ID OPENVAS:1361412562310840704 Type openvas Reporter Copyright (c) 2011 Greenbone Networks GmbH Modified 2019-03-13T00:00:00
Description
Ubuntu Update for Linux kernel vulnerabilities USN-1168-1
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_1168_1.nasl 14132 2019-03-13 09:25:59Z cfischer $
#
# Ubuntu Update for linux USN-1168-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_xref(name:"URL", value:"http://www.ubuntu.com/usn/usn-1168-1/");
script_oid("1.3.6.1.4.1.25623.1.0.840704");
script_version("$Revision: 14132 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $");
script_tag(name:"creation_date", value:"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_xref(name:"USN", value:"1168-1");
script_cve_id("CVE-2011-1017", "CVE-2011-1090", "CVE-2011-1163", "CVE-2011-1494", "CVE-2011-1495", "CVE-2011-1593", "CVE-2011-1598", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-2022", "CVE-2011-1746", "CVE-2011-1747", "CVE-2011-1770");
script_name("Ubuntu Update for linux USN-1168-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2011 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU10\.04 LTS");
script_tag(name:"summary", value:"Ubuntu Update for Linux kernel vulnerabilities USN-1168-1");
script_tag(name:"affected", value:"linux on Ubuntu 10.04 LTS");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_tag(name:"insight", value:"Timo Warns discovered that the LDM disk partition handling code did not
correctly handle certain values. By inserting a specially crafted disk
device, a local attacker could exploit this to gain root privileges.
(CVE-2011-1017)
Neil Horman discovered that NFSv4 did not correctly handle certain orders
of operation with ACL data. A remote attacker with access to an NFSv4 mount
could exploit this to crash the system, leading to a denial of service.
(CVE-2011-1090)
Timo Warns discovered that OSF partition parsing routines did not correctly
clear memory. A local attacker with physical access could plug in a
specially crafted block device to read kernel memory, leading to a loss of
privacy. (CVE-2011-1163)
Dan Rosenberg discovered that MPT devices did not correctly validate
certain values in ioctl calls. If these drivers were loaded, a local
attacker could exploit this to read arbitrary kernel memory, leading to a
loss of privacy. (CVE-2011-1494, CVE-2011-1495)
Tavis Ormandy discovered that the pidmap function did not correctly handle
large requests. A local attacker could exploit this to crash the system,
leading to a denial of service. (CVE-2011-1593)
Oliver Hartkopp and Dave Jones discovered that the CAN network driver did
not correctly validate certain socket structures. If this driver was
loaded, a local attacker could crash the system, leading to a denial of
service. (CVE-2011-1598, CVE-2011-1748)
Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl
values. A local attacker with access to the video subsystem could exploit
this to crash the system, leading to a denial of service, or possibly gain
root privileges. (CVE-2011-1745, CVE-2011-2022)
Vasiliy Kulikov discovered that the AGP driver did not check the size of
certain memory allocations. A local attacker with access to the video
subsystem could exploit this to run the system out of memory, leading to a
denial of service. (CVE-2011-1746, CVE-2011-1747)
Dan Rosenberg discovered that the DCCP stack did not correctly handle
certain packet structures. A remote attacker could exploit this to crash
the system, leading to a denial of service. (CVE-2011-1770)");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "UBUNTU10.04 LTS")
{
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-386", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-generic", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-generic-pae", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-ia64", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-lpia", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-powerpc", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-powerpc-smp", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-powerpc64-smp", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-preempt", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-server", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-sparc64", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-sparc64-smp", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-versatile", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.32-33-virtual", ver:"2.6.32-33.70", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310840704", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for linux USN-1168-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1168-1", "published": "2011-07-18T00:00:00", "modified": "2019-03-13T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840704", "reporter": "Copyright (c) 2011 Greenbone Networks GmbH", "references": ["1168-1", "http://www.ubuntu.com/usn/usn-1168-1/"], "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1598", "CVE-2011-2022", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-1090"], "lastseen": "2019-05-29T18:39:25", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:840700", "OPENVAS:840716", "OPENVAS:1361412562310122152", "OPENVAS:1361412562310840696", "OPENVAS:1361412562310840716", "OPENVAS:840696", "OPENVAS:840698", "OPENVAS:1361412562310840700", "OPENVAS:840704", "OPENVAS:1361412562310840698"]}, {"type": "nessus", "idList": ["SUSE_KERNEL-7666.NASL", "UBUNTU_USN-1168-1.NASL", "ORACLELINUX_ELSA-2011-2019.NASL", "UBUNTU_USN-1183-1.NASL", "UBUNTU_USN-1161-1.NASL", "FEDORA_2011-6541.NASL", "REDHAT-RHSA-2011-0836.NASL", "UBUNTU_USN-1170-1.NASL", "ORACLELINUX_ELSA-2011-0836.NASL", "SUSE_KERNEL-7665.NASL"]}, {"type": "ubuntu", "idList": ["USN-1168-1", "USN-1159-1", "USN-1183-1", "USN-1161-1", "USN-1162-1", "USN-1167-1", "USN-1212-1", "USN-1170-1"]}, {"type": "cve", "idList": ["CVE-2011-1598", "CVE-2011-1770", "CVE-2011-1748", "CVE-2011-1747", "CVE-2011-2022", "CVE-2011-1163", "CVE-2011-1495", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1745"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-0836", "ELSA-2011-2016", "ELSA-2011-2019"]}, {"type": "suse", "idList": ["SUSE-SU-2011:1058-1", "SUSE-SU-2011:0832-1", "SUSE-SU-2011:0899-1", "SUSE-SA:2011:031", "SUSE-SA:2011:040", "SUSE-SA:2011:034"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26416", "SECURITYVULNS:VULN:11656"]}, {"type": "redhat", "idList": ["RHSA-2011:1253", "RHSA-2011:0836"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2264-1:87A7B", "DEBIAN:DSA-2240-1:38C7A"]}, {"type": "fedora", "idList": ["FEDORA:13309110B4E", "FEDORA:8785411086D", "FEDORA:7AE2C1106A7"]}], "modified": "2019-05-29T18:39:25", "rev": 2}, "score": {"value": 7.7, "vector": "NONE", "modified": "2019-05-29T18:39:25", "rev": 2}, "vulnersScore": 7.7}, "pluginID": "1361412562310840704", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1168_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1168-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1168-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840704\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1168-1\");\n script_cve_id(\"CVE-2011-1017\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1770\");\n script_name(\"Ubuntu Update for linux USN-1168-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1168-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Timo Warns discovered that the LDM disk partition handling code did not\n correctly handle certain values. By inserting a specially crafted disk\n device, a local attacker could exploit this to gain root privileges.