_find_bcast_phy() in the presence of 'vacant' phys (David Milburn) [798776]\n- [scsi] libsas: trim sas_task of slow path infrastructure (David Milburn) [798776]\n- [scsi] isci: use sas eh strategy handlers (David Milburn) [798776]\n- [scsi] libsas: use ->lldd_I_T_nexus_reset for ->eh_bus_reset_handler (David Milburn) [798776]\n- [scsi] libsas: add sas_eh_abort_handler (David Milburn) [798776]\n- [scsi] libsas: enforce eh strategy handlers only in eh context (David Milburn) [798776]\n- [scsi] libata, libsas: introduce sched_eh and end_eh port ops (David Milburn) [798776]\n- [scsi] libsas: cleanup spurious calls to scsi_schedule_eh (David Milburn) [798776]\n- [scsi] libsas: introduce sas_work to fix sas_drain_work vs sas_queue_work (David Milburn) [798776]\n- [net] fib: fix BUG_ON in fib_nl_newrule when add new fib rule (Weiping Pan) [814059]\n- [scsi] isci: fix oem parameter validation on single controller skus (David Milburn) [812415]\n- [x86] tsc: Dont divide by zero if TSC kHz calibration fails (Richard W.M. Jones) [813413]\n- [x86] Avoid check hlt for newer cpus (Don Zickus) [812439]\n[2.6.32-266.el6]\n- [virt] kvm: Allow adjust_tsc_offset to be in host or guest cycles (Frank Arnold) [807215]\n- [virt] Revert: x86: Make tsc_delta calculation a function of guest tsc (Frank Arnold) [807215]\n- [scsi] lpfc: Update lpfc version for 8.3.5.68.2p driver release (Rob Evers) [810522]\n- [scsi] lpfc: Fix bug with mailbox handling of REG_VFI (Rob Evers) [810522]\n- [scsi] lpfc: flush PCI function reset register write (Rob Evers) [810522]\n- [scsi] lpfc: Fixed system panic when extents enabled (Rob Evers) [810522]\n- [scsi] lpfc: Fixed the system panic during EEH recovery (Rob Evers) [810522]\n- [scsi] lpfc: Fix resource leak when acc fails (Rob Evers) [810522]\n- [scsi] lpfc: Fixed SLI4 driver module load and unload test loop (Rob Evers) [810522]\n- [scsi] lpfc: Fixed missing CVL event (Rob Evers) [810522]\n- [scsi] lpfc: Fix deadlock during adapter offline request (Rob Evers) [810522]\n- [scsi] lpfc: Fix same RPI registered multiple times (Rob Evers) [810522]\n- [scsi] lpfc: Fix handling of XRI Aborted CQE response (Rob Evers) [810522]\n- [scsi] lpfc: Fixed failure handling SLI4 FC port reset (Rob Evers) [810522]\n- [scsi] lpfc: Fix not sending a LOGO with vport delete (Rob Evers) [810522]\n- [scsi] lpfc: Fix for SLI4 Port delivery for BLS ABORT ACC (Rob Evers) [810522]\n- [scsi] lpfc: Fix ndlp list not empty during unloading (Rob Evers) [810522]\n- [scsi] lpfc: Fix mailbox and vpi memory leaks (Rob Evers) [810522]\n- [scsi] lpfc: create char device to take a reference (Rob Evers) [810522]\n- [scsi] lpfc: Fix for FDISC failures (Rob Evers) [810522]\n- [scsi] lpfc: Fix for driver using duplicate RPIs (Rob Evers) [810522]\n- [scsi] lpfc: Fix discovery problem when in pt2pt (Rob Evers) [810522]\n- [scsi] lpfc: Fixed handling large CQ/EQ ids in an IOV env (Rob Evers) [810522]\n- [scsi] lpfc: Fix Locking code raising IRQ twice (Rob Evers) [810522]\n- [scsi] lpfc: Fix not returning when bad ndlp found (Rob Evers) [810522]\n- [scsi] lpfc: Fix bug with driver returning the wrong ndlp (Rob Evers) [810522]\n- [scsi] lpfc: Fix driver behavior when receiving an ADISC (Rob Evers) [810522]\n- [scsi] lpfc: Fixed unbounded firmware revision string (Rob Evers) [810522]\n- [scsi] lpfc: Fix dump command type 4 using 16Gb FC Adapter (Rob Evers) [810522]\n- [scsi] lpfc: Fix port not reset when needed during fw_dump (Rob Evers) [810522]\n- [scsi] lpfc: Fix ELS FDISC failing local rej./inv. RPI (Rob Evers) [810522]\n- [scsi] lpfc: Fix SLI4 FC port internal loopback (Rob Evers) [810522]\n- [scsi] lpfc: Fix REG_RPI fails on SLI4 HBA (Rob Evers) [810522]\n- [scsi] lpfc: Fix els command using 16Gb FC Adapter (Rob Evers) [810522]\n- [scsi] lpfc: Fix NMI seen due to CQE starvation (Rob Evers) [810522]\n- [scsi] lpfc: Fixed SLI4 FC port obtained link-type/num (Rob Evers) [810522]\n- [scsi] lpfc: Fixed SLI4 FC port int. loopback without SFP (Rob Evers) [810522]\n- [scsi] lpfc: Fix incorrect fcpCdb during scsi command prep (Rob Evers) [810522]\n- [drm] i915: Do not set 'Enable Panel Fitter' on SNB pageflips (Adam Jackson) [731632]\n- [drm] radeon: fix load detect on rn50 with hardcoded EDIDs. (Dave Airlie) [813962]\n- [fs] ext4: change return value from int to ssize_t in ext4_file_write (Eric Sandeen) [814302]\n- [netdrv] iwlwifi: add option to disable 5GHz band (Stanislaw Gruszka) [812259]\n- [scsi] rdac: Add dynamic match to rdac handler (Rob Evers) [811364]\n- [virt] xenfv: fix hangs when kdumping (Andrew Jones) [811815]\n- [netdrv] mlx4: allocate just enough pages instead of always 4 pages (Steve Best) [812470]\n- [mm] Prevent panic while reading /proc/vmallocinfo (Larry Woodman) [767889]\n[2.6.32-265.el6]\n- [fs] GFS2: Instruct DLM to avoid queue convert slowdowns (Robert S Peterson) [799165]\n- [fs] GFS2: Allow caching of rindex glock (Robert S Peterson) [799165]\n- [fs] GFS2: Dont use a try lock when promoting to a higher mode (Robert S Peterson) [799165]\n- [fs] GFS2: Make sure rindex is uptodate before starting transactions (Robert S Peterson) [799165]\n- [netdrv] p54spi: Release GPIO lines and IRQ on error in p54spi_probe (John Linville) [808571]\n- [netdrv] iwlwifi: always monitor for stuck queues (John Linville) [808571]\n- [netdrv] rt2x00: Add support for D-Link DWA-127 to rt2800usb (John Linville) [808571]\n- [netdrv] iwl3945: fix possible il->txq NULL pointer dereference in delayed works (John Linville) [808571]\n- [netdrv] rt2x00: fix random stalls (John Linville) [808571]\n- [netdrv] iwlwifi: fix key removal (John Linville) [808571]\n- [netdrv] ath9k_hw: prevent writes to const data on AR9160 (John Linville) [808571]\n- [net] mac80211: zero initialize count field in ieee80211_tx_rate (John Linville) [808571]\n- [netdrv] ath9k: stop on rates with idx -1 in ath9k rate controls .tx_status (John Linville) [808571]\n- [net] mac80211: Fix a rwlock bad magic bug (John Linville) [808571]\n- [net] mac80211: timeout a single frame in the rx reorder buffer (John Linville) [808571]\n- [netdrv] ath9k_hw: fix a RTS/CTS timeout regression (John Linville) [808571]\n- [netdrv] ath9k: fix a WEP crypto related regression (John Linville) [808571]\n- [netdrv] ath9k: Fix kernel panic during driver initilization (John Linville) [808571]\n- [netdrv] bnx2x: fix memory leak in bnx2x_init_firmware() (Michal Schmidt) [811231]\n- [netdrv] bnx2x: fix a crash on corrupt firmware file (Michal Schmidt) [811231]\n- [netdrv] bnx2x: FCoE statistics id fixed (Michal Schmidt) [811231]\n- [netdrv] bnx2x: dcb bit indices flags used as bits (Michal Schmidt) [811231]\n- [netdrv] bnx2x: added cpu_to_le16 when preparing ramrods data (Michal Schmidt) [811231]\n- [netdrv] bnx2x: pfc statistics counts pfc events twice (Michal Schmidt) [811231]\n- [fs] dlm: fix QUECVT when convert queue is empty (David Teigland) [809986]\n- [netdrv] bnx2x: correction to firmware interface (Michal Schmidt) [810296]\n[2.6.32-264.el6]\n- [net] Fix netdevice reference leak (Thomas Graf) [719600]\n[2.6.32-263.el6]\n- [net] ipmr: Enable multiple multicast routing tables (Thomas Graf) [631984]\n- [net] ipmr: Dont leak memory if fib lookup fails (Thomas Graf) [631984]\n- [net] ipmr: dont corrupt lists (Thomas Graf) [631984]\n- [net] ipmr: off by one in __ipmr_fill_mroute() (Thomas Graf) [631984]\n- [net] IPv4: unresolved multicast route cleanup (Thomas Graf) [631984]\n- [net] ipmr: add support for dumping routing tables over netlink (Thomas Graf) [631984]\n- [net] rtnetlink: decouple rtnetlink address families from real address families (Thomas Graf) [631984]\n- [net] ipv4: ipmr: fix NULL pointer deref during unres queue destruction (Thomas Graf) [631984]\n- [net] ipv4: ipmr: fix invalid cache resolving when adding a non-matching entry (Thomas Graf) [631984]\n- [net] ipv4: ipmr: support multiple tables (Thomas Graf) [631984]\n- [net] ipv4: ipmr: move mroute data into seperate structure (Thomas Graf) [631984]\n- [net] ipv4: ipmr: convert struct mfc_cache to struct list_head (Thomas Graf) [631984]\n- [net] ipv4: ipmr: remove net pointer from struct mfc_cache (Thomas Graf) [631984]\n- [net] ipv4: ipmr: move unres_queue and timer to per-namespace data (Thomas Graf) [631984]\n- [net] fib_rules: decouple address families from real address families (Thomas Graf) [631984]\n- [net] fib_rules: set family in fib_rule_hdr centrally (Thomas Graf) [631984]\n- [net] fib_rules: consolidate IPv4 and DECnet ->default_pref() functions (Thomas Graf) [631984]\n- [net] ipmr/ip6mr: prevent out-of-bounds vif_table access (Thomas Graf) [631984]\n- [fs] direct-io.c: fix truncation error in dio_complete() return (Vivek Goyal) [783992]\n- [net] add sysctl to accept packets with local source addresses (Weiping Pan) [719600]\n- [scsi] Model description fixes for Brocade adapters (Rob Evers) [808558]\n- [x86] kdump: No need to disable ioapic in crash path (Don Zickus) [783322]\n- [kernel] uevent: send events in correct order according to seqnum (Naoya Horiguchi) [801694]\n- [net] SUNRPC: We must not use list_for_each_entry_safe() in rpc_wake_up() (Steve Dickson) [809928]\n- [mm] Fix race in process_vm_rw_core (Kyle McMartin) [739136]\n- [mm] Backport Cross Memory Attach patch from upstream (Larry Woodman) [739136]\n- [drm] enable CONFIG_VGA_SWITCHEROO (Dave Airlie) [632635]\n[2.6.32-262.el6]\n- [net] bonding: send igmp report for its master (Weiping Pan) [797780]\n- [net] allow to get master bridge device for bridge port (Weiping Pan) [797780]\n- [s390x] zcrypt: Fix parameter checking for ZSECSENDCPRB ioctl (Hendrik Brueckner) [808487]\n- [net] fix vlan gro path (Jiri Pirko) [720611]\n- [net] bonding: emit event when bonding changes MAC (Veaceslav Falico) [800231]\n- [net] sctp: Fix getsockopt with SCTP_EVENTS regression and allow sctp_event_subscribe to grow (Thomas Graf) [808086]\n- [net] vlan: Avoid broken offload configuration when reorder_hdr is disabled (Michal Schmidt) [781652]\n- [virt] xen: Revert 'xen: mask MTRR feature from guest' (Andrew Jones) [810222]\n[2.6.32-261.el6]\n- [x86] Dont inject GP for non-XSAVE enabled guests (Don Dugger) [705242]\n- [drm] i915: suspend fbdev device around suspend/hibernate (Dave Airlie) [746169]\n- [fs] cifs: Add mount options backupuid and backugid. (Sachin Prabhu) [806336]\n- [kernel] genirq: Respect NUMA node affinity in setup_affinity() (Prarit Bhargava) [788579]\n- [netdrv] iwlwifi: do not nulify ctx->vif on reset (Stanislaw Gruszka) [801730]\n- [virt] VMX: vmx_set_cr0 expects kvm->srcu locked (Marcelo Tosatti) [807507] {CVE-2012-1601}\n- [virt] KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Marcelo Tosatti) [807507] {CVE-2012-1601}\n- [virt] virtio-pci: S3 support (Amit Shah) [803187]\n- [virt] virtio-pci: drop restore_common() (Amit Shah) [803187]\n- [virt] virtio: drop thaw PM operation (Amit Shah) [803187]\n- [virt] virtio: balloon: Allow stats update after restore from S4 (Amit Shah) [803187]\n[2.6.32-260.el6]\n- [scsi] be2iscsi: fix include order (Mike Christie) [738043]\n- [scsi] be2iscsi: Get Port State and Speed of the Adapter (Mike Christie) [738043]\n- [scsi] be2iscsi: adding functionality to change network settings using iscsiadm (Mike Christie) [738043]\n- [scsi] be2iscsi: Adding bsg interface for be2iscsi (Mike Christie) [738043]\n- [scsi] be2iscsi: Get Initiator Name for the iSCSI_Host (Mike Christie) [738043]\n- [scsi] be2iscsi: Return async handle of unknown opcode to free list (Mike Christie) [738043]\n- [scsi] be2iscsi: Check ASYNC PDU Handle corresponds to HDR/DATA Handle (Mike Christie) [738043]\n- [scsi] be2iscsi: Bump the driver Version (Mike Christie) [738043]\n- [scsi] be2iscsi: Update in Copyright information (Mike Christie) [738043]\n- [scsi] be2iscsi: Fix the function return values (Mike Christie) [738043]\n- [scsi] be2iscsi: Code cleanup, removing the goto statement (Mike Christie) [738043]\n- [scsi] be2iscsi: Fix double free of MCCQ info memory (Mike Christie) [738043]\n- [scsi] be2iscsi: Set num_cpu = 1 if pci_enable_msix fails (Mike Christie) [738043]\n- [scsi] be2iscsi:Fix typo function name mismatch (Mike Christie) [738043]\n- [scsi] be2iscsi: Freeing of WRB and SGL Handle in cleanup task (Mike Christie) [738043]\n- [scsi] be2iscsi: WRB Initialization and Failure code path change (Mike Christie) [738043]\n- [scsi] be2iscsi: Fix in ASYNC PDU stitching logic (Mike Christie) [738043]\n- [scsi] be2iscsi: Fix in the Asynchronous Code Path (Mike Christie) [738043]\n- [net] ipv4: Constrain UFO fragment sizes to multiples of 8 bytes (Jiri Benc) [797731]\n- [net] ipv4: Dont use ufo handling on later transformed packets (Jiri Benc) [797731]\n- [net] udp: Add UFO to NETIF_F_GSO_SOFTWARE (Jiri Benc) [797731]\n- [fs] Fix length of buffer copied in __nfs4_get_acl_uncached (Sachin Prabhu) [808036]\n- [net] bond: Make LRO flag follow slave settings (Neil Horman) [794647]\n- [net] make dev_disable_lro use physical device if passed a vlan dev (Andy Gospodarek) [713641]\n- [net] move is_vlan_dev into public header file (Andy Gospodarek) [713641]\n[2.6.32-259.el6]\n- [mm] memcg: fix coalescing uncharge during truncate (Johannes Weiner) [717803]\n- [mm] thp: allow a hwpoisoned head page to be put back to LRU (Dean Nelson) [795574]\n- [block] md: Avoid OOPS when reshaping raid1 to raid0 (Jes Sorensen) [805857]\n- [net] bridge: fix use after free of skb in bridge when netpoll in use (Neil Horman) [769725]\n- [scsi] fcoe: Move destroy_work to a private work queue (Neil Horman) [806119]\n- [virt] xen: only check xen_platform_pci_unplug if hvm (Andrew Jones) [807354]\n[2.6.32-258.el6]\n- [fs] epoll: kabi fixups for epoll limit wakeup paths (Jason Baron) [681689] {CVE-2011-1083}\n- [fs] epoll: limit paths (Jason Baron) [681689] {CVE-2011-1083}\n- [perf] tool: Fix diff command to work with new hists design (Jiri Olsa) [794689]\n- [x86] call restore_sched_clock_state after gs is initialized (Marcelo Tosatti) [803132]\n- [virt] virtio-scsi: fix whitespace in fix TMF use-after-free patch (Paolo Bonzini) [802127]\n- [netdrv] macvtap: add ioctl to modify vnet header size (Michael S. Tsirkin) [789362]\n- [netdrv] firmware: add bnx2x FW 7.2.16 (Michal Schmidt) [798316]\n- [netdrv] cnic: update for FW 7.2.xx (Michal Schmidt) [798316]\n- [netdrv] bnx2fc: HSI dependent changes for 7.2.xx FW (Michal Schmidt) [798316]\n- [netdrv] bnx2x: use FW 7.2.16 (Michal Schmidt) [798316]\n- [fs] GFS2: put glock reference in error patch of read_rindex_entry (Robert S Peterson) [803384]\n- [infiniband] rdmacm: fix initialization bug (Doug Ledford) [805996]\n- [pci] Dont touch ASPM at all when its forcibly disabled (Matthew Garrett) [801877]\n[2.6.32-257.el6]\n- [security] Fix negative key error handling (David Howells) [806393]\n- [char] ipmi: Increase KCS timeouts (Matthew Garrett) [803378]\n- [scsi] cxgb3: Add latest upstream firmware (Neil Horman) [747139]\n- [scsi] cxgb3 driver update to latest upstream (Neil Horman) [747139]\n- [x86] uv_mmrs.h cleanup patch (George Beshers) [737747]\n- [x86] reduce clock calibration time during slave cpu startup (George Beshers) [737747]\n- [x86] uv: Fix uninitialized spinlocks (George Beshers) [737747]\n- [x86] uv: Fix uv_gpa_to_soc_phys_ram() shift (George Beshers) [737747]\n- [x86] UV2: Add accounting for BAU strong nacks (George Beshers) [737747]\n- [x86] UV2: Ack BAU interrupt earlier (George Beshers) [737747]\n- [x86] UV2: Remove stale no-resources test for UV2 BAU (George Beshers) [737747]\n- [x86] UV2: Work around BAU bug (George Beshers) [737747]\n- [x86] UV2: Fix BAU destination timeout initialization (George Beshers) [737747]\n- [x86] UV2: Fix new UV2 hardware by using native UV2 broadcast mode (George Beshers) [737747]\n- [x86] UV: Update Boot messages for SGI UV2 platform (George Beshers) [737747]\n- [x86] UV: Fix UV2 hub part number (George Beshers) [737747]\n- [mm] vmstat.c: cache align vm_stat (George Beshers) [737747]\n- [x86] uv2: Workaround for UV2 Hub bug (George Beshers) [737747]\n- [x86] UV: Remove UV delay in starting slave cpus (George Beshers) [737747]\n- [x86] UV: Clean up uv_mmrs.h (George Beshers) [737747]\n- [net] ehash_size cleanup in tcp (George Beshers) [737748]\n- [x86] print EST-capable warning message only once (George Beshers) [737748]\n- [mm] Overflow computing _hash_mask (George Beshers) [737748]\n- [x86] ACPI: Remove repeated cooling_device messages (George Beshers) [737748]\n- [fs] vfs: fix panic in __d_lookup() (George Beshers) [737748]\n- [x86] Fix bootmem allocator large bitmap (George Beshers) [737748]\n- [net] Limit sysctl_tcp_mem and sysctl_udp_mem initializers (George Beshers) [737748]\n- [mm] alloc_large_system_hash() printk overflow on 16TB boot (George Beshers) [737748]\n- [fs] On a 16TB machine, max_user_watches has an integer overflow (George Beshers) [737748]\n- [fs] allow for more than 2^31 file (George Beshers) [737748]\n- [netdrv] bnx2x: consistent statistics after internal driver reload (Michal Schmidt) [747522]\n- [netdrv] netxen_nic: Sysfs support for firmware dump (Veaceslav Falico) [801653]\n[2.6.32-256.el6]\n- [kernel] sched: Fix ancient race in do_exit() (Motohiro Kosaki) [784758]\n- [virt] xen: initialize platform_pci even if xen_emul_unplug=never (Igor Mammedov) [803239]\n- [virt] virtio-scsi: fix TMF use-after-free (Paolo Bonzini) [802127]\n- [virt] KVM: increase max vcpu count to 160 (Marcelo Tosatti) [748946]\n- [scsi] sd: Unmap discard alignment needs to be converted to bytes (Mike Snitzer) [805519]\n- [scsi] sd: Fix VPD buffer allocations (Mike Snitzer) [805519]\n- [scsi] isci: improvements in driver unloading routine (David Milburn) [805530]\n- [scsi] isci: improve phy event warnings (David Milburn) [805530]\n- [scsi] isci: debug, provide state-enum-to-string conversions (David Milburn) [805530]\n- [scsi] scsi_transport_sas: 'enable' phys on reset (David Milburn) [805530]\n- [scsi] libsas: dont recover end devices attached to disabled phys (David Milburn) [805530]\n- [scsi] libsas: fixup target_port_protocols for expanders that dont report sata (David Milburn) [805530]\n- [scsi] libsas: set attached device type and target protocols for local phys (David Milburn) [805530]\n- [scsi] isci: T10 DIF support (David Milburn) [805530]\n- [scsi] isci: enable clock gating (David Milburn) [805530]\n- [scsi] isci: Fix NULL ptr dereference when no firmware is being loaded (David Milburn) [805530]\n- [fs] Pstore supplies a wrong header to kmsg files (Seiji Aguchi) [804789]\n- [fs] nfs: Try using machine credentials for RENEW calls (Sachin Prabhu) [795441]\n- [kernel] perf/x86/kvm: Fix Host-Only/Guest-Only counting with SVM disabled (Gleb Natapov) [805496]\n[2.6.32-255.el6]\n- [fs] jbd2: clear BH_Delay & BH_Unwritten in journal_unmap_buffer (Eric Sandeen) [748713] {CVE-2011-4086}\n- [kernel] sched: Call tick_check_idle before __irq_enter (George Beshers) [635817]\n- [kernel] sched: Increment cache_nice_tries only on periodic lb (George Beshers) [635817]\n- [cpuidle] menu: fixed wrapping timers at 4.294 seconds (George Beshers) [635817]\n- [kernel] sched: Fix softirq time accounting (George Beshers) [635817]\n- [x86] UV: Lower UV rtc clocksource rating (George Beshers) [635817]\n- [infiniband] mlx4_core: fix bug in modify_cq wrapper for resize flow (Doug Ledford) [801111]\n- [infiniband] mlx4_core: remove buggy sched_queue masking (Doug Ledford) [801111]\n- [infiniband] mlx4_core: Fixing array indexes when setting port types (Doug Ledford) [801111]\n- [infiniband] mlx4: Setting new port types after all interfaces unregistered (Doug Ledford) [801111]\n- [infiniband] mlx4: Replacing pool_lock with mutex (Doug Ledford) [801111]\n- [infiniband] mlx4_core: Do not map BF area if capability is 0 (Doug Ledford) [801111]\n- [infiniband] mlx4: add unicast steering entries to resource_tracker (Doug Ledford) [801111]\n- [infiniband] mlx4: fix QP tree trashing (Doug Ledford) [801111]\n- [infiniband] mlx4: fix buffer overrun (Doug Ledford) [801111]\n- [infiniband] mlx4: Fix kcalloc parameters swapped (Doug Ledford) [801111]\n- [net] net_sched: qdisc_alloc_handle() can be too slow (Jiri Pirko) [785891]\n- [net] RFC3069, private VLAN proxy arp support (Weiping Pan) [786544]\n- [scsi] aio: fix the 'too late munmap()' race (Jeff Moyer) [801528]\n- [scsi] aio: fix io_setup/io_destroy race (Jeff Moyer) [801528]\n- [scsi] aio: fix rcu ioctx lookup (Jeff Moyer) [801528]\n[2.6.32-254.el6]\n- [fs] GFS2: Change truncate page allocation to be GFP_NOFS (Robert S Peterson) [796017]\n- [fs] GFS2: Remove a __GFP_NOFAIL allocation (Robert S Peterson) [796017]\n- [fs] GFS2: flush work when clearing inode (Robert S Peterson) [796017]\n- [scsi] hpsa: change version string (Tomas Henzl) [785262]\n- [scsi] hpsa: rename HPSA_MAX_SCSI_DEVS_PER_HBA (Tomas Henzl) [785262]\n- [scsi] hpsa: update device attributes when they change (Tomas Henzl) [785262]\n- [scsi] hpsa: improve naming on external target device functions (Tomas Henzl) [785262]\n- [scsi] hpsa: eliminate 8 external target limitation (Tomas Henzl) [785262]\n- [scsi] hpsa: fix potential array overflow in hpsa_update_scsi_devices (Tomas Henzl) [785262]\n- [scsi] hpsa: refactor hpsa_figure_bus_target_lun (Tomas Henzl) [785262]\n- [scsi] hpsa: make target and lun match what SCSI REPORT LUNs returns (Tomas Henzl) [785262]\n- [scsi] hpsa: Fix problem with MSA2xxx devices (Tomas Henzl) [785262]\n- [scsi] hpsa: add P2000 to list of shared SAS devices (Tomas Henzl) [785262]\n- [virt] KVM: PMU: Fix raw event check (Gleb Natapov) [803620]\n- [virt] KVM: PMU: warn when pin control is set in eventsel msr (Gleb Natapov) [803620]\n- [virt] x86 emulator: correctly mask pmc index bits in RDPMC instruction emulation (Gleb Natapov) [803620]\n- [powerpc] perf: Fix frequency calculation for overflowing counters (Steve Best) [804608]\n- [security] keys: add a 'logon' key type (David Howells) [788634]\n- [security] KEYS: testing wrong bit for KEY_FLAG_REVOKED (David Howells) [788634]\n- [security] KEYS: Permit key_serial() to be called with a const key pointer (David Howells) [788634]\n- [security] keys: fix user_defined key sparse messages (David Howells) [788634]\n- [security] keys: fix trusted/encrypted keys sparse rcu_assign_pointer messages (David Howells) [788634]\n- [security] KEYS: Add missing smp_rmb() primitives to the keyring search code (David Howells) [788634]\n- [security] KEYS: Make garbage collector nonreentrant under RHEL-6 (David Howells) [788634]\n- [security] KEYS: Correctly destroy key payloads when their keytype is removed (David Howells) [788634]\n- [security] KEYS: The dead key link reaper should be non-reentrant (David Howells) [788634]\n- [security] KEYS: Make the key reaper non-reentrant (David Howells) [788634]\n- [security] KEYS: Move the unreferenced key reaper to the keys garbage collector file (David Howells) [788634]\n- [security] KEYS: __key_link() should use the RCU deref wrapper for keyring payloads (David Howells) [788634]\n- [security] KEYS: keyctl_get_keyring_ID() should create a session keyring if create flag set (David Howells) [788634]\n- [security] KEYS: If install_session_keyring() is given a keyring, it should install it (David Howells) [788634]\n- [security] KEYS: Fix error handling in construct_key_and_link() (David Howells) [788634]\n- [security] KEYS: Dont return EAGAIN to keyctl_assume_authority() (David Howells) [788634]\n- [security] KEYS: Make request_key() and co. return an error for a negative key (David Howells) [788634]\n- [security] KEYS: Improve /proc/keys (David Howells) [788634]\n- [security] KEYS: Add an iovec version of KEYCTL_INSTANTIATE (David Howells) [788634]\n- [security] KEYS: Add a new keyctl op to reject a key with a specified error code (David Howells) [788634]\n- [security] KEYS: Add an RCU payload dereference macro (David Howells) [788634]\n- [security] KEYS: Fix __key_link_end() quota fixup on error (David Howells) [788634]\n- [security] KEYS: Fix up comments in key management code (David Howells) [788634]\n- [security] KEYS: Do some style cleanup in the key management code (David Howells) [788634]\n- [security] KEYS: Dont call up_write() if __key_link_begin() returns an error (David Howells) [788634]\n- [security] Add a dummy printk function for the maintenance of unused printks (David Howells) [788634]\n- [security] KEYS: request_key() should return -ENOKEY if the constructed key is negative (David Howells) [788634]\n- [security] KEYS: Reinstate lost passing of process keyring ID in call_sbin_request_key() (David Howells) [788634]\n- [security] KEYS: Use the variable 'key' in keyctl_describe_key() (David Howells) [788634]\n- [security] KEYS: Make /proc/keys check to see if a key is possessed before security check (David Howells) [788634]\n- [security] KEYS: Authorise keyctl_set_timeout() on a key if we have its authorisation key (David Howells) [788634]\n- [security] KEYS: Propagate error code instead of returning -EINVAL (David Howells) [788634]\n- [security] keyctl_session_to_parent(): use thread_group_empty() to check singlethreadness (David Howells) [788634]\n- [security] KEYS: Do preallocation for __key_link() (David Howells) [788634]\n- [security] KEYS: keyring_serialise_link_sem is only needed for keyring->keyring links (David Howells) [788634]\n- [security] whitespace coding style fixes (David Howells) [788634]\n- [security] key: keyring: fix some code style issues (David Howells) [788634]\n- [security] Fix some coding styles in security/keys/keyring.c (David Howells) [788634]\n- [x86] EFI: Only set regions uncacheable if they support it (Matthew Garrett) [767291]\n- [virt] KVM: Fix fetch fault error code (Avi Kivity) [802453]\n- [netdrv] add myri10ge firmware (Stanislaw Gruszka) [796099]\n- [fs] xfs: fix inode lookup race (Dave Chinner) [796277]\n- [x86] amd: Fix L1i and L2 cache sharing information for AMD family 15h processors (Frank Arnold) [798399]\n- [x86] cache_info: Update calculation of AMD L3 cache indices (Frank Arnold) [798399]\n- [x86] cache_info: Remove bogus free of amd_l3_cache data (Frank Arnold) [798399]\n- [hwmon] k10temp: Add support for Fam15h Bulldozer (Frank Arnold) [798209]\n- [hwmon] k10temp: add support for AMD Family 12h/14h CPUs (Frank Arnold) [798209]\n- [x86] AMD, PCI: Add AMD northbridge PCI device id for CPU families 12h and 14h (Frank Arnold) [798209]\n- [netdrv] pch_gbe: modify Kconfig/Makefile and config-generic (Veaceslav Falico) [728177]\n- [netdrv] pch_gbe: new network driver from upstream (Veaceslav Falico) [728177]\n- [x86] Ivy Bridge kernel rdrand support (Jay Fenlason) [696442]\n[2.6.32-253.el6]\n- [net] gro: more generic L2 header check (Doug Ledford) [789123]\n- [infiniband] IPoIB: Stop lying about hard_header_len and use skb->cb to stash LL addresses (Doug Ledford) [789123]\n- [net] Make qdisc_skb_cb upper size bound explicit (Doug Ledford) [789123]\n- [fs] GFS2: Invalidate directory hash table on inode deallocate (Robert S Peterson) [801171]\n- [fs] GFS2: Fix a use-after-free that coverity spotted (Robert S Peterson) [801171]\n- [kernel] lkdtm: avoid calling lkdtm_do_action() with spinlock held (Prarit Bhargava) [770621]\n- [x86] Fix printk levels for panic, softlockups and stack dumps (Prarit Bhargava) [770621]\n- [kernel] lkdtm.c: fix race when crashpoint is hit multiple times before checking count (Prarit Bhargava) [770621]\n- [kernel] lkdtm: prefix enum constants (Prarit Bhargava) [770621]\n- [kernel] lkdtm: use generic_file_llseek in debugfs (Prarit Bhargava) [770621]\n- [kernel] param: remove unnecessary writable charp (Prarit Bhargava) [770621]\n- [kernel] lktdm: add support for hardlockup, softlockup and hung task crashes (Prarit Bhargava) [770621]\n- [kernel] lkdtm: add debugfs access and loosen KPROBE ties (Prarit Bhargava) [770621]\n- [scsi] aacraid: Fixes kernel oops in 'aac_eh_abort' (Tomas Henzl) [760396]\n- [kernel] sys_poll: fix incorrect type for 'timeout' parameter (Oleg Nesterov) [794681]\n- [kernel] kdump: round up total_size to 128M for crashkernel reserving threshold (Dave Young) [798727]\n- [block] loop: fix partial read infomation leak (Dave Young) [761418]\n- [netdrv] mlx4: Dont show RoCE interfaces if the hpn channel is not installed (Doug Ledford) [753004]\n- [mm] thp: fix pmd_bad() triggering in code paths holding mmap_sem read mode (Andrea Arcangeli) [800328]\n- [target] fix build on i386 (Andy Grover) [765982]\n- [target] Backport from stable-3.2.6 (Andy Grover) [765982]\n[2.6.32-252.el6]\n- [dm] fixing test for NULL pointer testing (Paolo Bonzini) [752380] {CVE-2011-4127}\n- [dm] do not forward ioctls from logical volumes to the underlying device (Paolo Bonzini) [752380] {CVE-2011-4127}\n- [block] fail SCSI passthrough ioctls on partition devices (Paolo Bonzini) [752380] {CVE-2011-4127}\n- [block] add and use scsi_blk_cmd_ioctl (Paolo Bonzini) [752380] {CVE-2011-4127}\n- [kernel] regset: Return -EFAULT, not -EIO, on host-side memory fault (Jerome Marchand) [799213] {CVE-2012-1097}\n- [kernel] regset: Prevent null pointer reference on readonly regsets (Jerome Marchand) [799213] {CVE-2012-1097}\n- [scsi] qla4xxx: update version (Mike Christie) [800664]\n- [scsi] iscsi class: fix gfp use in ping compl and host event (Mike Christie) [800664]\n- [scsi] iscsi if: Removed packed attr from struct iscsi_chap_rec (Mike Christie) [800664]\n- [scsi] iscsi_transport: Added error status code for ping comp event (Mike Christie) [800664]\n- [scsi] fix system lock up from scsi error flood (Neil Horman) [800555]\n- [scsi] libcxgbi: do not print a message when memory allocation fails (Steve Best) [800114]\n- [infiniband] iser: post initial receive buffers before sending the final login request (Mike Christie) [800041]\n- [sound] ALSA: pcm midlevel code - add time check for (Jaroslav Kysela) [798984]\n- [fs] GFS2: call gfs2_write_alloc_required for each fallocate chunk (Benjamin Marzinski) [801141]\n[2.6.32-251.el6]\n- [scsi] lpfc: Update lpfc version for 8.3.5.58.1p driver release (Rob Evers) [738037]\n- [virt] VMX: VMXON/VMXOFF usage changes (Avi Kivity) [704173]\n- [virt] VMX: VMCLEAR/VMPTRLD usage changes (Avi Kivity) [704173]\n- [virt] VMX: Some minor changes to code structure (Avi Kivity) [704173]\n- [virt] VMX: Define new functions to wrapper direct call of asm code (Avi Kivity) [704173]\n- [net] bonding: move dev_addr cpy to bond_enslave (Thomas Graf) [799794]\n- [net] bonding: move slave MTU handling from sysfs (Thomas Graf) [799794]\n- [ppc] Implement CONFIG_STRICT_DEVMEM (Steve Best) [655689]\n- [scsi] fcoe: Only define ndo_fcoe_get_hbainfo if fcoe is configured (Neil Horman) [789086]\n- [x86] ACPI / PM: Fix build problem for !CONFIG_ACPI related to NVS rework (Myron Stowe) [708447]\n- [x86] ips: use interruptible waits in ips-monitor (Neil Horman) [727944]\n- [x86] kvmclock: abstract save/restore sched_clock_state (Marcelo Tosatti) [694801]\n- [virt] fix a merge problem in 'KVM steal time suspend/resume bugfix' series (Aristeu Rozanski) [612320]\n- [virt] reapply 'KVM steal time suspend/resume bugfix' series (Aristeu Rozanski)", "edition": 72, "modified": "2012-06-27T00:00:00", "published": "2012-06-27T00:00:00", "id": "ELSA-2012-0862", "href": "http://linux.oracle.com/errata/ELSA-2012-0862.html", "title": "Oracle Linux 6 kernel security, bug fix and enhancement update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:36:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086"], "description": "**Issue Overview:**\n\nThe journal_unmap_buffer function in fs/jbd2/transaction.c in the Linux kernel before 3.3.1 does not properly handle the _Delay and _Unwritten buffer head states, which allows local users to cause a denial of service (system crash) by leveraging the presence of an ext4 filesystem that was mounted with a journal. \n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-debuginfo-common-i686-2.6.35.14-107.1.36.amzn1.i686 \n kernel-debuginfo-2.6.35.14-107.1.36.amzn1.i686 \n kernel-headers-2.6.35.14-107.1.36.amzn1.i686 \n kernel-devel-2.6.35.14-107.1.36.amzn1.i686 \n kernel-2.6.35.14-107.1.36.amzn1.i686 \n perf-2.6.35.14-107.1.36.amzn1.i686 \n \n noarch: \n kernel-doc-2.6.35.14-107.1.36.amzn1.noarch \n \n src: \n kernel-2.6.35.14-107.1.36.amzn1.src \n \n x86_64: \n perf-2.6.35.14-107.1.36.amzn1.x86_64 \n kernel-devel-2.6.35.14-107.1.36.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-2.6.35.14-107.1.36.amzn1.x86_64 \n kernel-headers-2.6.35.14-107.1.36.amzn1.x86_64 \n kernel-2.6.35.14-107.1.36.amzn1.x86_64 \n kernel-debuginfo-2.6.35.14-107.1.36.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-02-15T17:38:00", "published": "2012-02-15T17:38:00", "id": "ALAS-2012-045", "href": "https://alas.aws.amazon.com/ALAS-2012-45.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-12T10:10:06", "description": "CVE-2011-4086: jbd2: unmapped buffer with _Unwritten or _Delay flags\nset can lead to DoS (rhbz 788260) This update rebases the kernel to\nthe newest upstream stable release (3.2.3). As with previous updates,\nit presents itself as 2.6.xx still, for compatibility reasons.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-02-13T00:00:00", "title": "Fedora 15 : kernel-2.6.42.3-2.fc15 (2012-1503)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4086"], "modified": "2012-02-13T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-1503.NASL", "href": "https://www.tenable.com/plugins/nessus/57906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-1503.