\n (CVE-2011-1017)\n\n Neil Horman discovered that NFSv4 did not correctly handle certain orders\n of operation with ACL data. A remote attacker with access to an NFSv4 mount\n could exploit this to crash the system, leading to a denial of service.\n (CVE-2011-1090)\n\n Timo Warns discovered that OSF partition parsing routines did not correctly\n clear memory. A local attacker with physical access could plug in a\n specially crafted block device to read kernel memory, leading to a loss of\n privacy. (CVE-2011-1163)\n\n Dan Rosenberg discovered that MPT devices did not correctly validate\n certain values in ioctl calls. If these drivers were loaded, a local\n attacker could exploit this to read arbitrary kernel memory, leading to a\n loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\n Tavis Ormandy discovered that the pidmap function did not correctly handle\n large requests. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2011-1593)\n\n Oliver Hartkopp and Dave Jones discovered that the CAN network driver did\n not correctly validate certain socket structures. If this driver was\n loaded, a local attacker could crash the system, leading to a denial of\n service. (CVE-2011-1598, CVE-2011-1748)\n\n Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl\n values. A local attacker with access to the video subsystem could exploit\n this to crash the system, leading to a denial of service, or possibly gain\n root privileges. (CVE-2011-1745, CVE-2011-2022)\n\n Vasiliy Kulikov discovered that the AGP driver did not check the size of\n certain memory allocations. A local attacker with access to the video\n subsystem could exploit this to run the system out of memory, leading to a\n denial of service. (CVE-2011-1746, CVE-2011-1747)\n\n Dan Rosenberg discovered that the DCCP stack did not correctly handle\n certain packet structures. A remote attacker could exploit this to crash\n the system, leading to a denial of service. (CVE-2011-1770)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-386\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-generic\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-generic-pae\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-ia64\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-lpia\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-powerpc\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-powerpc-smp\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-powerpc64-smp\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-preempt\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-server\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-sparc64\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-sparc64-smp\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-versatile\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-virtual\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}
{"openvas": [{"lastseen": "2017-12-04T11:27:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1598", "CVE-2011-2022", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-1090"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1168-1", "modified": "2017-12-01T00:00:00", "published": "2011-07-18T00:00:00", "id": "OPENVAS:840704", "href": "http://plugins.openvas.org/nasl.php?oid=840704", "type": "openvas", "title": "Ubuntu Update for linux USN-1168-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1168_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux USN-1168-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Timo Warns discovered that the LDM disk partition handling code did not\n correctly handle certain values. By inserting a specially crafted disk\n device, a local attacker could exploit this to gain root privileges.\n (CVE-2011-1017)\n\n Neil Horman discovered that NFSv4 did not correctly handle certain orders\n of operation with ACL data. A remote attacker with access to an NFSv4 mount\n could exploit this to crash the system, leading to a denial of service.\n (CVE-2011-1090)\n \n Timo Warns discovered that OSF partition parsing routines did not correctly\n clear memory. A local attacker with physical access could plug in a\n specially crafted block device to read kernel memory, leading to a loss of\n privacy. (CVE-2011-1163)\n \n Dan Rosenberg discovered that MPT devices did not correctly validate\n certain values in ioctl calls. If these drivers were loaded, a local\n attacker could exploit this to read arbitrary kernel memory, leading to a\n loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n \n Tavis Ormandy discovered that the pidmap function did not correctly handle\n large requests. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2011-1593)\n \n Oliver Hartkopp and Dave Jones discovered that the CAN network driver did\n not correctly validate certain socket structures. If this driver was\n loaded, a local attacker could crash the system, leading to a denial of\n service. (CVE-2011-1598, CVE-2011-1748)\n \n Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl\n values. A local attacker with access to the video subsystem could exploit\n this to crash the system, leading to a denial of service, or possibly gain\n root privileges. (CVE-2011-1745, CVE-2011-2022)\n \n Vasiliy Kulikov discovered that the AGP driver did not check the size of\n certain memory allocations. A local attacker with access to the video\n subsystem could exploit this to run the system out of memory, leading to a\n denial of service. (CVE-2011-1746, CVE-2011-1747)\n \n Dan Rosenberg discovered that the DCCP stack did not correctly handle\n certain packet structures. A remote attacker could exploit this to crash\n the system, leading to a denial of service. (CVE-2011-1770)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1168-1\";\ntag_affected = \"linux on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1168-1/\");\n