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57906);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4086\");\n script_bugtraq_id(51945);\n script_xref(name:\"FEDORA\", value:\"2012-1503\");\n\n script_name(english:\"Fedora 15 : kernel-2.6.42.3-2.fc15 (2012-1503)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2011-4086: jbd2: unmapped buffer with _Unwritten or _Delay flags\nset can lead to DoS (rhbz 788260) This update rebases the kernel to\nthe newest upstream stable release (3.2.3). As with previous updates,\nit presents itself as 2.6.xx still, for compatibility reasons.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=788260\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-February/073150.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5c452b4e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"kernel-2.6.42.3-2.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-02-01T01:20:03", "description": "The journal_unmap_buffer function in fs/jbd2/transaction.c in the\nLinux kernel before 3.3.1 does not properly handle the _Delay and\n_Unwritten buffer head states, which allows local users to cause a\ndenial of service (system crash) by leveraging the presence of an ext4\nfilesystem that was mounted with a journal.", "edition": 24, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : kernel (ALAS-2012-45)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4086"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-headers", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-45.NASL", "href": "https://www.tenable.com/plugins/nessus/69652", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-45.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69652);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-4086\");\n script_xref(name:\"ALAS\", value:\"2012-45\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2012-45)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The journal_unmap_buffer function in fs/jbd2/transaction.c in the\nLinux kernel before 3.3.1 does not properly handle the _Delay and\n_Unwritten buffer head states, which allows local users to cause a\ndenial of service (system crash) by leveraging the presence of an ext4\nfilesystem that was mounted with a journal.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-45.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-2.6.35.14-107.1.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-2.6.35.14-107.1.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.35.14-107.1.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.35.14-107.1.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-2.6.35.14-107.1.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-2.6.35.14-107.1.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-2.6.35.14-107.1.36.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-2.6.35.14-107.1.36.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:10:06", "description": "CVE-2011-4086 jbd2: unmapped buffer with _Unwritten or _Delay flags\nset can lead to DoS (rhbz 788260)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-02-13T00:00:00", "title": "Fedora 16 : kernel-3.2.5-3.fc16 (2012-1497)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4086"], "modified": "2012-02-13T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-1497.NASL", "href": "https://www.tenable.com/plugins/nessus/57905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-1497.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57905);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4086\");\n script_bugtraq_id(51945);\n script_xref(name:\"FEDORA\", value:\"2012-1497\");\n\n script_name(english:\"Fedora 16 : kernel-3.2.5-3.fc16 (2012-1497)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2011-4086 jbd2: unmapped buffer with _Unwritten or _Delay flags\nset can lead to DoS (rhbz 788260)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=788260\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-February/073025.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c55f9c0b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"kernel-3.2.5-3.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:47:29", "description": "Description of changes:\n\n* CVE-2011-4086: Denial of service in journaling block device.\n\nThe journal block device assumed that a buffer marked as unwritten\nor delay could be live without checking if the buffer was mapped.\n\nAn unprivileged local user could use this flaw to crash the system.\n\n\n[2.6.32-300.25.1.el6uek]\n- jbd2: clear BH_Delay BH_Unwritten in journal_unmap_buffer (Eric Sandeen)\n [Bugdb: 13871] {CVE-2011-4086}", "edition": 20, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2014)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4086"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:ofa-2.6.32-300.25.1.el5uekdebug", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.25.1.el5uekdebug", "p-cpe:/a:oracle:linux:kernel-uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.25.1.el6uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.25.1.el5uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-300.25.1.el6uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.25.1.el6uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-300.25.1.el5uek", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:ofa-2.6.32-300.25.1.el6uekdebug"], "id": "ORACLELINUX_ELSA-2012-2014.NASL", "href": "https://www.tenable.com/plugins/nessus/68674", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2012-2014.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68674);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4086\");\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2014)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n* CVE-2011-4086: Denial of service in journaling block device.\n\nThe journal block device assumed that a buffer marked as unwritten\nor delay could be live without checking if the buffer was mapped.\n\nAn unprivileged local user could use this flaw to crash the system.\n\n\n[2.6.32-300.25.1.el6uek]\n- jbd2: clear BH_Delay BH_Unwritten in journal_unmap_buffer (Eric Sandeen)\n [Bugdb: 13871] {CVE-2011-4086}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002818.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002819.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.25.1.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.25.1.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.25.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.25.1.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-300.25.1.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-300.25.1.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-300.25.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-300.25.1.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4086\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2012-2014\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.32-300.25.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.32-300.25.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.32-300.25.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.32-300.25.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.32-300.25.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.32-300.25.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-headers-2.6.32-300.25.1.el5uek\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-300.25.1.el5uek-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-300.25.1.el5uekdebug-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-300.25.1.el5uek-1.5.1-4.0.58\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-300.25.1.el5uekdebug-1.5.1-4.0.58\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.32-300.25.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.32-300.25.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.32-300.25.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.32-300.25.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.32-300.25.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.32-300.25.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-headers-2.6.32-300.25.1.el6uek\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-300.25.1.el6uek-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-300.25.1.el6uekdebug-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-300.25.1.el6uek-1.5.1-4.0.47\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-300.25.1.el6uekdebug-1.5.1-4.0.47\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-02-01T07:15:16", "description": "A flaw was found in the Linux's kernels ext4 file system when mounted\nwith a journal. A local, unprivileged user could exploit this flaw to\ncause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2012-05-29T00:00:00", "title": "Ubuntu 8.04 LTS : linux vulnerability (USN-1454-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4086"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia"], "id": "UBUNTU_USN-1454-1.NASL", "href": "https://www.tenable.com/plugins/nessus/59292", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1454-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59292);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2011-4086\");\n script_bugtraq_id(51945);\n script_xref(name:\"USN\", value:\"1454-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS : linux vulnerability (USN-1454-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the Linux's kernels ext4 file system when mounted\nwith a journal. A local, unprivileged user could exploit this flaw to\ncause a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1454-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4086\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1454-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-386\", pkgver:\"2.6.24-31.101\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-generic\", pkgver:\"2.6.24-31.101\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-lpia\", pkgver:\"2.6.24-31.101\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-lpiacompat\", pkgver:\"2.6.24-31.101\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-openvz\", pkgver:\"2.6.24-31.101\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-rt\", pkgver:\"2.6.24-31.101\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-server\", pkgver:\"2.6.24-31.101\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-virtual\", pkgver:\"2.6.24-31.101\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-31-xen\", pkgver:\"2.6.24-31.101\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:27:43", "description": "Updated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the Linux kernel's\njournal_unmap_buffer() function handled buffer head states. On systems\nthat have an ext4 file system with a journal mounted, a local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-4086, Moderate)\n\n* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was\nhandled. Calling this ioctl when at least one virtual CPU (VCPU)\nalready existed could lead to a NULL pointer dereference later when\nthe VCPU is scheduled to run. A local, unprivileged user on a KVM host\ncould use this flaw to crash the host. (CVE-2012-1601, Moderate)\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.", "edition": 25, "published": "2012-05-17T00:00:00", "title": "CentOS 6 : kernel (CESA-2012:0571)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "modified": "2012-05-17T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-firmware", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2012-0571.NASL", "href": "https://www.tenable.com/plugins/nessus/59165", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0571 and \n# CentOS Errata and Security Advisory 2012:0571 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59165);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_bugtraq_id(51945, 53488);\n script_xref(name:\"RHSA\", value:\"2012:0571\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2012:0571)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the Linux kernel's\njournal_unmap_buffer() function handled buffer head states. On systems\nthat have an ext4 file system with a journal mounted, a local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-4086, Moderate)\n\n* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was\nhandled. Calling this ioctl when at least one virtual CPU (VCPU)\nalready existed could lead to a NULL pointer dereference later when\nthe VCPU is scheduled to run. A local, unprivileged user on a KVM host\ncould use this flaw to crash the host. (CVE-2012-1601, Moderate)\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-May/018643.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e7555501\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-4086\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-220.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-devel / kernel-devel / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:47:29", "description": "Description of changes:\n\n* CVE-2011-4086: Denial of service in journaling block device.\n\nThe journal block device assumed that a buffer marked as unwritten\nor delay could be live without checking if the buffer was mapped.\n\nAn unprivileged local user could use this flaw to crash the system.\n\n\n* CVE-2012-1601: Denial of service in KVM VCPU creation.\n\nInconsistent state in the creation of KVM virtual CPU's could\nlead to NULL pointer dereferences. A unprivileged local user\ncould use this flaw to crash the system.\n\n\n[2.6.39-100.7.1.el6uek]\n- KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi\n Kivity) [Bugdb: 13871] {CVE-2012-1601}\n- jbd2: clear BH_Delay BH_Unwritten in journal_unmap_buffer (Eric Sandeen)\n [Bugdb: 13871] {CVE-2011-4086}", "edition": 21, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2013)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-debug"], "id": "ORACLELINUX_ELSA-2012-2013.NASL", "href": "https://www.tenable.com/plugins/nessus/68673", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2012-2013.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68673);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2013)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n* CVE-2011-4086: Denial of service in journaling block device.\n\nThe journal block device assumed that a buffer marked as unwritten\nor delay could be live without checking if the buffer was mapped.\n\nAn unprivileged local user could use this flaw to crash the system.\n\n\n* CVE-2012-1601: Denial of service in KVM VCPU creation.\n\nInconsistent state in the creation of KVM virtual CPU's could\nlead to NULL pointer dereferences. A unprivileged local user\ncould use this flaw to crash the system.\n\n\n[2.6.39-100.7.1.el6uek]\n- KVM: Ensure all vcpus are consistent with in-kernel irqchip settings (Avi\n Kivity) [Bugdb: 13871] {CVE-2012-1601}\n- jbd2: clear BH_Delay BH_Unwritten in journal_unmap_buffer (Eric Sandeen)\n [Bugdb: 13871] {CVE-2011-4086}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002820.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002821.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4086\", \"CVE-2012-1601\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2012-2013\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.39-100.7.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.39-100.7.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.39-100.7.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.39-100.7.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.39-100.7.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.39-100.7.1.el5uek\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.39-100.7.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.39-100.7.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.39-100.7.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.39-100.7.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.39-100.7.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.39-100.7.1.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:10:46", "description": "Updated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the Linux kernel's\njournal_unmap_buffer() function handled buffer head states. On systems\nthat have an ext4 file system with a journal mounted, a local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-4086, Moderate)\n\n* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was\nhandled. Calling this ioctl when at least one virtual CPU (VCPU)\nalready existed could lead to a NULL pointer dereference later when\nthe VCPU is scheduled to run. A local, unprivileged user on a KVM host\ncould use this flaw to crash the host. (CVE-2012-1601, Moderate)\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.", "edition": 26, "published": "2012-05-16T00:00:00", "title": "RHEL 6 : kernel (RHSA-2012:0571)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "modified": "2012-05-16T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "cpe:/o:redhat:enterprise_linux:6.2", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2012-0571.NASL", "href": "https://www.tenable.com/plugins/nessus/59106", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0571. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59106);\n script_version(\"1.22\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_bugtraq_id(51945, 53488);\n script_xref(name:\"RHSA\", value:\"2012:0571\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2012:0571)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the Linux kernel's\njournal_unmap_buffer() function handled buffer head states. On systems\nthat have an ext4 file system with a journal mounted, a local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-4086, Moderate)\n\n* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was\nhandled. Calling this ioctl when at least one virtual CPU (VCPU)\nalready existed could lead to a NULL pointer dereference later when\nthe VCPU is scheduled to run. A local, unprivileged user on a KVM host\ncould use this flaw to crash the host. (CVE-2012-1601, Moderate)\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.\"\n );\n # https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?056c0c27\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1601\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4086\", \"CVE-2012-1601\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2012:0571\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0571\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-220.17.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:10:46", "description": "Updated kernel-rt packages that fix two security issues and various\nbugs are now available for Red Hat Enterprise MRG 2.1.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* When a set user ID (setuid) application is executed, certain\npersonality flags for controlling the application's behavior are\ncleared (that is, a privileged application will not be affected by\nthose flags). It was found that those flags were not cleared if the\napplication was made privileged via file system capabilities. A local,\nunprivileged user could use this flaw to change the behavior of such\napplications, allowing them to bypass intended restrictions. Note that\nfor default installations, no application shipped by Red Hat for Red\nHat Enterprise MRG is made privileged via file system capabilities.\n(CVE-2012-2123, Important)\n\n* A flaw was found in the way the Linux kernel's\njournal_unmap_buffer() function handled buffer head states. On systems\nthat have an ext4 file system with a journal mounted, a local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-4086, Moderate)\n\nThis update also fixes the following bugs :\n\n* The CAP_SYS_ADMIN check was missing from the dmesg_restrict feature.\nConsequently, an unprivileged and jailed root user could bypass the\ndmesg_restrict protection. This update adds CAP_SYS_ADMIN to both\ndmesg_restrict and kptr_restrict, which only allows writing to\ndmesg_restrict when root has CAP_SYS_ADMIN. (BZ#808271)\n\n* Previously, the _copy_from_pages() function, which is used to copy\ndata from the temporary buffer to the user-passed buffer, was passed\nthe wrong size parameter when copying data. Consequently, if the user\nprovided a buffer greater than PAGE_SIZE, the getxattr() syscalls were\nhandled incorrectly. This update fixes _copy_from_pages() to use the\nACL length, which uses a correctly-sized buffer. (BZ#753230)\n\n* Some older versions of hardware or their software could not\nrecognize certain commands and would log messages for illegal or\nunsupported errors the driver could not properly handle. This bug has\nbeen fixed and no bogus error messages are now returned in the\ndescribed scenario. (BZ#813892)\n\n* Previously, the qla2x00_poll() function did the local_irq_save()\ncall before calling qla24xx_intr_handler(), which had a spinlock.\nSince spinlocks are sleepable in the real-time kernel, it is not\nallowed to call them with interrupts disabled. This scenario produced\nerror messages and could cause a system deadlock. With this update,\nthe local_irq_save_nort(flags) function is used to save flags without\ndisabling interrupts, which prevents potential deadlocks and removes\nthe error messages. (BZ#818220)\n\nUsers should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.", "edition": 24, "published": "2014-07-22T00:00:00", "title": "RHEL 6 : MRG (RHSA-2012:0670)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-2123", "CVE-2011-4086"], "modified": "2014-07-22T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo"], "id": "REDHAT-RHSA-2012-0670.NASL", "href": "https://www.tenable.com/plugins/nessus/76644", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0670. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76644);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-2123\");\n script_bugtraq_id(51945, 53166);\n script_xref(name:\"RHSA\", value:\"2012:0670\");\n\n script_name(english:\"RHEL 6 : MRG (RHSA-2012:0670)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel-rt packages that fix two security issues and various\nbugs are now available for Red Hat Enterprise MRG 2.1.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* When a set user ID (setuid) application is executed, certain\npersonality flags for controlling the application's behavior are\ncleared (that is, a privileged application will not be affected by\nthose flags). It was found that those flags were not cleared if the\napplication was made privileged via file system capabilities. A local,\nunprivileged user could use this flaw to change the behavior of such\napplications, allowing them to bypass intended restrictions. Note that\nfor default installations, no application shipped by Red Hat for Red\nHat Enterprise MRG is made privileged via file system capabilities.\n(CVE-2012-2123, Important)\n\n* A flaw was found in the way the Linux kernel's\njournal_unmap_buffer() function handled buffer head states. On systems\nthat have an ext4 file system with a journal mounted, a local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-4086, Moderate)\n\nThis update also fixes the following bugs :\n\n* The CAP_SYS_ADMIN check was missing from the dmesg_restrict feature.\nConsequently, an unprivileged and jailed root user could bypass the\ndmesg_restrict protection. This update adds CAP_SYS_ADMIN to both\ndmesg_restrict and kptr_restrict, which only allows writing to\ndmesg_restrict when root has CAP_SYS_ADMIN. (BZ#808271)\n\n* Previously, the _copy_from_pages() function, which is used to copy\ndata from the temporary buffer to the user-passed buffer, was passed\nthe wrong size parameter when copying data. Consequently, if the user\nprovided a buffer greater than PAGE_SIZE, the getxattr() syscalls were\nhandled incorrectly. This update fixes _copy_from_pages() to use the\nACL length, which uses a correctly-sized buffer. (BZ#753230)\n\n* Some older versions of hardware or their software could not\nrecognize certain commands and would log messages for illegal or\nunsupported errors the driver could not properly handle. This bug has\nbeen fixed and no bogus error messages are now returned in the\ndescribed scenario. (BZ#813892)\n\n* Previously, the qla2x00_poll() function did the local_irq_save()\ncall before calling qla24xx_intr_handler(), which had a spinlock.\nSince spinlocks are sleepable in the real-time kernel, it is not\nallowed to call them with interrupts disabled. This scenario produced\nerror messages and could cause a system deadlock. With this update,\nthe local_irq_save_nort(flags) function is used to save flags without\ndisabling interrupts, which prevents potential deadlocks and removes\nthe error messages. (BZ#818220)\n\nUsers should upgrade to these updated packages, which correct these\nissues. The system must be rebooted for this update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-2123\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4086\", \"CVE-2012-2123\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2012:0670\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0670\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mrg-release\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MRG\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-doc-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-firmware-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-debuginfo-3.0.30-rt50.62.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-devel-3.0.30-rt50.62.el6rt\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T12:46:55", "description": "From Red Hat Security Advisory 2012:0571 :\n\nUpdated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the Linux kernel's\njournal_unmap_buffer() function handled buffer head states. On systems\nthat have an ext4 file system with a journal mounted, a local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-4086, Moderate)\n\n* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was\nhandled. Calling this ioctl when at least one virtual CPU (VCPU)\nalready existed could lead to a NULL pointer dereference later when\nthe VCPU is scheduled to run. A local, unprivileged user on a KVM host\ncould use this flaw to crash the host. (CVE-2012-1601, Moderate)\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.", "edition": 22, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : kernel (ELSA-2012-0571)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware"], "id": "ORACLELINUX_ELSA-2012-0571.NASL", "href": "https://www.tenable.com/plugins/nessus/68526", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0571 and \n# Oracle Linux Security Advisory ELSA-2012-0571 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68526);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4086\", \"CVE-2012-1601\");\n script_bugtraq_id(51945, 53488);\n script_xref(name:\"RHSA\", value:\"2012:0571\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2012-0571)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0571 :\n\nUpdated kernel packages that fix two security issues and several bugs\nare now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A flaw was found in the way the Linux kernel's\njournal_unmap_buffer() function handled buffer head states. On systems\nthat have an ext4 file system with a journal mounted, a local,\nunprivileged user could use this flaw to cause a denial of service.\n(CVE-2011-4086, Moderate)\n\n* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was\nhandled. Calling this ioctl when at least one virtual CPU (VCPU)\nalready existed could lead to a NULL pointer dereference later when\nthe VCPU is scheduled to run. A local, unprivileged user on a KVM host\ncould use this flaw to crash the host. (CVE-2012-1601, Moderate)\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002822.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4086\", \"CVE-2012-1601\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2012-0571\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-220.17.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-220.17.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-08T23:42:34", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service.", "edition": 5, "modified": "2012-05-25T00:00:00", "published": "2012-05-25T00:00:00", "id": "USN-1454-1", "href": "https://ubuntu.com/security/notices/USN-1454-1", "title": "Linux kernel vulnerability", "type": "ubuntu", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:20:23", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2123", "CVE-2012-1601", "CVE-2011-4086"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service. (CVE-2011-4086)\n\nA flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual \ncpu setup. An unprivileged local user could exploit this flaw to crash the \nsystem leading to a denial of service. (CVE-2012-1601)\n\nSteve Grubb reported a flaw with Linux fscaps (file system base \ncapabilities) when used to increase the permissions of a process. For \napplication on which fscaps are in use a local attacker can disable address \nspace randomization to make attacking the process with raised privileges \neasier. (CVE-2012-2123)", "edition": 5, "modified": "2012-05-25T00:00:00", "published": "2012-05-25T00:00:00", "id": "USN-1453-1", "href": "https://ubuntu.com/security/notices/USN-1453-1", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T01:33:16", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2123", "CVE-2012-1601", "CVE-2011-4086"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service. (CVE-2011-4086)\n\nA flaw was found in the Linux kernel's KVM (Kernel Virtual Machine) virtual \ncpu setup. An unprivileged local user could exploit this flaw to crash the \nsystem leading to a denial of service. (CVE-2012-1601)\n\nSteve Grubb reported a flaw with Linux fscaps (file system base \ncapabilities) when used to increase the permissions of a process. For \napplication on which fscaps are in use a local attacker can disable address \nspace randomization to make attacking the process with raised privileges \neasier. (CVE-2012-2123)", "edition": 5, "modified": "2012-05-18T00:00:00", "published": "2012-05-18T00:00:00", "id": "USN-1445-1", "href": "https://ubuntu.com/security/notices/USN-1445-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:24:44", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2100", "CVE-2011-4086", "CVE-2012-4398", "CVE-2012-1090"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service. (CVE-2011-4086)\n\nA flaw was discovered in the Linux kernel's cifs file system. An \nunprivileged local user could exploit this flaw to crash the system leading \nto a denial of service. (CVE-2012-1090)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting a \ncorrupt filesystem. A user-assisted remote attacker could exploit this flaw \nto cause a denial of service. (CVE-2012-2100)\n\nTetsuo Handa reported a flaw in the OOM (out of memory) killer of the Linux \nkernel. A local unprivileged user can exploit this flaw to cause system \nunstability and denial of services. (CVE-2012-4398)", "edition": 5, "modified": "2012-05-08T00:00:00", "published": "2012-05-08T00:00:00", "id": "USN-1432-1", "href": "https://ubuntu.com/security/notices/USN-1432-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-28T13:46:36", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1097", "CVE-2012-2100", "CVE-2011-4086", "CVE-2012-1090", "CVE-2012-1146"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service. (CVE-2011-4086)\n\nA flaw was discovered in the Linux kernel's cifs file system. An \nunprivileged local user could exploit this flaw to crash the system leading \nto a denial of service. (CVE-2012-1090)\n\nH. Peter Anvin reported a flaw in the Linux kernel that could crash the \nsystem. A local user could exploit this flaw to crash the system. \n(CVE-2012-1097)\n\nA flaw was discovered in the Linux kernel's cgroups subset. A local \nattacker could use this flaw to crash the system. (CVE-2012-1146)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting a \ncorrupt filesystem. A user-assisted remote attacker could exploit this flaw \nto cause a denial of service. (CVE-2012-2100)", "edition": 6, "modified": "2012-05-31T00:00:00", "published": "2012-05-31T00:00:00", "id": "USN-1458-1", "href": "https://ubuntu.com/security/notices/USN-1458-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-28T13:48:21", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1097", "CVE-2011-4086", "CVE-2012-4398", "CVE-2012-1090", "CVE-2012-1179", "CVE-2012-1146"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service. (CVE-2011-4086)\n\nA flaw was discovered in the Linux kernel's cifs file system. An \nunprivileged local user could exploit this flaw to crash the system leading \nto a denial of service. (CVE-2012-1090)\n\nH. Peter Anvin reported a flaw in the Linux kernel that could crash the \nsystem. A local user could exploit this flaw to crash the system. \n(CVE-2012-1097)\n\nA flaw was discovered in the Linux kernel's cgroups subset. A local \nattacker could use this flaw to crash the system. (CVE-2012-1146)\n\nA flaw was found in the Linux kernel's handling of paged memory. A local \nunprivileged user, or a privileged user within a KVM guest, could exploit \nthis flaw to crash the system. (CVE-2012-1179)\n\nTetsuo Handa reported a flaw in the OOM (out of memory) killer of the Linux \nkernel. A local unprivileged user can exploit this flaw to cause system \nunstability and denial