script_id(840704);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1168-1\");\n script_cve_id(\"CVE-2011-1017\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1770\");\n script_name(\"Ubuntu Update for linux USN-1168-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-386\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-generic\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-generic-pae\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-ia64\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-lpia\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-powerpc\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-powerpc-smp\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-powerpc64-smp\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-preempt\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-server\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-sparc64\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-sparc64-smp\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-versatile\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-33-virtual\", ver:\"2.6.32-33.70\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:27:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2010-3881", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1598", "CVE-2011-2022", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-1090"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1161-1", "modified": "2017-12-01T00:00:00", "published": "2011-07-18T00:00:00", "id": "OPENVAS:840698", "href": "http://plugins.openvas.org/nasl.php?oid=840698", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-1161-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1161_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-ec2 USN-1161-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local\n attacker could exploit this to read portions of the kernel stack, leading\n to a loss of privacy. (CVE-2010-3881)\n\n Timo Warns discovered that the LDM disk partition handling code did not\n correctly handle certain values. By inserting a specially crafted disk\n device, a local attacker could exploit this to gain root privileges.\n (CVE-2011-1017)\n \n Neil Horman discovered that NFSv4 did not correctly handle certain orders\n of operation with ACL data. A remote attacker with access to an NFSv4 mount\n could exploit this to crash the system, leading to a denial of service.\n (CVE-2011-1090)\n \n Timo Warns discovered that OSF partition parsing routines did not correctly\n clear memory. A local attacker with physical access could plug in a\n specially crafted block device to read kernel memory, leading to a loss of\n privacy. (CVE-2011-1163)\n \n Dan Rosenberg discovered that MPT devices did not correctly validate\n certain values in ioctl calls. If these drivers were loaded, a local\n attacker could exploit this to read arbitrary kernel memory, leading to a\n loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n \n Tavis Ormandy discovered that the pidmap function did not correctly handle\n large requests. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2011-1593)\n \n Oliver Hartkopp and Dave Jones discovered that the CAN network driver did\n not correctly validate certain socket structures. If this driver was\n loaded, a local attacker could crash the system, leading to a denial of\n service. (CVE-2011-1598, CVE-2011-1748)\n \n Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl\n values. A local attacker with access to the video subsystem could exploit\n this to crash the system, leading to a denial of service, or possibly gain\n root privileges. (CVE-2011-1745, CVE-2011-2022)\n \n Vasiliy Kulikov discovered that the AGP driver did not check the size of\n certain memory allocations. A local attacker with access to the video\n subsystem could exploit this to run the system out of memory, leading to a\n denial of service. (CVE-2011-1746, CVE-2011-1747)\n \n Dan Rosenberg discovered that the DCCP stack did not correctly handle\n certain packet structures. A remote attacker could exploit this to crash\n the system, leading to a denial of service. (CVE-2011-1770)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1161-1\";\ntag_affected = \"linux-ec2 on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1161-1/\");\n script_id(840698);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1161-1\");\n script_cve_id(\"CVE-2010-3881\", \"CVE-2011-1017\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1770\");\n script_name(\"Ubuntu Update for linux-ec2 USN-1161-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-317-ec2\", ver:\"2.6.32-317.36\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2010-3881", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1598", "CVE-2011-2022", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-1090"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1161-1", "modified": "2019-03-13T00:00:00", "published": "2011-07-18T00:00:00", "id": "OPENVAS:1361412562310840698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840698", "type": "openvas", "title": "Ubuntu Update for linux-ec2 USN-1161-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1161_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-ec2 USN-1161-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1161-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840698\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1161-1\");\n script_cve_id(\"CVE-2010-3881\", \"CVE-2011-1017\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1770\");\n script_name(\"Ubuntu Update for linux-ec2 USN-1161-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1161-1\");\n script_tag(name:\"affected\", value:\"linux-ec2 on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local\n attacker could exploit this to read portions of the kernel stack, leading\n to a loss of privacy. (CVE-2010-3881)\n\n Timo Warns discovered that the LDM disk partition handling code did not\n correctly handle certain values. By inserting a specially crafted disk\n device, a local attacker could exploit this to gain root privileges.\n (CVE-2011-1017)\n\n Neil Horman discovered that NFSv4 did not correctly handle certain orders\n of operation with ACL data. A remote attacker with access to an NFSv4 mount\n could exploit this to crash the system, leading to a denial of service.