of services. (CVE-2012-4398)", "edition": 6, "modified": "2012-05-18T00:00:00", "published": "2012-05-18T00:00:00", "id": "USN-1446-1", "href": "https://ubuntu.com/security/notices/USN-1446-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-28T13:36:48", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1097", "CVE-2011-4086", "CVE-2012-4398", "CVE-2011-4347", "CVE-2012-1090", "CVE-2012-1179", "CVE-2012-1146", "CVE-2012-0045"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service. (CVE-2011-4086)\n\nSasha Levin discovered a flaw in the permission checking for device \nassignments requested via the kvm ioctl in the Linux kernel. A local user \ncould use this flaw to crash the system causing a denial of service. \n(CVE-2011-4347)\n\nStephan B\u00e4rwolf discovered a flaw in the KVM (kernel-based virtual \nmachine) subsystem of the Linux kernel. A local unprivileged user can crash \nuse this flaw to crash VMs causing a deny of service. (CVE-2012-0045)\n\nA flaw was discovered in the Linux kernel's cifs file system. An \nunprivileged local user could exploit this flaw to crash the system leading \nto a denial of service. (CVE-2012-1090)\n\nH. Peter Anvin reported a flaw in the Linux kernel that could crash the \nsystem. A local user could exploit this flaw to crash the system. \n(CVE-2012-1097)\n\nA flaw was discovered in the Linux kernel's cgroups subset. A local \nattacker could use this flaw to crash the system. (CVE-2012-1146)\n\nA flaw was found in the Linux kernel's handling of paged memory. A local \nunprivileged user, or a privileged user within a KVM guest, could exploit \nthis flaw to crash the system. (CVE-2012-1179)\n\nTetsuo Handa reported a flaw in the OOM (out of memory) killer of the Linux \nkernel. A local unprivileged user can exploit this flaw to cause system \nunstability and denial of services. (CVE-2012-4398)", "edition": 69, "modified": "2012-05-01T00:00:00", "published": "2012-05-01T00:00:00", "id": "USN-1431-1", "href": "https://ubuntu.com/security/notices/USN-1431-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-28T13:48:47", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1097", "CVE-2011-4086", "CVE-2012-4398", "CVE-2011-4347", "CVE-2012-1090", "CVE-2012-1179", "CVE-2012-1146", "CVE-2012-0045"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service. (CVE-2011-4086)\n\nSasha Levin discovered a flaw in the permission checking for device \nassignments requested via the kvm ioctl in the Linux kernel. A local user \ncould use this flaw to crash the system causing a denial of service. \n(CVE-2011-4347)\n\nStephan B\u00e4rwolf discovered a flaw in the KVM (kernel-based virtual \nmachine) subsystem of the Linux kernel. A local unprivileged user can crash \nuse this flaw to crash VMs causing a deny of service. (CVE-2012-0045)\n\nA flaw was discovered in the Linux kernel's cifs file system. An \nunprivileged local user could exploit this flaw to crash the system leading \nto a denial of service. (CVE-2012-1090)\n\nH. Peter Anvin reported a flaw in the Linux kernel that could crash the \nsystem. A local user could exploit this flaw to crash the system. \n(CVE-2012-1097)\n\nA flaw was discovered in the Linux kernel's cgroups subset. A local \nattacker could use this flaw to crash the system. (CVE-2012-1146)\n\nA flaw was found in the Linux kernel's handling of paged memory. A local \nunprivileged user, or a privileged user within a KVM guest, could exploit \nthis flaw to crash the system. (CVE-2012-1179)\n\nTetsuo Handa reported a flaw in the OOM (out of memory) killer of the Linux \nkernel. A local unprivileged user can exploit this flaw to cause system \nunstability and denial of services. (CVE-2012-4398)", "edition": 69, "modified": "2012-05-01T00:00:00", "published": "2012-05-01T00:00:00", "id": "USN-1433-1", "href": "https://ubuntu.com/security/notices/USN-1433-1", "title": "Linux kernel (Oneiric backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-28T13:38:42", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1097", "CVE-2012-2100", "CVE-2011-4086", "CVE-2012-4398", "CVE-2011-4347", "CVE-2012-1090", "CVE-2012-1146", "CVE-2012-0045"], "description": "A flaw was found in the Linux's kernels ext4 file system when mounted with \na journal. A local, unprivileged user could exploit this flaw to cause a \ndenial of service. (CVE-2011-4086)\n\nSasha Levin discovered a flaw in the permission checking for device \nassignments requested via the kvm ioctl in the Linux kernel. A local user \ncould use this flaw to crash the system causing a denial of service. \n(CVE-2011-4347)\n\nStephan B\u00e4rwolf discovered a flaw in the KVM (kernel-based virtual \nmachine) subsystem of the Linux kernel. A local unprivileged user can crash \nuse this flaw to crash VMs causing a deny of service. (CVE-2012-0045)\n\nA flaw was discovered in the Linux kernel's cifs file system. An \nunprivileged local user could exploit this flaw to crash the system leading \nto a denial of service. (CVE-2012-1090)\n\nH. Peter Anvin reported a flaw in the Linux kernel that could crash the \nsystem. A local user could exploit this flaw to crash the system. \n(CVE-2012-1097)\n\nA flaw was discovered in the Linux kernel's cgroups subset. A local \nattacker could use this flaw to crash the system. (CVE-2012-1146)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting a \ncorrupt filesystem. A user-assisted remote attacker could exploit this flaw \nto cause a denial of service. (CVE-2012-2100)\n\nTetsuo Handa reported a flaw in the OOM (out of memory) killer of the Linux \nkernel. A local unprivileged user can exploit this flaw to cause system \nunstability and denial of services. (CVE-2012-4398)", "edition": 69, "modified": "2012-05-08T00:00:00", "published": "2012-05-08T00:00:00", "id": "USN-1440-1", "href": "https://ubuntu.com/security/notices/USN-1440-1", "title": "Linux kernel (Natty backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:28:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-1601", "CVE-2011-4086"], "description": "**CentOS Errata and Security Advisory** CESA-2012:0571\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's journal_unmap_buffer()\nfunction handled buffer head states. On systems that have an ext4 file\nsystem with a journal mounted, a local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2011-4086, Moderate)\n\n* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled.\nCalling this ioctl when at least one virtual CPU (VCPU) already existed\ncould lead to a NULL pointer dereference later when the VCPU is scheduled\nto run. A local, unprivileged user on a KVM host could use this flaw to\ncrash the host. (CVE-2012-1601, Moderate)\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-May/030681.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0571.html", "edition": 3, "modified": "2012-05-16T09:19:09", "published": "2012-05-16T09:19:09", "href": "http://lists.centos.org/pipermail/centos-announce/2012-May/030681.html", "id": "CESA-2012:0571", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:25:47", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4127", "CVE-2012-0207", "CVE-2011-4086", "CVE-2012-0028", "CVE-2011-3638"], "description": "**CentOS Errata and Security Advisory** CESA-2012:0107\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes\nresulted in the requests being passed to the underlying block device. If a\nprivileged user only had access to a single partition or LVM volume, they\ncould use this flaw to bypass those restrictions and gain read and write\naccess (and be able to issue other SCSI commands) to the entire block\ndevice. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the\nReferences, for further details about this issue. (CVE-2011-4127,\nImportant)\n\n* A flaw was found in the way the Linux kernel handled robust list pointers\nof user-space held futexes across exec() calls. A local, unprivileged user\ncould use this flaw to cause a denial of service or, eventually, escalate\ntheir privileges. (CVE-2012-0028, Important)\n\n* A flaw was found in the Linux kernel in the way splitting two extents in\next4_ext_convert_to_initialized() worked. A local, unprivileged user with\nthe ability to mount and unmount ext4 file systems could use this flaw to\ncause a denial of service. (CVE-2011-3638, Moderate)\n\n* A flaw was found in the way the Linux kernel's journal_unmap_buffer()\nfunction handled buffer head states. On systems that have an ext4 file\nsystem with a journal mounted, a local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2011-4086, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query()\nfunction. An attacker able to send certain IGMP (Internet Group Management\nProtocol) packets to a target system could use this flaw to cause a denial\nof service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Zheng Liu for reporting CVE-2011-3638, and\nSimon McVittie for reporting CVE-2012-0207.\n\nThis update also fixes the following bugs:\n\n* When a host was in recovery mode and a SCSI scan operation was initiated,\nthe scan operation failed and provided no error output. This bug has been\nfixed and the SCSI layer now waits for recovery of the host to complete\nscan operations for devices. (BZ#772162)\n\n* SG_IO ioctls were not implemented correctly in the Red Hat Enterprise\nLinux 5 virtio-blk driver. Sending an SG_IO ioctl request to a virtio-blk\ndisk caused the sending thread to enter an uninterruptible sleep state (\"D\"\nstate). With this update, SG_IO ioctls are rejected by the virtio-blk\ndriver: the ioctl system call will simply return an ENOTTY (\"Inappropriate\nioctl for device\") error and the thread will continue normally. (BZ#773322)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-February/030464.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0107.html", "edition": 3, "modified": "2012-02-09T21:30:36", "published": "2012-02-09T21:30:36", "href": "http://lists.centos.org/pipermail/centos-announce/2012-February/030464.html", "id": "CESA-2012:0107", "title": "kernel security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:47:02", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2012-1601"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Linux kernel's journal_unmap_buffer()\nfunction handled buffer head states. On systems that have an ext4 file\nsystem with a journal mounted, a local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2011-4086, Moderate)\n\n* A flaw was found in the way the KVM_CREATE_IRQCHIP ioctl was handled.\nCalling this ioctl when at least one virtual CPU (VCPU) already existed\ncould lead to a NULL pointer dereference later when the VCPU is scheduled\nto run. A local, unprivileged user on a KVM host could use this flaw to\ncrash the host. (CVE-2012-1601, Moderate)\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:08", "published": "2012-05-15T04:00:00", "id": "RHSA-2012:0571", "href": "https://access.redhat.com/errata/RHSA-2012:0571", "type": "redhat", "title": "(RHSA-2012:0571) Moderate: kernel security and bug fix update", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:27", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2012-2123"], "description": "The kernel-rt packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* When a set user ID (setuid) application is executed, certain personality\nflags for controlling the application's behavior are cleared (that is, a\nprivileged application will not be affected by those flags). It was found\nthat those flags were not cleared if the application was made privileged\nvia file system capabilities. A local, unprivileged user could use this\nflaw to change the behavior of such applications, allowing them to bypass\nintended restrictions. Note that for default installations, no application\nshipped by Red Hat for Red Hat Enterprise MRG is made privileged via file\nsystem capabilities. (CVE-2012-2123, Important)\n\n* A flaw was found in the way the Linux kernel's journal_unmap_buffer()\nfunction handled buffer head states. On systems that have an ext4 file\nsystem with a journal mounted, a local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2011-4086, Moderate)\n\nThis update also fixes the following bugs:\n\n* The CAP_SYS_ADMIN check was missing from the dmesg_restrict feature.\nConsequently, an unprivileged and jailed root user could bypass the\ndmesg_restrict protection. This update adds CAP_SYS_ADMIN to both\ndmesg_restrict and kptr_restrict, which only allows writing to\ndmesg_restrict when root has CAP_SYS_ADMIN. (BZ#808271)\n\n* Previously, the _copy_from_pages() function, which is used to copy data \nfrom the temporary buffer to the user-passed buffer, was passed the wrong \nsize parameter when copying data. Consequently, if the user provided a \nbuffer greater than PAGE_SIZE, the getxattr() syscalls were handled \nincorrectly. This update fixes _copy_from_pages() to use the ACL length, \nwhich uses a correctly-sized buffer. (BZ#753230)\n\n* Some older versions of hardware or their software could not recognize\ncertain commands and would log messages for illegal or unsupported errors\nthe driver could not properly handle. This bug has been fixed and no bogus\nerror messages are now returned in the described scenario. (BZ#813892)\n\n* Previously, the qla2x00_poll() function did the local_irq_save() call\nbefore calling qla24xx_intr_handler(), which had a spinlock. Since\nspinlocks are sleepable in the real-time kernel, it is not allowed to call\nthem with interrupts disabled. This scenario produced error messages and\ncould cause a system deadlock. With this update, the\nlocal_irq_save_nort(flags) function is used to save flags without disabling\ninterrupts, which prevents potential deadlocks and removes the error\nmessages. (BZ#818220)\n\nUsers should upgrade to these updated packages, which correct these issues.\nThe system must be rebooted for this update to take effect.\n", "modified": "2018-06-07T08:58:25", "published": "2012-05-15T04:00:00", "id": "RHSA-2012:0670", "href": "https://access.redhat.com/errata/RHSA-2012:0670", "type": "redhat", "title": "(RHSA-2012:0670) Important: kernel-rt security and bug fix update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:45:43", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3638", "CVE-2011-4086", "CVE-2011-4127", "CVE-2012-0028", "CVE-2012-0207"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* Using the SG_IO ioctl to issue SCSI requests to partitions or LVM volumes\nresulted in the requests being passed to the underlying block device. If a\nprivileged user only had access to a single partition or LVM volume, they\ncould use this flaw to bypass those restrictions and gain read and write\naccess (and be able to issue other SCSI commands) to the entire block\ndevice. Refer to Red Hat Knowledgebase article DOC-67874, linked to in the\nReferences, for further details about this issue. (CVE-2011-4127,\nImportant)\n\n* A flaw was found in the way the Linux kernel handled robust list pointers\nof user-space held futexes across exec() calls. A local, unprivileged user\ncould use this flaw to cause a denial of service or, eventually, escalate\ntheir privileges. (CVE-2012-0028, Important)\n\n* A flaw was found in the Linux kernel in the way splitting two extents in\next4_ext_convert_to_initialized() worked. A local, unprivileged user with\nthe ability to mount and unmount ext4 file systems could use this flaw to\ncause a denial of service. (CVE-2011-3638, Moderate)\n\n* A flaw was found in the way the Linux kernel's journal_unmap_buffer()\nfunction handled buffer head states. On systems that have an ext4 file\nsystem with a journal mounted, a local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2011-4086, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query()\nfunction. An attacker able to send certain IGMP (Internet Group Management\nProtocol) packets to a target system could use this flaw to cause a denial\nof service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Zheng Liu for reporting CVE-2011-3638, and\nSimon McVittie for reporting CVE-2012-0207.