\n (CVE-2011-1090)\n\n Timo Warns discovered that OSF partition parsing routines did not correctly\n clear memory. A local attacker with physical access could plug in a\n specially crafted block device to read kernel memory, leading to a loss of\n privacy. (CVE-2011-1163)\n\n Dan Rosenberg discovered that MPT devices did not correctly validate\n certain values in ioctl calls. If these drivers were loaded, a local\n attacker could exploit this to read arbitrary kernel memory, leading to a\n loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\n Tavis Ormandy discovered that the pidmap function did not correctly handle\n large requests. A local attacker could exploit this to crash the system,\n leading to a denial of service. (CVE-2011-1593)\n\n Oliver Hartkopp and Dave Jones discovered that the CAN network driver did\n not correctly validate certain socket structures. If this driver was\n loaded, a local attacker could crash the system, leading to a denial of\n service. (CVE-2011-1598, CVE-2011-1748)\n\n Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl\n values. A local attacker with access to the video subsystem could exploit\n this to crash the system, leading to a denial of service, or possibly gain\n root privileges. (CVE-2011-1745, CVE-2011-2022)\n\n Vasiliy Kulikov discovered that the AGP driver did not check the size of\n certain memory allocations. A local attacker with access to the video\n subsystem could exploit this to run the system out of memory, leading to a\n denial of service. (CVE-2011-1746, CVE-2011-1747)\n\n Dan Rosenberg discovered that the DCCP stack did not correctly handle\n certain packet structures. A remote attacker could exploit this to crash\n the system, leading to a denial of service. (CVE-2011-1770)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-317-ec2\", ver:\"2.6.32-317.36\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-08T14:24:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2010-4529", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1494", "CVE-2011-1598", "CVE-2011-0463", "CVE-2011-0711", "CVE-2011-2022", "CVE-2010-4263", "CVE-2011-1747", "CVE-2011-1019", "CVE-2011-1495", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-1013", "CVE-2010-4342", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-4565"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1162-1", "modified": "2019-03-13T00:00:00", "published": "2011-07-08T00:00:00", "id": "OPENVAS:1361412562310840696", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840696", "type": "openvas", "title": "Ubuntu Update for linux-mvl-dove USN-1162-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1162_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-mvl-dove USN-1162-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1162-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840696\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1162-1\");\n script_cve_id(\"CVE-2010-4243\", \"CVE-2010-4263\", \"CVE-2010-4342\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2011-0463\", \"CVE-2011-0695\", \"CVE-2011-0711\", \"CVE-2011-0726\", \"CVE-2011-1013\", \"CVE-2011-1016\", \"CVE-2011-1017\", \"CVE-2011-1019\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1182\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\");\n script_name(\"Ubuntu Update for linux-mvl-dove USN-1162-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1162-1\");\n script_tag(name:\"affected\", value:\"linux-mvl-dove on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Brad Spengler discovered that the kernel did not correctly account for\n userspace memory allocations during exec() calls. A local attacker could\n exploit this to consume all system memory, leading to a denial of service.\n (CVE-2010-4243)\n\n Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not\n correctly handle certain configurations. If such a device was configured\n without VLANs, a remote attacker could crash the system, leading to a\n denial of service. (CVE-2010-4263)\n\n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n\n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n\n Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses\n into the /proc filesystem. A local attacker could use this to increase the\n chances of a successful memory corruption exploit. (CVE-2010-4565)\n\n Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly\n clear memory when writing certain file holes. A local attacker could\n exploit this to read uninitialized data from the disk, leading to a loss of\n privacy. (CVE-2011-0463)\n\n Jens Kuehnel discovered that the InfiniBand driver contained a race\n condition. On systems using InfiniBand, a local attacker could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2011-0695)\n\n Dan Rosenberg discovered that XFS did not correctly initialize memory. A\n local attacker could make crafted ioctl calls to leak portions of kernel\n stack memory, leading to a loss of privacy. (CVE-2011-0711)\n\n Kees Cook reported that /proc/pid/stat did not correctly filter certain\n memory locations. A local attacker could determine the memory layout of\n processes in an attempt to increase the chances of a successful memory\n corruption exploit. (CVE-2011-0726)\n\n Matthiew Herrb discovered that the drm modeset interface did not correctly\n handle a signed comparison. A local attacker could exploit this to crash\n the system or possibly gain root privileges. (CVE-2011-1013)\n\n Marek Olsaak discovered that the Radeon GPU drivers did not correctly\n validate certain registers. On systems with specific hardware, a local\n attacker could exploit this to write to arbitrary video memory.\n (CVE-2011-1016)\n\n Timo Warns discovered that t ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-217-dove\", ver:\"2.6.32-217.34\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2010-4529", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1494", "CVE-2011-1598", "CVE-2011-0463", "CVE-2011-0711", "CVE-2011-2022", "CVE-2010-4263", "CVE-2011-1747", "CVE-2011-1019", "CVE-2011-1495", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-1013", "CVE-2010-4342", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-4565"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1162-1", "modified": "2017-12-01T00:00:00", "published": "2011-07-08T00:00:00", "id": "OPENVAS:840696", "href": "http://plugins.openvas.org/nasl.php?oid=840696", "type": "openvas", "title": "Ubuntu Update for linux-mvl-dove USN-1162-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1162_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-mvl-dove USN-1162-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Brad Spengler discovered that the kernel did not correctly account for\n userspace memory allocations during exec() calls. A local attacker could\n exploit this to consume all system memory, leading to a denial of service.\n (CVE-2010-4243)\n\n Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not\n correctly handle certain configurations. If such a device was configured\n without VLANs, a remote attacker could crash the system, leading to a\n denial of service. (CVE-2010-4263)\n \n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n \n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n \n Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses\n into the /proc filesystem. A local attacker could use this to increase the\n chances of a successful memory corruption exploit. (CVE-2010-4565)\n \n Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly\n clear memory when writing certain file holes. A local attacker could\n exploit this to read uninitialized data from the disk, leading to a loss of\n privacy. (CVE-2011-0463)\n \n Jens Kuehnel discovered that the InfiniBand driver contained a race\n condition. On systems using InfiniBand, a local attacker could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2011-0695)\n \n Dan Rosenberg discovered that XFS did not correctly initialize memory. A\n local attacker could make crafted ioctl calls to leak portions of kernel\n stack memory, leading to a loss of privacy. (CVE-2011-0711)\n \n Kees Cook reported that /proc/pid/stat did not correctly filter certain\n memory locations. A local attacker could determine the memory layout of\n processes in an attempt to increase the chances of a successful memory\n corruption exploit. (CVE-2011-0726)\n \n Matthiew Herrb discovered that the drm modeset interface did not correctly\n handle a signed comparison. A local attacker could exploit this to crash\n the system or possibly gain root privileges. (CVE-2011-1013)\n \n Marek Olšák discovered that the Radeon GPU drivers did not correctly\n validate certain registers. On systems with specific hardware, a local\n attacker could exploit this to write to arbitrary video memory.\n (CVE-2011-1016)\n \n Timo Warns discovered that t ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1162-1\";\ntag_affected = \"linux-mvl-dove on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1162-1/\");\n script_id(840696);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-08 16:31:28 +0200 (Fri, 08 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1162-1\");\n script_cve_id(\"CVE-2010-4243\", \"CVE-2010-4263\", \"CVE-2010-4342\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2011-0463\", \"CVE-2011-0695\", \"CVE-2011-0711\", \"CVE-2011-0726\", \"CVE-2011-1013\", \"CVE-2011-1016\", \"CVE-2011-1017\", \"CVE-2011-1019\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1182\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\");\n script_name(\"Ubuntu Update for linux-mvl-dove USN-1162-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-217-dove\", ver:\"2.6.32-217.34\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:23", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1598", "CVE-2011-1770", "CVE-2011-1748"], "description": "Oracle Linux Local Security Checks ELSA-2011-2019", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122152", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122152", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-2019", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-2019.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122152\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:13:55 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-2019\");\n script_tag(name:\"insight\", value:\"ELSA-2011-2019 - Oracle Linux 6 Unbreakable Enterprise kernel security fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-2019\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-2019.html\");\n script_cve_id(\"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1770\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~100.35.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~100.35.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~100.35.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~100.35.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~100.35.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~100.35.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~100.35.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~100.35.1.el5uek~1.5.1~4.0.28\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~100.35.1.el5uekdebug~1.5.1~4.0.28\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~100.35.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~100.35.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~100.35.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~100.35.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~100.35.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~100.35.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~100.35.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~100.35.1.el6uek~1.5.1~4.0.47\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~100.35.1.el6uekdebug~1.5.1~4.0.47\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:26:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2010-4529", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1494", "CVE-2011-1598", "CVE-2011-1173", "CVE-2011-0463", "CVE-2011-0711", "CVE-2011-2022", "CVE-2010-4263", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1019", "CVE-2011-1495", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-1013", "CVE-2010-4342", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-2534", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-4565"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1159-1", "modified": "2017-12-01T00:00:00", "published": "2011-07-18T00:00:00", "id": "OPENVAS:840700", "href": "http://plugins.openvas.org/nasl.php?oid=840700", "type": "openvas", "title": "Ubuntu Update for linux-mvl-dove USN-1159-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1159_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux-mvl-dove USN-1159-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Brad Spengler discovered that the kernel did not correctly account for\n userspace memory allocations during exec() calls. A local attacker could\n exploit this to consume all system memory, leading to a denial of service.