\n\nThis update also fixes the following bugs:\n\n* When a host was in recovery mode and a SCSI scan operation was initiated,\nthe scan operation failed and provided no error output. This bug has been\nfixed and the SCSI layer now waits for recovery of the host to complete\nscan operations for devices. (BZ#772162)\n\n* SG_IO ioctls were not implemented correctly in the Red Hat Enterprise\nLinux 5 virtio-blk driver. Sending an SG_IO ioctl request to a virtio-blk\ndisk caused the sending thread to enter an uninterruptible sleep state (\"D\"\nstate). With this update, SG_IO ioctls are rejected by the virtio-blk\ndriver: the ioctl system call will simply return an ENOTTY (\"Inappropriate\nioctl for device\") error and the thread will continue normally. (BZ#773322)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2017-09-08T11:50:12", "published": "2012-02-09T05:00:00", "id": "RHSA-2012:0107", "href": "https://access.redhat.com/errata/RHSA-2012:0107", "type": "redhat", "title": "(RHSA-2012:0107) Important: kernel security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:44", "bulletinFamily": "software", "cvelist": ["CVE-2012-2123", "CVE-2012-2133", "CVE-2012-1601", "CVE-2011-4086", "CVE-2012-0879"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-2469-1 security@debian.org\r\nhttp://www.debian.org/security/ Dann Frazier\r\nMay 10, 2012 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : privilege escalation/denial of service\r\nProblem type : local\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2011-4086 CVE-2012-0879 CVE-2012-1601 CVE-2012-2123\r\n CVE-2012-2133\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\r\nto a denial of service or privilege escalation. The Common Vulnerabilities and\r\nExposures project identifies the following problems:\r\n\r\nCVE-2011-4086\r\n\r\n Eric Sandeen reported an issue in the journaling layer for EXT4 filesystems\r\n (jbd2). Local users can cause buffers to be accessed after they have been\r\n torn down, resulting in a denial of service (DoS) due to a system crash.\r\n\r\nCVE-2012-0879\r\n\r\n Louis Rilling reported two reference counting issues in the CLONE_IO\r\n feature of the kernel. Local users can prevent io context structures\r\n from being freed, resulting in a denial of service.\r\n\r\nCVE-2012-1601\r\n\r\n Michael Ellerman reported an issue in the KVM subsystem. Local users could\r\n cause a denial of service (NULL pointer dereference) by creating VCPUs\r\n before a call to KVM_CREATE_IRQCHIP.\r\n\r\nCVE-2012-2123\r\n\r\n Steve Grubb reported in an issue in fcaps, a filesystem-based capabilities\r\n system. Personality flags set using this mechanism, such as the disabling\r\n of address space randomization, may persist across suid calls.\r\n\r\nCVE-2012-2133\r\n\r\n Shachar Raindel discovered a use-after-free bug in the hugepages\r\n quota implementation. Local users with permission to use hugepages\r\n via the hugetlbfs implementation may be able to cause a denial of\r\n service (system crash).\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in version\r\n2.6.32-44. Updates are currently only available for the amd64, i386 and sparc\r\nports.\r\n\r\nNOTE: Updated linux-2.6 packages will also be made available in the release\r\nof Debian 6.0.5, scheduled to take place the weekend of 2012.05.12. This\r\npending update will be version 2.6.32-45, and provides an additional fix for\r\nbuild failures on some architectures. Users for whom this update is not\r\ncritical, and who may wish to avoid multiple reboots, should consider waiting\r\nfor the 6.0.5 release before updating, or installing the 2.6.32-45 version\r\nahead of time from proposed-updates.\r\n\r\nThe following matrix lists additional source packages that were rebuilt for\r\ncompatibility with or to take advantage of this update:\r\n\r\n Debian 6.0 (squeeze)\r\n user-mode-linux 2.6.32-1um-4+44\r\n\r\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niQIcBAEBAgAGBQJPq+L0AAoJEBv4PF5U/IZAif4P/37pRiZO/yTy5yZfIUUJFc25\r\nTHOrPGJfioLuFocGgd84+3YdC1tIPR4mFZLJbYWVmpD94x9d13Pdowt5kyaofmye\r\nUYGl6Z5RPYQuwY1W4dFq29wEpcte1kwFXqmiCr14uEx6H0T2FAzvgN9YjTtQCt9t\r\nr/6gkjn0NfzLnhVlER6RjMJGABW1hTUf9lME1urUCD/D8hBJwP5snjCFxjZgbeHt\r\nNNp1vOV7pkj8DTKmSlCpmQFm1QpPM9Ix+4tCvmBG5S2pKDWtQ0O9oZlk0/e9grMU\r\nCDUxtQy95NfSX2vIcHyNv8fwVMjtu6PxsgQPU/x6H7MPcn45Ys8Yf0ztmYilltAc\r\nHNCswIF1hH62DOssX46JlTjcRhtNGOuGEyvzqL0sQyLbJB7xNuqQ7jYpGVyXuWCY\r\nzAyN2OzgTeMoLzly+ZRT/m8lHh58WCXPC5lNtgU0ICxmdwudTEYa1J2HOaCvPWwd\r\nLki/t2c4Zv8Cs0o1BFd1OYwgTetOa2hFxAX61+Hr2TKeIayBgruX/VWZmd/m6S0v\r\nfR+5JwiiRxh7YXLgTOZf+4rBeYHi/XBmcKMOiB/RQYUnq1+kWH46kOowqq2WbaTN\r\nSBFTCxQNI1rwjdJ4YrL5NwOixzCwypp4MYzhw58/+pLsuUfpUqBp88GRkiS2DqNm\r\nrGAnURG2dPbD6A/7UiVE\r\n=ztHh\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-05-14T00:00:00", "published": "2012-05-14T00:00:00", "id": "SECURITYVULNS:DOC:28071", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:28071", "title": "[SECURITY] [DSA 2469-1] linux-2.6 security update", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:21:51", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2123", "CVE-2012-2133", "CVE-2012-1601", "CVE-2011-4086", "CVE-2012-0879"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-2469-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nMay 10, 2012 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : privilege escalation/denial of service\nProblem type : local\nDebian-specific: no\nCVE Id(s) : CVE-2011-4086 CVE-2012-0879 CVE-2012-1601 CVE-2012-2123\n CVE-2012-2133\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service or privilege escalation. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2011-4086\n\n Eric Sandeen reported an issue in the journaling layer for EXT4 filesystems\n (jbd2). Local users can cause buffers to be accessed after they have been\n torn down, resulting in a denial of service (DoS) due to a system crash.\n\nCVE-2012-0879\n\n Louis Rilling reported two reference counting issues in the CLONE_IO\n feature of the kernel. Local users can prevent io context structures\n from being freed, resulting in a denial of service.\n\nCVE-2012-1601\n\n Michael Ellerman reported an issue in the KVM subsystem. Local users could\n cause a denial of service (NULL pointer dereference) by creating VCPUs\n before a call to KVM_CREATE_IRQCHIP.\n\nCVE-2012-2123\n\n Steve Grubb reported in an issue in fcaps, a filesystem-based capabilities\n system. Personality flags set using this mechanism, such as the disabling\n of address space randomization, may persist across suid calls.\n\nCVE-2012-2133\n\n Shachar Raindel discovered a use-after-free bug in the hugepages\n quota implementation. Local users with permission to use hugepages\n via the hugetlbfs implementation may be able to cause a denial of\n service (system crash).\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n2.6.32-44. Updates are currently only available for the amd64, i386 and sparc\nports.\n\nNOTE: Updated linux-2.6 packages will also be made available in the release\nof Debian 6.0.5, scheduled to take place the weekend of 2012.05.12. This\npending update will be version 2.6.32-45, and provides an additional fix for\nbuild failures on some architectures. Users for whom this update is not\ncritical, and who may wish to avoid multiple reboots, should consider waiting\nfor the 6.0.5 release before updating, or installing the 2.6.32-45 version\nahead of time from proposed-updates.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 6.0 (squeeze)\n user-mode-linux 2.6.32-1um-4+44\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2012-05-10T15:56:44", "published": "2012-05-10T15:56:44", "id": "DEBIAN:DSA-2469-1:2DCF0", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00105.html", "title": "[SECURITY] [DSA 2469-1] linux-2.6 security update", "type": "debian", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-02-10T22:00:18", "published": "2012-02-10T22:00:18", "id": "FEDORA:79974217D9", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.2.5-3.fc16", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-06T19:30:15", "published": "2012-03-06T19:30:15", "id": "FEDORA:95DEA218E7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.2.9-1.fc16", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090", "CVE-2012-1097"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-10T21:50:48", "published": "2012-03-10T21:50:48", "id": "FEDORA:79F1D2100D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.2.9-2.fc16", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090", "CVE-2012-1097", "CVE-2012-1146", "CVE-2012-1179"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-17T23:58:43", "published": "2012-03-17T23:58:43", "id": "FEDORA:369FF20D31", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.2.10-3.fc16", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090", "CVE-2012-1097", "CVE-2012-1146", "CVE-2012-1179", "CVE-2012-1568"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-22T01:57:21", "published": "2012-03-22T01:57:21", "id": "FEDORA:412F021715", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.3.0-4.fc16", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:08:46", "bulletinFamily": "unix", "cvelist": ["CVE-2012-2133", "CVE-2011-1083", "CVE-2012-1097", "CVE-2011-4086", "CVE-2012-1090", "CVE-2012-0879", "CVE-2011-4622", "CVE-2012-0045"], "description": "The SUSE Linux Enterprise 11 SP1 kernel have been updated\n to the 2.6.32.59 stable release to fix a lot of bugs and\n security issues.\n\n The following security issues have been fixed:\n\n * CVE-2012-2133: A use after free bug in hugetlb\n support could be used by local attackers to crash the\n system.\n * CVE-2012-1097: A null pointer dereference bug in the\n regsets proc file could be used by local attackers to\n perhaps crash the system. With mmap_min_addr is set and\n enabled, exploitation is unlikely.\n * CVE-2012-0879: A reference counting issue in CLONE_IO\n could be used by local attackers to cause a denial of\n service (out of memory).\n * CVE-2012-1090: A file handle leak in CIFS code could\n be used by local attackers to crash the system.\n * CVE-2011-1083: Large nested epoll chains could be\n used by local attackers to cause a denial of service\n (excessive CPU consumption).\n * CVE-2011-4622: When using KVM, programming a PIT\n timer without a irqchip configuration, can be used to crash\n the kvm guest. This likely can be done only by a privileged\n guest user.\n * CVE-2012-0045: A KVM 32bit guest crash in "syscall"\n opcode handling was fixed that could be caused by local\n attackers.\n * CVE-2011-4086: Fixed a oops in jbd/jbd2 that could be\n caused by specific filesystem access patterns.\n\n The following non-security issues have been fixed:\n\n X86:\n\n * x86: fix the initialization of physnode_map\n (bnc#748112).\n * x86: Allow bootmem reserves at greater than 8G node\n offset within a node (bnc#740895).\n * x86, tsc: Fix SMI induced variation in\n quick_pit_calibrate(). (bnc#751322)\n * x86, efi: Work around broken firmware. (bnc#714507)\n\n BONDING:\n\n * bonding: update speed/duplex for NETDEV_CHANGE\n (bnc#752634).\n * bonding: comparing a u8 with -1 is always false\n (bnc#752634).\n * bonding: start slaves with link down for ARP monitor\n (bnc#752634).\n * bonding: send gratuitous ARP for all addresses\n (bnc#752491).\n\n XFS:\n\n * xfs: Fix excessive inode syncing when project quota\n is exceeded (bnc#756448).\n * xfs: Fix oops on IO error during\n xlog_recover_process_iunlinks() (bnc#716850).\n\n SCSI:\n\n * scsi/ses: Handle non-unique element descriptors\n (bnc#749342, bnc#617344).\n * scsi/sd: mark busy sd majors as allocated\n (bug#744658).\n * scsi: Check for invalid sdev in\n scsi_prep_state_check() (bnc#734300).\n\n MD/RAID:\n\n * md: fix possible corruption of array metadata on\n shutdown.\n * md: ensure changes to write-mostly are reflected in\n metadata (bnc#755178).\n * md: do not set md arrays to readonly on shutdown\n (bnc#740180, bnc#713148, bnc#734900).\n\n XEN:\n\n * smpboot: adjust ordering of operations.\n * x86-64: provide a memset() that can deal with 4Gb or\n above at a time (bnc#738528).\n * blkfront: properly fail packet requests (bnc#745929).\n * Update Xen patches to 2.6.32.57.\n * xenbus: Reject replies with payload >\n XENSTORE_PAYLOAD_MAX.\n * xenbus_dev: add missing error checks to watch\n handling.\n * Refresh other Xen patches (bnc#652942, bnc#668194,\n bnc#688079).\n * fix Xen-specific kABI issue in Linux 2.6.19.\n\n NFS:\n\n * NFSD: Fill in WCC data for REMOVE, RMDIR, MKNOD, and\n MKDIR (bnc#751880).\n * nfs: Include SYNC flag when comparing mount options\n with NOAC flag (bnc#745422).\n * NFS returns EIO for EDQUOT and others (bnc#747028).\n * lockd: fix arg parsing for grace_period and timeout\n (bnc#733761).\n * nfs: allow nfs4leasetime to be set before starting\n servers (bnc#733761).\n * nfs: handle d_revalidate of dot correctly\n (bnc#731809).\n\n S/390:\n\n * ctcmpc: use correct idal word list for ctcmpc\n (bnc#750171,LTC#79264).\n * qeth: synchronize discipline module loading\n (bnc#747430,LTC#78788).\n * qdio: avoid race leading to stall when tolerating CQ\n (bnc#737326,LTC#76599).\n * kernel: no storage key operations for invalid page\n table entries (bnc#737326,LTC#77697).\n\n OTHER:\n\n * tlan: add cast needed for proper 64 bit operation\n (bnc#756840).\n * dl2k: Tighten ioctl permissions (bnc#758813).\n * tg3: Fix RSS ring refill race condition (bnc#757917).\n * usbhid: fix error handling of not enough bandwidth\n (bnc#704280).\n * pagecache limit: Fix the shmem deadlock (bnc#755537).\n * tty_audit: fix tty_audit_add_data live lock on audit\n disabled (bnc#721366).\n * ixgbe: driver sets all WOL flags upon initialization\n so that machine is powered on as soon at it is switched off\n (bnc#693639)\n * PCI: Set device power state to PCI_D0 for device\n without native PM support (bnc#752972).\n * dlm: Do not allocate a fd for peeloff (bnc#729247).\n * sctp: Export sctp_do_peeloff (bnc#729247).\n * epoll: Do not limit non-nested epoll paths\n (bnc#676204).\n * mlx4: Limit MSI-X vector allocation (bnc#624072).\n * mlx4: Changing interrupt scheme (bnc#624072).\n * mlx4_en: Assigning TX irq per ring (bnc#624072).\n * mlx4_en: Restoring RX buffer pointer in case of\n failure (bnc#624072).\n * mlx4_en: using new mlx4 interrupt scheme (bnc#624072).\n * igb: Fix for Alt MAC Address feature on 82580 and\n later devices (bnc#746980).\n * igb: Power down link when interface is down\n (bnc#745699).\n * igb: use correct bits to identify if managability is\n enabled (bnc#743209).\n * intel_agp: Do not oops with zero stolen memory\n (bnc#738679).\n * agp: fix scratch page cleanup (bnc#738679).\n * hugetlb: add generic definition of NUMA_NO_NODE\n (bnc#751844).\n * sched: Fix proc_sched_set_task() (bnc#717994).\n * PM: Print a warning if firmware is requested when\n tasks are frozen (bnc#749886).\n * PM / Sleep: Fix freezer failures due to racy\n usermodehelper_is_disabled() (bnc#749886).\n * PM / Sleep: Fix read_unlock_usermodehelper() call\n (bnc#749886).\n * firmware loader: allow builtin firmware load even if\n usermodehelper is disabled (bnc#749886).\n * PM / Hibernate: Enable usermodehelpers in\n software_resume() error path (bnc#744163).\n * ipv6: Allow inet6_dump_addr() to handle more than 64\n addresses (bnc#748279).\n * ipv6: fix refcnt problem related to POSTDAD state\n (bnc#743619).\n * be2net: change to show correct physical link status\n (bnc#727834).\n * be2net: changes to properly provide phy details\n (bnc#727834).\n * aio: fix race between io_destroy() and io_submit()\n (bnc#747445 bnc#611264).\n * intel-iommu: Check for identity mapping candidate\n using system dma mask (bnc#700449).\n * intel-iommu: Dont cache iova above 32bit (bnc#700449).\n * intel-iommu: Add domain check in\n domain_remove_one_dev_info (bnc#700449).\n * intel-iommu: Provide option to enable 64-bit IOMMU\n pass through mode (bnc#700449).\n * intel-iommu: Remove Host Bridge devices from identity\n mapping (bnc#700449).\n * intel-iommu: Speed up processing of the\n identity_mapping function (bnc#700449).\n * intel-iommu: Use coherent DMA mask when requested\n (bnc#700449).\n * 1: Fix accounting of softirq time when idle\n (bnc#719793).\n * driver-core: fix race between device_register and\n driver_register (bnc#742358).\n * dcache:\n patches.fixes/large-hash-dcache_init-fix.patch: Fix oops\n when initializing large hash on > 16TB machine (bnc#742210).\n * kdump: Save PG_compound or PG_head value in\n VMCOREINFO (bnc#738503).\n * Update config files: disable NET_9P_RDMA (bnc#720374).\n * cdc-wdm: fix race leading leading to memory\n corruption (bnc#759544).\n", "edition": 1, "modified": "2012-05-14T16:08:28", "published": "2012-05-14T16:08:28", "id": "SUSE-SU-2012:0616-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00013.html", "title": "Security update for Linux kernel (important)", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:45:45", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2011-1083", "CVE-2012-1097", "CVE-2011-4127", "CVE-2011-4132", "CVE-2011-2494", "CVE-2011-4086", "CVE-2012-1090", "CVE-2012-1179", "CVE-2012-1146"], "description": "The SUSE Linux Enterprise 11 SP2 kernel has been updated to\n 3.0.26, which fixes a lot of bugs and security issues.\n\n The following security issues have been fixed:\n\n * CVE-2012-1179: A locking problem in transparent\n hugepage support could be used by local attackers to\n potentially crash the host, or via kvm a privileged guest\n user could crash the kvm host system.\n * CVE-2011-4127: A potential hypervisor escape by\n issuing SG_IO commands to partitiondevices was fixed by\n restricting access to these commands.\n * CVE-2012-1146: A local attacker could oops the kernel\n using memory control groups and eventfds.\n * CVE-2011-1083: Limit the path length users can build\n using epoll() to avoid local attackers consuming lots of\n kernel CPU time.\n * CVE-2012-1097: The regset common infrastructure\n assumed that regsets would always have .get and .set\n methods, but necessarily .active methods. Unfortunately\n people have since written regsets without .set method, so\n NULL pointer dereference attacks were possible.\n * CVE-2011-2494: Access to the /proc/pid/taskstats file\n requires root access to avoid side channel (timing\n keypresses etc.) attacks on other users.\n * CVE-2011-4086: Fixed a oops in jbd/jbd2 that could be\n caused by specific filesystem access patterns.\n * CVE-2011-4131: A malicious NFSv4 server could have\n caused a oops in the nfsv4 acl handling.\n * CVE-2011-4132: Fixed a oops in jbd/jbd2 that could be\n caused by mounting a malicious prepared filesystem.\n\n (Also included are all fixes from the 3.0.14 -> 3.0.25\n stable kernel updates.)\n\n The following non-security issues have been fixed:\n\n EFI:\n\n * efivars: add missing parameter to efi_pstore_read().\n\n BTRFS:\n\n * add a few error cleanups.\n * btrfs: handle errors when excluding super extents\n (FATE#306586 bnc#751015).\n * btrfs: Fix missing goto in btrfs_ioctl_clone.\n * btrfs: Fixed mishandled -EAGAIN error case from\n btrfs_split_item (bnc#750459).\n * btrfs: disallow unequal data/metadata blocksize for\n mixed block groups (FATE#306586).\n * btrfs: enhance superblock sanity checks (FATE#306586\n bnc#749651).\n * btrfs: update message levels (FATE#306586).\n * btrfs 3.3-rc6 updates: o avoid setting ->d_op twice\n (FATE#306586 bnc#731387). o btrfs: fix wrong information of\n the directory in the snapshot (FATE#306586). o btrfs: fix\n race in reada (FATE#306586). o btrfs: do not add both\n copies of DUP to reada extent tree (FATE#306586). o btrfs:\n stop silently switching single chunks to raid0 on balance\n (FATE#306586). o btrfs: fix locking issues in\n find_parent_nodes() (FATE#306586). o btrfs: fix casting\n error in scrub reada code (FATE#306586).\n * btrfs sync with upstream up to 3.3-rc5 (FATE#306586)\n * btrfs: Sector Size check during Mount\n * btrfs: avoid positive number with ERR_PTR\n * btrfs: return the internal error unchanged if\n btrfs_get_extent_fiemap() call failed for\n SEEK_DATA/SEEK_HOLE inquiry.\n * btrfs: fix trim 0 bytes after a device delete\n * btrfs: do not check DUP chunks twice\n * btrfs: fix memory leak in load_free_space_cache()\n * btrfs: delalloc for page dirtied out-of-band in fixup\n worker\n * btrfs: fix structs where bitfields and\n spinlock/atomic share 8B word.\n * btrfs: silence warning in raid array setup.\n * btrfs: honor umask when creating subvol root.\n * btrfs: fix return value check of extent_io_ops.\n * btrfs: fix deadlock on page lock when doing\n auto-defragment.\n * btrfs: check return value of lookup_extent_mapping()\n correctly.\n * btrfs: skip states when they does not contain bits to\n clear.\n * btrfs: kick out redundant stuff in convert_extent_bit.\n * btrfs: fix a bug on overcommit stuff.\n * btrfs: be less strict on finding next node in\n clear_extent_bit.\n * btrfs: improve error handling for\n btrfs_insert_dir_item callers.\n * btrfs: make sure we update latest_bdev.\n * btrfs: add extra sanity checks on the path names in\n btrfs_mksubvol.\n * btrfs: clear the extent uptodate bits during parent\n transid failures.\n * btrfs: increase the global block reserve estimates.\n * btrfs: fix compiler warnings on 32 bit systems.\n * Clean up unused code, fix use of error-indicated\n pointer in transaction teardown (bnc#748854).\n * btrfs: fix return value check of extent_io_ops.\n * btrfs: fix deadlock on page lock when doing\n auto-defragment.\n * btrfs: check return value of lookup_extent_mapping()\n correctly.\n * btrfs: skip states when they does not contain bits to\n clear.\n * btrfs: kick out redundant stuff in convert_extent_bit.\n * btrfs: fix a bug on overcommit stuff.\n * btrfs: be less strict on finding next node in\n clear_extent_bit.\n * btrfs: do not reserve data with extents locked in\n btrfs_fallocate.\n * btrfs: avoid positive number with ERR_PTR.\n * btrfs: return the internal error unchanged if\n btrfs_get_extent_fiemap() call failed for\n SEEK_DATA/SEEK_HOLE inquiry.\n * btrfs: fix trim 0 bytes after a device delete.\n * btrfs: do not check DUP chunks twice.\n * btrfs: fix memory leak in load_free_space_cache().\n * btrfs: fix permissions of new subvolume (bnc#746373).\n * btrfs: set ioprio of scrub readahead to idle.\n * fix logic in condition in\n BTRFS_FEATURE_INCOMPAT_MIXED_GROUPS\n * fix incorrect exclusion of superblock from\n blockgroups (bnc#751743)\n *\n patches.suse/btrfs-8059-handle-errors-when-excluding-super-e\n xtents.patch: fix incorrect default value.\n * fix aio/dio bio refcounting bnc#718918.\n * btrfs: fix locking issues in find_parent_nodes()\n * Btrfs: fix casting error in scrub reada code\n *\n patches.suse/btrfs-8059-handle-errors-when-excluding-super-e\n xtents.patch: Fix uninitialized variable.\n * btrfs: handle errors from read_tree_block\n (bnc#748632).\n * btrfs: push-up errors from btrfs_num_copies\n (bnc#748632).\n *\n patches.suse/btrfs-8059-handle-errors-when-excluding-super-e\n xtents.patch: disable due to potential corruptions\n (bnc#751743)\n\n XFS:\n\n * XFS read/write calls do not generate DMAPI events\n (bnc#751885).\n * xfs/dmapi: Remove cached vfsmount (bnc#749417).\n * xfs: Fix oops on IO error during\n xlog_recover_process_iunlinks() (bnc#716850).\n\n NFS:\n\n * nfs: Do not allow multiple mounts on same mountpoint\n when using -o noac (bnc#745422).\n * lockd: fix arg parsing for grace_period and timeout\n (bnc#733761).\n\n MD:\n\n * raid10: Disable recovery when recovery cannot proceed\n (bnc#751171).\n * md/bitmap: ensure to load bitmap when creating via\n sysfs.\n * md: do not set md arrays to readonly on shutdown\n (bnc#740180, bnc#713148, bnc#734900).\n * md: allow last device to be forcibly removed from\n RAID1/RAID10 (bnc#746717).\n * md: allow re-add to failed arrays (bnc#746717).\n * md: Correctly handle read failure from last working\n device in RAID10 (bnc#746717).\n *\n patches.suse/0003-md-raid1-add-failfast-handling-for-writes.\n patch: Refresh to not crash when handling write error on\n FailFast devices. bnc#747159\n * md/raid10: Fix kernel oops during drive failure\n (bnc#750995).\n * patches.suse/md-re-add-to-failed: Update references\n (bnc#746717).\n * md/raid10: handle merge_bvec_fn in member devices.\n * md/raid10 - support resizing some RAID10 arrays.\n\n Hyper-V:\n\n * update hyperv drivers to 3.3-rc7 and move them out of\n staging: hv_timesource -> merged into core kernel hv_vmbus\n -> drivers/hv/hv_vmbus hv_utils -> drivers/hv/hv_utils\n hv_storvsc -> drivers/scsi/hv_storvsc hv_netvsc ->\n drivers/net/hyperv/hv_netvsc hv_mousevsc ->\n drivers/hid/hid-hyperv add compat modalias for hv_mousevsc\n update supported.conf rename all 333 patches, use msft-hv-\n and suse-hv- as prefix\n * net/hyperv: Use netif_tx_disable() instead of\n netif_stop_queue() when necessary.\n * net/hyperv: rx_bytes should account the ether header\n size.\n * net/hyperv: fix the issue that large packets be\n dropped under bridge.\n * net/hyperv: Fix the page buffer when an RNDIS message\n goes beyond page boundary.\n * net/hyperv: fix erroneous NETDEV_TX_BUSY use.\n\n SCSI:\n\n * sd: mark busy sd majors as allocated (bug#744658).\n * st: expand tape driver ability to write immediate\n filemarks (bnc#688996).\n * scsi scan: do not fail scans when host is in recovery\n (bnc#747867).\n\n S/390:\n\n * dasd: Implement block timeout handling (bnc#746717).\n * callhome: fix broken proc interface and activate\n compid (bnc#748862,LTC#79115).\n * ctcmpc: use correct idal word list for ctcmpc\n (bnc#750173,LTC#79264).\n * Fix recovery in case of concurrent asynchronous\n deliveries (bnc#748629,LTC#78309).\n * kernel: 3215 console deadlock (bnc#748629,LTC#78612).\n * qeth: synchronize discipline module loading\n (bnc#748629,LTC#78788).\n * memory hotplug: prevent memory zone interleave\n (bnc#748629,LTC#79113).\n * dasd: fix fixpoint divide exception in define_extent\n (bnc#748629,LTC#79125).\n * kernel: incorrect kernel message tags\n (bnc#744795,LTC#78356).\n * lcs: lcs offline failure (bnc#752484,LTC#79788).\n * qeth: add missing wake_up call (bnc#752484,LTC#79899).\n * dasd: Terminate inactive cqrs correctly (bnc#750995)\n * dasd: detailed I/O errors (bnc#746717).\n * patches.suse/dasd-blk-timeout.patch: Only activate\n blk_timeout for failfast requests (bnc#753617).\n\n ALSA:\n\n * ALSA: hda - Set codec to D3 forcibly even if not used\n (bnc#750426).\n * ALSA: hda - Add Realtek ALC269VC codec support\n (bnc#748827).\n * ALSA: hda/realtek - Apply the coef-setup only to\n ALC269VB (bnc#748827).\n * ALSA: pcm - Export snd_pcm_lib_default_mmap() helper\n (bnc#748384,bnc#738597).\n * ALSA: hda - Add snoop option (bnc#748384,bnc#738597).\n * ALSA: HDA: Add support for new AMD products\n (bnc#748384,bnc#738597).\n * ALSA: hda - Fix audio playback support on HP Zephyr\n system (bnc#749787).\n * ALSA: hda - Fix mute-LED VREF value for new HP\n laptops (bnc#745741).\n\n EXT3:\n\n * enable\n patches.suse/ext3-increase-reservation-window.patch.\n\n DRM:\n\n * drm/i915: Force explicit bpp selection for\n intel_dp_link_required (bnc#749980).\n * drm/i915/dp: Dither down to 6bpc if it makes the mode\n fit (bnc#749980).\n * drm/i915/dp: Read more DPCD registers on connection\n probe (bnc#749980).\n * drm/i915: fixup interlaced bits clearing in PIPECONF\n on PCH_SPLIT (bnc#749980).\n * drm/i915: read full receiver capability field during\n DP hot plug (bnc#749980).\n * drm/intel: Fix initialization if startup happens in\n interlaced mode [v2] (bnc#749980).\n * drm/i915 IVY/SNB fix patches from upstream 3.3-rc5 &\n rc6:\n patches.drivers/drm-i915-Prevent-a-machine-hang-by-checking-\n crtc-act,\n patches.drivers/drm-i915-do-not-enable-RC6p-on-Sandy-Bridge,\n patches.drivers/drm-i915-fix-operator-precedence-when-enabli\n ng-RC6p,\n patches.drivers/drm-i915-gen7-Disable-the-RHWO-optimization-\n as-it-ca,\n patches.drivers/drm-i915-gen7-Implement-an-L3-caching-workar\n ound,\n patches.drivers/drm-i915-gen7-implement-rczunit-workaround,\n patches.drivers/drm-i915-gen7-work-around-a-system-hang-on-I\n VB\n * drm/i915: Clear the TV sense state bits on cantiga to\n make TV detection reliable (bnc#750041).\n * drm/i915: Do not write DSPSURF for old chips\n (bnc#747071).\n * drm: Do not delete DPLL Multiplier during DAC init\n (bnc #728840).\n * drm: Set depth on low mem Radeon cards to 16 instead\n of 8 (bnc #746883).\n *\n patches.drivers/drm-i915-set-AUD_CONFIG_N_index-for-DP:\n Refresh. Updated the patch from the upstream (bnc#722560)\n * Add a few missing drm/i915 fixes from upstream 3.2\n kernel (bnc#744392):\n * drm/i915: Sanitize BIOS debugging bits from PIPECONF\n (bnc#751916).\n * drm/i915: Add lvds_channel module option (bnc#739837).\n * drm/i915: Check VBIOS value for determining LVDS dual\n channel mode, too (bnc#739837).\n * agp: fix scratch page cleanup (bnc#738679).\n * drm/i915: suspend fbdev device around\n suspend/hibernate (bnc#732908).\n\n ACPI:\n\n * supported.conf: Add acpi_ipmi as supported\n (bnc#716971).\n\n MM:\n\n * cpusets: avoid looping when storing to mems_allowed\n if one.\n * cpusets: avoid stall when updating mems_allowed for\n mempolicy.\n * cpuset: mm: Reduce large amounts of memory barrier\n related slowdown.\n * mm: make swapin readahead skip over holes.\n * mm: allow PF_MEMALLOC from softirq context.\n * mm: Ensure processes do not remain throttled under\n memory pressure. (Swap over NFS (fate#304949, bnc#747944).\n * mm: Allow sparsemem usemap allocations for very large\n NUMA nodes (bnc#749049).\n * backing-dev: fix wakeup timer races with\n bdi_unregister() (bnc#741824).\n * readahead: fix pipeline break caused by block plug\n (bnc#746454).\n * Fix uninitialised variable warning and obey the\n [get|put]_mems_allowed API.\n\n CIFS:\n\n * cifs: fix dentry refcount leak when opening a FIFO on\n lookup (CVE-2012-1090 bnc#749569).\n\n USB:\n\n * xhci: Fix encoding for HS bulk/control NAK rate\n (bnc#750402).\n * USB: Fix handoff when BIOS disables host PCI device\n (bnc#747878).\n * USB: Do not fail USB3 probe on missing legacy PCI IRQ\n (bnc#749543).\n * USB: Adding #define in hub_configure() and hcd.c file\n (bnc#714604).\n * USB: remove BKL comments (bnc#714604).\n * xHCI: Adding #define values used for hub descriptor\n (bnc#714604).\n * xHCI: Kick khubd when USB3 resume really completes\n (bnc#714604).\n * xhci: Fix oops caused by more USB2 ports than USB3\n ports (bnc#714604).\n * USB/xhci: Enable remote wakeup for USB3 devices\n (bnc#714604).\n * USB: Suspend functions before putting dev into U3\n (bnc#714604).\n * USB/xHCI: Enable USB 3.0 hub remote wakeup\n (bnc#714604).\n * USB: Refactor hub remote wake handling (bnc#714604).\n * USB/xHCI: Support device-initiated USB 3.0 resume\n (bnc#714604).\n * USB: Set wakeup bits for all children hubs\n (bnc#714604).\n * USB: Turn on auto-suspend for USB 3.0 hubs\n (bnc#714604).\n * USB: Set hub depth after USB3 hub reset (bnc#749115).\n * xhci: Fix USB 3.0 device restart on resume\n (bnc#745867).\n * xhci: Remove scary warnings about transfer issues\n (bnc#745867).\n * xhci: Remove warnings about MSI and MSI-X\n capabilities (bnc#745867).\n\n Other:\n\n * PCI / PCIe: Introduce command line option to disable\n ARI (bnc#742845).\n * PCI: Set device power state to PCI_D0 for device\n without native PM support (bnc#752972).\n\n X86:\n\n * x86/UV: Lower UV rtc clocksource rating (bnc#748456).\n * x86, mce, therm_throt: Do not report power limit and\n package level thermal throttle events in mcelog\n (bnc#745876).\n * x86: Unlock nmi lock after kdb_ipi call (bnc#745424).\n * x86, tsc: Fix SMI induced variation in\n quick_pit_calibrate(). (bnc#751322)\n\n XEN:\n\n * Update Xen patches to 3.0.22.\n * xenbus_dev: add missing error checks to watch\n handling.\n * drivers/xen/: use strlcpy() instead of strncpy().\n * xenoprof: backward compatibility for changed\n XENOPROF_ESCAPE_CODE.\n * blkfront: properly fail packet requests (bnc#745929).\n * Refresh other Xen patches (bnc#732070, bnc#742871).\n * xenbus: do not free other end details too early.\n * blkback: also call blkif_disconnect() when frontend\n switched to closed.\n * gnttab: add deferred freeing logic.\n * blkback: failure to write "feature-barrier" node is\n non-fatal.\n\n Infiniband:\n\n * RDMA/cxgb4: Make sure flush CQ entries are collected\n on connection close (bnc#721587).\n * RDMA/cxgb4: Serialize calls to CQs comp_handler\n (bnc#721587).\n * mlx4_en: Assigning TX irq per ring (bnc#624072).\n\n Bluetooth:\n\n * Bluetooth: Add Atheros AR3012 Maryann PID/VID\n supported in ath3k (bnc#732296).\n * Bluetooth: btusb: fix bInterval for high/super speed\n isochronous endpoints (bnc#754052).\n\n SCTP:\n\n * dlm: Do not allocate a fd for peeloff (bnc#729247).\n * sctp: Export sctp_do_peeloff (bnc#729247).\n\n Other:\n\n * qlge: Removing needless prints which are not\n (bnc#718863).\n * ibft: Fix finding IBFT ACPI table on UEFI\n (bnc#746579).\n * proc: Consider NO_HZ when printing idle and iowait\n times (bnc#705551).\n * procfs: do not confuse jiffies with cputime64_t\n (bnc#705551).\n * procfs: do not overflow get_{idle,iowait}_time for\n nohz (bnc#705551).\n * bfa: Do not return DID_ABORT on failure (bnc#745400).\n * epoll: Do not limit non-nested epoll paths\n (bnc#676204).\n * Bridge: Always send NETDEV_CHANGEADDR up on br MAC\n change (bnc#752408).\n * hp_accel: Ignore the error from lis3lv02d_poweron()\n at resume (bnc#751903).\n * watchdog: make sure the watchdog thread gets CPU on\n loaded system (bnc#738583).\n", "edition": 1, "modified": "2012-04-23T22:08:26", "published": "2012-04-23T22:08:26", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00021.html", "id": "SUSE-SU-2012:0554-1", "title": "Security update for Linux kernel (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:57:27", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2011-1083", "CVE-2012-1097", "CVE-2011-4127", "CVE-2011-4132", "CVE-2011-2494", "CVE-2011-4086", "CVE-2012-1090", "CVE-2012-1179", "CVE-2012-1146"], "description": "The SUSE Linux Enterprise 11 SP2 kernel was updated to\n 3.0.26, fixing lots of bugs and security issues.