\n (CVE-2010-4243)\n\n Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not\n correctly handle certain configurations. If such a device was configured\n without VLANs, a remote attacker could crash the system, leading to a\n denial of service. (CVE-2010-4263)\n \n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n \n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n \n Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses\n into the /proc filesystem. A local attacker could use this to increase the\n chances of a successful memory corruption exploit. (CVE-2010-4565)\n \n Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly\n clear memory when writing certain file holes. A local attacker could\n exploit this to read uninitialized data from the disk, leading to a loss of\n privacy. (CVE-2011-0463)\n \n Jens Kuehnel discovered that the InfiniBand driver contained a race\n condition. On systems using InfiniBand, a local attacker could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2011-0695)\n \n Dan Rosenberg discovered that XFS did not correctly initialize memory. A\n local attacker could make crafted ioctl calls to leak portions of kernel\n stack memory, leading to a loss of privacy. (CVE-2011-0711)\n \n Kees Cook reported that /proc/pid/stat did not correctly filter certain\n memory locations. A local attacker could determine the memory layout of\n processes in an attempt to increase the chances of a successful memory\n corruption exploit. (CVE-2011-0726)\n \n Matthiew Herrb discovered that the drm modeset interface did not correctly\n handle a signed comparison. A local attacker could exploit this to crash\n the system or possibly gain root privileges. (CVE-2011-1013)\n \n Marek Olšák discovered that the Radeon GPU drivers did not correctly\n validate certain registers. On systems with specific hardware, a local\n attacker could exploit this to write to arbitrary video memory.\n (CVE-2011-1016)\n \n Timo Warns discovered that the L ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1159-1\";\ntag_affected = \"linux-mvl-dove on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1159-1/\");\n script_id(840700);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1159-1\");\n script_cve_id(\"CVE-2010-4243\", \"CVE-2010-4263\", \"CVE-2010-4342\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2011-0463\", \"CVE-2011-0695\", \"CVE-2011-0711\", \"CVE-2011-0726\", \"CVE-2011-1013\", \"CVE-2011-1016\", \"CVE-2011-1017\", \"CVE-2011-1019\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1170\", \"CVE-2011-1171\", \"CVE-2011-1172\", \"CVE-2011-2534\", \"CVE-2011-1173\", \"CVE-2011-1182\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1770\");\n script_name(\"Ubuntu Update for linux-mvl-dove USN-1159-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-417-dove\", ver:\"2.6.32-417.34\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-08-08T14:25:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2010-4529", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1494", "CVE-2011-1598", "CVE-2011-1173", "CVE-2011-0463", "CVE-2011-0711", "CVE-2011-2022", "CVE-2010-4263", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1019", "CVE-2011-1495", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-1013", "CVE-2010-4342", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-2534", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-4565"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1159-1", "modified": "2019-03-13T00:00:00", "published": "2011-07-18T00:00:00", "id": "OPENVAS:1361412562310840700", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840700", "type": "openvas", "title": "Ubuntu Update for linux-mvl-dove USN-1159-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1159_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-mvl-dove USN-1159-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1159-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840700\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1159-1\");\n script_cve_id(\"CVE-2010-4243\", \"CVE-2010-4263\", \"CVE-2010-4342\", \"CVE-2010-4529\", \"CVE-2010-4565\", \"CVE-2011-0463\", \"CVE-2011-0695\", \"CVE-2011-0711\", \"CVE-2011-0726\", \"CVE-2011-1013\", \"CVE-2011-1016\", \"CVE-2011-1017\", \"CVE-2011-1019\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1170\", \"CVE-2011-1171\", \"CVE-2011-1172\", \"CVE-2011-2534\", \"CVE-2011-1173\", \"CVE-2011-1182\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1745\", \"CVE-2011-2022\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1770\");\n script_name(\"Ubuntu Update for linux-mvl-dove USN-1159-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1159-1\");\n script_tag(name:\"affected\", value:\"linux-mvl-dove on Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Brad Spengler discovered that the kernel did not correctly account for\n userspace memory allocations during exec() calls. A local attacker could\n exploit this to consume all system memory, leading to a denial of service.\n (CVE-2010-4243)\n\n Alexander Duyck discovered that the Intel Gigabit Ethernet driver did not\n correctly handle certain configurations. If such a device was configured\n without VLANs, a remote attacker could crash the system, leading to a\n denial of service. (CVE-2010-4263)\n\n Nelson Elhage discovered that Econet did not correctly handle AUN packets\n over UDP. A local attacker could send specially crafted traffic to crash\n the system, leading to a denial of service. (CVE-2010-4342)\n\n Dan Rosenberg discovered that IRDA did not correctly check the size of\n buffers. On non-x86 systems, a local attacker could exploit this to read\n kernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n\n Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses\n into the /proc filesystem. A local attacker could use this to increase the\n chances of a successful memory corruption exploit. (CVE-2010-4565)\n\n Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly\n clear memory when writing certain file holes. A local attacker could\n exploit this to read uninitialized data from the disk, leading to a loss of\n privacy. (CVE-2011-0463)\n\n Jens Kuehnel discovered that the InfiniBand driver contained a race\n condition. On systems using InfiniBand, a local attacker could send\n specially crafted requests to crash the system, leading to a denial of\n service. (CVE-2011-0695)\n\n Dan Rosenberg discovered that XFS did not correctly initialize memory. A\n local attacker could make crafted ioctl calls to leak portions of kernel\n stack memory, leading to a loss of privacy. (CVE-2011-0711)\n\n Kees Cook reported that /proc/pid/stat did not correctly filter certain\n memory locations. A local attacker could determine the memory layout of\n processes in an attempt to increase the chances of a successful memory\n corruption exploit. (CVE-2011-0726)\n\n Matthiew Herrb discovered that the drm modeset interface did not correctly\n handle a signed comparison. A local attacker could exploit this to crash\n the system or possibly gain root privileges. (CVE-2011-1013)\n\n Marek Olsaak discovered that the Radeon GPU drivers did not correctly\n validate certain registers. On systems with specific hardware, a local\n attacker could exploit this to write to arbitrary video memory.\n (CVE-2011-1016)\n\n Timo Warns discovered that the L ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.32-417-dove\", ver:\"2.6.32-417.34\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1746", "CVE-2011-1598", "CVE-2011-1163", "CVE-2011-1090", "CVE-2010-4077", "CVE-2011-1577", "CVE-2010-4076"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1183-1", "modified": "2019-03-13T00:00:00", "published": "2011-08-12T00:00:00", "id": "OPENVAS:1361412562310840716", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840716", "type": "openvas", "title": "Ubuntu Update for linux USN-1183-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1183_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1183-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1183-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840716\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-12 15:49:01 +0200 (Fri, 12 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1183-1\");\n script_cve_id(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1577\", \"CVE-2011-1598\", \"CVE-2011-1746\");\n script_name(\"Ubuntu Update for linux USN-1183-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1183-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Dan Rosenberg discovered that multiple terminal ioctls did not correctly\n initialize structure memory. A local attacker could exploit this to read\n portions of kernel stack memory, leading to a loss of privacy.\n (CVE-2010-4076, CVE-2010-4077)\n\n Neil Horman discovered that NFSv4 did not correctly handle certain orders\n of operation with ACL data. A remote attacker with access to an NFSv4 mount\n could exploit this to crash the system, leading to a denial of service.\n (CVE-2011-1090)\n\n Timo Warns discovered that OSF partition parsing routines did not correctly\n clear memory. A local attacker with physical access could plug in a\n specially crafted block device to read kernel memory, leading to a loss of\n privacy. (CVE-2011-1163)\n\n Timo Warns discovered that the GUID partition parsing routines did not\n correctly validate certain structures. A local attacker with physical\n access could plug in a specially crafted block device to crash the system,\n leading to a denial of service. (CVE-2011-1577)\n\n Oliver Hartkopp and Dave Jones discovered that the CAN network driver did\n not correctly validate certain socket structures. If this driver was\n loaded, a local attacker could crash the system, leading to a denial of\n service. (CVE-2011-1598)\n\n Vasiliy Kulikov discovered that the AGP driver did not check the size of\n certain memory allocations. A local attacker with access to the video\n subsystem could exploit this to run the system out of memory, leading to a\n denial of service. (CVE-2011-1746)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-generic\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-generic-pae\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-omap\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-powerpc\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-powerpc-smp\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-powerpc64-smp\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-server\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-versatile\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-virtual\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:27:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1746", "CVE-2011-1598", "CVE-2011-1163", "CVE-2011-1090", "CVE-2010-4077", "CVE-2011-1577", "CVE-2010-4076"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1183-1", "modified": "2017-12-01T00:00:00", "published": "2011-08-12T00:00:00", "id": "OPENVAS:840716", "href": "http://plugins.openvas.org/nasl.php?oid=840716", "type": "openvas", "title": "Ubuntu Update for linux USN-1183-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1183_1.nasl 7964 2017-12-01 07:32:11Z santu $\n#\n# Ubuntu Update for linux USN-1183-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Dan Rosenberg discovered that multiple terminal ioctls did not correctly\n initialize structure memory. A local attacker could exploit this to read\n portions of kernel stack memory, leading to a loss of privacy.\n (CVE-2010-4076, CVE-2010-4077)\n\n Neil Horman discovered that NFSv4 did not correctly handle certain orders\n of operation with ACL data. A remote attacker with access to an NFSv4 mount\n could exploit this to crash the system, leading to a denial of service.\n (CVE-2011-1090)\n \n Timo Warns discovered that OSF partition parsing routines did not correctly\n clear memory. A local attacker with physical access could plug in a\n specially crafted block device to read kernel memory, leading to a loss of\n privacy. (CVE-2011-1163)\n \n Timo Warns discovered that the GUID partition parsing routines did not\n correctly validate certain structures. A local attacker with physical\n access could plug in a specially crafted block device to crash the system,\n leading to a denial of service. (CVE-2011-1577)\n \n Oliver Hartkopp and Dave Jones discovered that the CAN network driver did\n not correctly validate certain socket structures. If this driver was\n loaded, a local attacker could crash the system, leading to a denial of\n service. (CVE-2011-1598)\n \n Vasiliy Kulikov discovered that the AGP driver did not check the size of\n certain memory allocations. A local attacker with access to the video\n subsystem could exploit this to run the system out of memory, leading to a\n denial of service. (CVE-2011-1746)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1183-1\";\ntag_affected = \"linux on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1183-1/\");\n script_id(840716);\n script_version(\"$Revision: 7964 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 08:32:11 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-12 15:49:01 +0200 (Fri, 12 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1183-1\");\n script_cve_id(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1577\", \"CVE-2011-1598\", \"CVE-2011-1746\");\n script_name(\"Ubuntu Update for linux USN-1183-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-generic\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-generic-pae\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-omap\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-powerpc\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-powerpc-smp\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-powerpc64-smp\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-server\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-versatile\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-30-virtual\", ver:\"2.6.35-30.56\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-01T06:35:41", "description": "Timo Warns discovered that the LDM disk partition handling code did\nnot correctly handle certain values. By inserting a specially crafted\ndisk device, a local attacker