\n\n Following security issues were fixed: CVE-2012-1179: A\n locking problem in transparent hugepage support could be\n used by local attackers to potentially crash the host, or\n via kvm a privileged guest user could crash the kvm host\n system.\n\n CVE-2011-4127: A potential hypervisor escape by issuing\n SG_IO commands to partitiondevices was fixed by restricting\n access to these commands.\n\n CVE-2012-1146: A local attacker could oops the kernel using\n memory control groups and eventfds.\n\n CVE-2011-1083: Limit the path length users can build using\n epoll() to avoid local attackers consuming lots of kernel\n CPU time.\n\n CVE-2012-1097: The regset common infrastructure assumed\n that regsets would always have .get and .set methods, but\n necessarily .active methods. Unfortunately people have\n since written regsets without .set method, so NULL pointer\n dereference attacks were possible.\n\n CVE-2011-2494: Access to the /proc/pid/taskstats file\n requires root access to avoid side channel (timing\n keypresses etc.) attacks on other users.\n\n CVE-2011-4086: Fixed a oops in jbd/jbd2 that could be\n caused by specific filesystem access patterns.\n\n CVE-2011-4131: A malicious NFSv4 server could have caused a\n oops in the nfsv4 acl handling.\n\n CVE-2011-4132: Fixed a oops in jbd/jbd2 that could be\n caused by mounting a malicious prepared filesystem.\n\n (Also included all fixes from the 3.0.14 -> 3.0.25 stable\n kernel updates.)\n\n Following non-security issues were fixed:\n - efivars: add missing parameter to efi_pstore_read().\n\n BTRFS:\n - add a few error cleanups.\n - btrfs: handle errors when excluding super extents\n (FATE#306586 bnc#751015).\n - btrfs: Fix missing goto in btrfs_ioctl_clone.\n - btrfs: Fixed mishandled -EAGAIN error case from\n btrfs_split_item (bnc#750459).\n - btrfs: disallow unequal data/metadata blocksize for mixed\n block groups (FATE#306586).\n - btrfs: enhance superblock sanity checks (FATE#306586\n bnc#749651).\n - btrfs: update message levels (FATE#306586).\n\n - btrfs 3.3-rc6 updates:\n - avoid setting ->d_op twice (FATE#306586 bnc#731387).\n - btrfs: fix wrong information of the directory in the\n snapshot (FATE#306586).\n - btrfs: fix race in reada (FATE#306586).\n - btrfs: do not add both copies of DUP to reada extent tree\n (FATE#306586).\n - btrfs: stop silently switching single chunks to raid0 on\n balance (FATE#306586).\n - btrfs: fix locking issues in find_parent_nodes()\n (FATE#306586).\n - btrfs: fix casting error in scrub reada code\n (FATE#306586).\n\n - btrfs sync with upstream up to 3.3-rc5 (FATE#306586)\n - btrfs: Sector Size check during Mount\n - btrfs: avoid positive number with ERR_PTR\n - btrfs: return the internal error unchanged if\n btrfs_get_extent_fiemap() call failed for\n SEEK_DATA/SEEK_HOLE inquiry.\n - btrfs: fix trim 0 bytes after a device delete\n - btrfs: do not check DUP chunks twice\n - btrfs: fix memory leak in load_free_space_cache()\n - btrfs: delalloc for page dirtied out-of-band in fixup\n worker\n - btrfs: fix structs where bitfields and spinlock/atomic\n share 8B word.\n - btrfs: silence warning in raid array setup.\n - btrfs: honor umask when creating subvol root.\n - btrfs: fix return value check of extent_io_ops.\n - btrfs: fix deadlock on page lock when doing\n auto-defragment.\n - btrfs: check return value of lookup_extent_mapping()\n correctly.\n - btrfs: skip states when they does not contain bits to\n clear.\n - btrfs: kick out redundant stuff in convert_extent_bit.\n - btrfs: fix a bug on overcommit stuff.\n - btrfs: be less strict on finding next node in\n clear_extent_bit.\n - btrfs: improve error handling for btrfs_insert_dir_item\n callers.\n - btrfs: make sure we update latest_bdev.\n - btrfs: add extra sanity checks on the path names in\n btrfs_mksubvol.\n - btrfs: clear the extent uptodate bits during parent\n transid failures.\n - btrfs: increase the global block reserve estimates.\n - btrfs: fix compiler warnings on 32 bit systems.\n - Clean up unused code, fix use of error-indicated pointer\n in transaction teardown (bnc#748854).\n - btrfs: fix return value check of extent_io_ops.\n - btrfs: fix deadlock on page lock when doing\n auto-defragment.\n - btrfs: check return value of lookup_extent_mapping()\n correctly.\n - btrfs: skip states when they does not contain bits to\n clear.\n - btrfs: kick out redundant stuff in convert_extent_bit.\n - btrfs: fix a bug on overcommit stuff.\n - btrfs: be less strict on finding next node in\n clear_extent_bit.\n - btrfs: do not reserve data with extents locked in\n btrfs_fallocate.\n - btrfs: avoid positive number with ERR_PTR.\n - btrfs: return the internal error unchanged if\n btrfs_get_extent_fiemap() call failed for\n SEEK_DATA/SEEK_HOLE inquiry.\n - btrfs: fix trim 0 bytes after a device delete.\n - btrfs: do not check DUP chunks twice.\n - btrfs: fix memory leak in load_free_space_cache().\n - btrfs: fix permissions of new subvolume (bnc#746373).\n - btrfs: set ioprio of scrub readahead to idle.\n - fix logic in condition in\n BTRFS_FEATURE_INCOMPAT_MIXED_GROUPS\n - fix incorrect exclusion of superblock from blockgroups\n (bnc#751743)\n -\n patches.suse/btrfs-8059-handle-errors-when-excluding-super-e\n xtents.patch: fix incorrect default value.\n - fix aio/dio bio refcounting bnc#718918.\n - btrfs: fix locking issues in find_parent_nodes()\n - Btrfs: fix casting error in scrub reada code\n -\n patches.suse/btrfs-8059-handle-errors-when-excluding-super-e\n xtents.patch: Fix uninitialized variable.\n - btrfs: handle errors from read_tree_block (bnc#748632).\n - btrfs: push-up errors from btrfs_num_copies (bnc#748632).\n -\n patches.suse/btrfs-8059-handle-errors-when-excluding-super-e\n xtents.patch: disable due to potential corruptions\n (bnc#751743)\n\n XFS:\n - XFS read/write calls do not generate DMAPI events\n (bnc#751885).\n - xfs/dmapi: Remove cached vfsmount (bnc#749417).\n - xfs: Fix oops on IO error during\n xlog_recover_process_iunlinks() (bnc#716850).\n\n NFS:\n - nfs: Do not allow multiple mounts on same mountpoint when\n using -o noac (bnc#745422).\n - lockd: fix arg parsing for grace_period and timeout\n (bnc#733761).\n\n MD:\n - raid10: Disable recovery when recovery cannot proceed\n (bnc#751171).\n - md/bitmap: ensure to load bitmap when creating via sysfs.\n - md: do not set md arrays to readonly on shutdown\n (bnc#740180, bnc#713148, bnc#734900).\n - md: allow last device to be forcibly removed from\n RAID1/RAID10 (bnc#746717).\n - md: allow re-add to failed arrays (bnc#746717).\n - md: Correctly handle read failure from last working\n device in RAID10 (bnc#746717).\n -\n patches.suse/0003-md-raid1-add-failfast-handling-for-writes.\n patch: Refresh to not crash when handling write error on\n FailFast devices. bnc#747159\n - md/raid10: Fix kernel oops during drive failure\n (bnc#750995).\n - patches.suse/md-re-add-to-failed: Update references\n (bnc#746717).\n - md/raid10: handle merge_bvec_fn in member devices.\n - md/raid10 - support resizing some RAID10 arrays.\n\n\n Hyper-V:\n - update hyperv drivers to 3.3-rc7 and move them out of\n staging: hv_timesource -> merged into core kernel\n hv_vmbus -> drivers/hv/hv_vmbus hv_utils ->\n drivers/hv/hv_utils hv_storvsc -> drivers/scsi/hv_storvsc\n hv_netvsc -> drivers/net/hyperv/hv_netvsc hv_mousevsc ->\n drivers/hid/hid-hyperv add compat modalias for\n hv_mousevsc update supported.conf rename all 333 patches,\n use msft-hv- and suse-hv- as prefix\n - net/hyperv: Use netif_tx_disable() instead of\n netif_stop_queue() when necessary.\n - net/hyperv: rx_bytes should account the ether header size.\n - net/hyperv: fix the issue that large packets be dropped\n under bridge.\n - net/hyperv: Fix the page buffer when an RNDIS message\n goes beyond page boundary.\n - net/hyperv: fix erroneous NETDEV_TX_BUSY use.\n\n\n SCSI:\n - sd: mark busy sd majors as allocated (bug#744658).\n - st: expand tape driver ability to write immediate\n filemarks (bnc#688996).\n - scsi scan: do not fail scans when host is in recovery\n (bnc#747867).\n\n S/390:\n - dasd: Implement block timeout handling (bnc#746717).\n - callhome: fix broken proc interface and activate compid\n (bnc#748862,LTC#79115).\n - ctcmpc: use correct idal word list for ctcmpc\n (bnc#750173,LTC#79264).\n - Fix recovery in case of concurrent asynchronous\n deliveries (bnc#748629,LTC#78309).\n - kernel: 3215 console deadlock (bnc#748629,LTC#78612).\n - qeth: synchronize discipline module loading\n (bnc#748629,LTC#78788).\n - memory hotplug: prevent memory zone interleave\n (bnc#748629,LTC#79113).\n - dasd: fix fixpoint divide exception in define_extent\n (bnc#748629,LTC#79125).\n - kernel: incorrect kernel message tags\n (bnc#744795,LTC#78356).\n - lcs: lcs offline failure (bnc#752484,LTC#79788).\n - qeth: add missing wake_up call (bnc#752484,LTC#79899).\n - dasd: Terminate inactive cqrs correctly (bnc#750995)\n - dasd: detailed I/O errors (bnc#746717).\n - patches.suse/dasd-blk-timeout.patch: Only activate\n blk_timeout for failfast requests (bnc#753617).\n\n ALSA:\n - ALSA: hda - Set codec to D3 forcibly even if not used\n (bnc#750426).\n - ALSA: hda - Add Realtek ALC269VC codec support\n (bnc#748827).\n - ALSA: hda/realtek - Apply the coef-setup only to ALC269VB\n (bnc#748827).\n - ALSA: pcm - Export snd_pcm_lib_default_mmap() helper\n (bnc#748384,bnc#738597).\n - ALSA: hda - Add snoop option (bnc#748384,bnc#738597).\n - ALSA: HDA: Add support for new AMD products\n (bnc#748384,bnc#738597).\n - ALSA: hda - Fix audio playback support on HP Zephyr\n system (bnc#749787).\n - ALSA: hda - Fix mute-LED VREF value for new HP laptops\n (bnc#745741).\n\n EXT3:\n - enable\n patches.suse/ext3-increase-reservation-window.patch.\n\n DRM:\n - drm/i915: Force explicit bpp selection for\n intel_dp_link_required (bnc#749980).\n - drm/i915/dp: Dither down to 6bpc if it makes the mode fit\n (bnc#749980).\n - drm/i915/dp: Read more DPCD registers on connection probe\n (bnc#749980).\n - drm/i915: fixup interlaced bits clearing in PIPECONF on\n PCH_SPLIT (bnc#749980).\n - drm/i915: read full receiver capability field during DP\n hot plug (bnc#749980).\n - drm/intel: Fix initialization if startup happens in\n interlaced mode [v2] (bnc#749980).\n - drm/i915 IVY/SNB fix patches from upstream 3.3-rc5 & rc6:\n patches.drivers/drm-i915-Prevent-a-machine-hang-by-checking-\n crtc-act,\n patches.drivers/drm-i915-do-not-enable-RC6p-on-Sandy-Bridge,\n patches.drivers/drm-i915-fix-operator-precedence-when-enabli\n ng-RC6p,\n patches.drivers/drm-i915-gen7-Disable-the-RHWO-optimization-\n as-it-ca,\n patches.drivers/drm-i915-gen7-Implement-an-L3-caching-workar\n ound,\n patches.drivers/drm-i915-gen7-implement-rczunit-workaround,\n patches.drivers/drm-i915-gen7-work-around-a-system-hang-on-I\n VB\n - drm/i915: Clear the TV sense state bits on cantiga to\n make TV detection reliable (bnc#750041).\n - drm/i915: Do not write DSPSURF for old chips (bnc#747071).\n - drm: Do not delete DPLL Multiplier during DAC init (bnc\n #728840).\n - drm: Set depth on low mem Radeon cards to 16 instead of 8\n (bnc #746883).\n - patches.drivers/drm-i915-set-AUD_CONFIG_N_index-for-DP:\n Refresh. Updated the patch from the upstream (bnc#722560)\n - Add a few missing drm/i915 fixes from upstream 3.2 kernel\n (bnc#744392):\n - drm/i915: Sanitize BIOS debugging bits from PIPECONF\n (bnc#751916).\n - drm/i915: Add lvds_channel module option (bnc#739837).\n - drm/i915: Check VBIOS value for determining LVDS dual\n channel mode, too (bnc#739837).\n - agp: fix scratch page cleanup (bnc#738679).\n - drm/i915: suspend fbdev device around suspend/hibernate\n (bnc#732908).\n\n ACPI:\n - supported.conf: Add acpi_ipmi as supported (bnc#716971).\n\n MM:\n - cpusets: avoid looping when storing to mems_allowed if\n one.\n - cpusets: avoid stall when updating mems_allowed for\n mempolicy.\n - cpuset: mm: Reduce large amounts of memory barrier\n related slowdown.\n - mm: make swapin readahead skip over holes.\n - mm: allow PF_MEMALLOC from softirq context.\n - mm: Ensure processes do not remain throttled under memory\n pressure. (Swap over NFS (fate#304949, bnc#747944).\n - mm: Allow sparsemem usemap allocations for very large\n NUMA nodes (bnc#749049).\n - backing-dev: fix wakeup timer races with bdi_unregister()\n (bnc#741824).\n - readahead: fix pipeline break caused by block plug\n (bnc#746454).\n - Fix uninitialised variable warning and obey the\n [get|put]_mems_allowed API.\n\n CIFS:\n - cifs: fix dentry refcount leak when opening a FIFO on\n lookup (CVE-2012-1090 bnc#749569).\n\n USB:\n - xhci: Fix encoding for HS bulk/control NAK rate\n (bnc#750402).\n - USB: Fix handoff when BIOS disables host PCI device\n (bnc#747878).\n - USB: Do not fail USB3 probe on missing legacy PCI IRQ\n (bnc#749543).\n - USB: Adding #define in hub_configure() and hcd.c file\n (bnc#714604).\n - USB: remove BKL comments (bnc#714604).\n - xHCI: Adding #define values used for hub descriptor\n (bnc#714604).\n - xHCI: Kick khubd when USB3 resume really completes\n (bnc#714604).\n - xhci: Fix oops caused by more USB2 ports than USB3 ports\n (bnc#714604).\n - USB/xhci: Enable remote wakeup for USB3 devices\n (bnc#714604).\n - USB: Suspend functions before putting dev into U3\n (bnc#714604).\n - USB/xHCI: Enable USB 3.0 hub remote wakeup (bnc#714604).\n - USB: Refactor hub remote wake handling (bnc#714604).\n - USB/xHCI: Support device-initiated USB 3.0 resume\n (bnc#714604).\n - USB: Set wakeup bits for all children hubs (bnc#714604).\n - USB: Turn on auto-suspend for USB 3.0 hubs (bnc#714604).\n - USB: Set hub depth after USB3 hub reset (bnc#749115).\n - xhci: Fix USB 3.0 device restart on resume (bnc#745867).\n - xhci: Remove scary warnings about transfer issues\n (bnc#745867).\n - xhci: Remove warnings about MSI and MSI-X capabilities\n (bnc#745867).\n\n Other:\n - PCI / PCIe: Introduce command line option to disable ARI\n (bnc#742845).\n - PCI: Set device power state to PCI_D0 for device without\n native PM support (bnc#752972).\n\n X86:\n - x86/UV: Lower UV rtc clocksource rating (bnc#748456).\n - x86, mce, therm_throt: Do not report power limit and\n package level thermal throttle events in mcelog\n (bnc#745876).\n - x86: Unlock nmi lock after kdb_ipi call (bnc#745424).\n - x86, tsc: Fix SMI induced variation in\n quick_pit_calibrate(). (bnc#751322)\n\n XEN:\n - Update Xen patches to 3.0.22.\n - xenbus_dev: add missing error checks to watch handling.\n - drivers/xen/: use strlcpy() instead of strncpy().\n - xenoprof: backward compatibility for changed\n XENOPROF_ESCAPE_CODE.\n - blkfront: properly fail packet requests (bnc#745929).\n - Refresh other Xen patches (bnc#732070, bnc#742871).\n - xenbus: do not free other end details too early.\n - blkback: also call blkif_disconnect() when frontend\n switched to closed.\n - gnttab: add deferred freeing logic.\n - blkback: failure to write "feature-barrier" node is\n non-fatal.\n\n Infiniband:\n - RDMA/cxgb4: Make sure flush CQ entries are collected on\n connection close (bnc#721587).\n - RDMA/cxgb4: Serialize calls to CQs comp_handler\n (bnc#721587).\n - mlx4_en: Assigning TX irq per ring (bnc#624072).\n\n Bluetooth:\n - Bluetooth: Add Atheros AR3012 Maryann PID/VID supported\n in ath3k (bnc#732296).\n - Bluetooth: btusb: fix bInterval for high/super speed\n isochronous endpoints (bnc#754052).\n\n SCTP:\n - dlm: Do not allocate a fd for peeloff (bnc#729247).\n - sctp: Export sctp_do_peeloff (bnc#729247).\n\n Other:\n - qlge: Removing needless prints which are not (bnc#718863).\n - ibft: Fix finding IBFT ACPI table on UEFI (bnc#746579).\n - proc: Consider NO_HZ when printing idle and iowait times\n (bnc#705551).\n - procfs: do not confuse jiffies with cputime64_t\n (bnc#705551).\n - procfs: do not overflow get_{idle,iowait}_time for nohz\n (bnc#705551).\n - bfa: Do not return DID_ABORT on failure (bnc#745400).\n - epoll: Do not limit non-nested epoll paths (bnc#676204).\n - Bridge: Always send NETDEV_CHANGEADDR up on br MAC change\n (bnc#752408).\n - hp_accel: Ignore the error from lis3lv02d_poweron() at\n resume (bnc#751903).\n - watchdog: make sure the watchdog thread gets CPU on\n loaded system (bnc#738583).\n\n", "edition": 1, "modified": "2012-04-26T20:08:43", "published": "2012-04-26T20:08:43", "href": "http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00022.html", "id": "SUSE-SU-2012:0554-2", "title": "kernel update for SLE11 SP2 (important)", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