could exploit this to gain root\nprivileges. (CVE-2011-1017)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain\norders of operation with ACL data. A remote attacker with access to an\nNFSv4 mount could exploit this to crash the system, leading to a\ndenial of service. (CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not\ncorrectly clear memory. A local attacker with physical access could\nplug in a specially crafted block device to read kernel memory,\nleading to a loss of privacy. (CVE-2011-1163)\n\nDan Rosenberg discovered that MPT devices did not correctly validate\ncertain values in ioctl calls. If these drivers were loaded, a local\nattacker could exploit this to read arbitrary kernel memory, leading\nto a loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTavis Ormandy discovered that the pidmap function did not correctly\nhandle large requests. A local attacker could exploit this to crash\nthe system, leading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver\ndid not correctly validate certain socket structures. If this driver\nwas loaded, a local attacker could crash the system, leading to a\ndenial of service. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain\nioctl values. A local attacker with access to the video subsystem\ncould exploit this to crash the system, leading to a denial of\nservice, or possibly gain root privileges. (CVE-2011-1745,\nCVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size\nof certain memory allocations. A local attacker with access to the\nvideo subsystem could exploit this to run the system out of memory,\nleading to a denial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of\nARM kernels. A local attacker could exploit this flaw to cause a\ndenial of service or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle\ncertain packet structures. A remote attacker could exploit this to\ncrash the system, leading to a denial of service. (CVE-2011-1770)\n\nTimo Warns discovered that the EFI GUID partition table was not\ncorrectly parsed. A physically local attacker that could insert\nmountable devices could exploit this to crash the system or possibly\ngain root privileges. (CVE-2011-1776)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that\nhad no prefixpaths. A local attacker with access to a CIFS partition\ncould exploit this to crash the system, leading to a denial of\nservice. (CVE-2011-3363).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-07-18T00:00:00", "title": "Ubuntu 10.04 LTS : linux vulnerabilities (USN-1168-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1776", "CVE-2011-1598", "CVE-2011-1759", "CVE-2011-2022", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-3363", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-1090"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia"], "id": "UBUNTU_USN-1168-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55606", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1168-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55606);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-1017\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1748\", \"CVE-2011-1759\", \"CVE-2011-1770\", \"CVE-2011-1776\", \"CVE-2011-2022\", \"CVE-2011-3363\");\n script_bugtraq_id(46512, 46766, 46878, 47185, 47497, 47503, 47534, 47535, 47769, 47832, 47835, 47843);\n script_xref(name:\"USN\", value:\"1168-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux vulnerabilities (USN-1168-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Timo Warns discovered that the LDM disk partition handling code did\nnot correctly handle certain values. By inserting a specially crafted\ndisk device, a local attacker could exploit this to gain root\nprivileges. (CVE-2011-1017)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain\norders of operation with ACL data. A remote attacker with access to an\nNFSv4 mount could exploit this to crash the system, leading to a\ndenial of service. (CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not\ncorrectly clear memory. A local attacker with physical access could\nplug in a specially crafted block device to read kernel memory,\nleading to a loss of privacy. (CVE-2011-1163)\n\nDan Rosenberg discovered that MPT devices did not correctly validate\ncertain values in ioctl calls. If these drivers were loaded, a local\nattacker could exploit this to read arbitrary kernel memory, leading\nto a loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTavis Ormandy discovered that the pidmap function did not correctly\nhandle large requests. A local attacker could exploit this to crash\nthe system, leading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver\ndid not correctly validate certain socket structures. If this driver\nwas loaded, a local attacker could crash the system, leading to a\ndenial of service. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain\nioctl values. A local attacker with access to the video subsystem\ncould exploit this to crash the system, leading to a denial of\nservice, or possibly gain root privileges. (CVE-2011-1745,\nCVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size\nof certain memory allocations. A local attacker with access to the\nvideo subsystem could exploit this to run the system out of memory,\nleading to a denial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of\nARM kernels. A local attacker could exploit this flaw to cause a\ndenial of service or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle\ncertain packet structures. A remote attacker could exploit this to\ncrash the system, leading to a denial of service. (CVE-2011-1770)\n\nTimo Warns discovered that the EFI GUID partition table was not\ncorrectly parsed. A physically local attacker that could insert\nmountable devices could exploit this to crash the system or possibly\ngain root privileges. (CVE-2011-1776)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that\nhad no prefixpaths. A local attacker with access to a CIFS partition\ncould exploit this to crash the system, leading to a denial of\nservice. (CVE-2011-3363).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1168-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-preempt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-1017\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1748\", \"CVE-2011-1759\", \"CVE-2011-1770\", \"CVE-2011-1776\", \"CVE-2011-2022\", \"CVE-2011-3363\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1168-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-33-386\", pkgver:\"2.6.32-33.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-33-generic\", pkgver:\"2.6.32-33.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-33-generic-pae\", pkgver:\"2.6.32-33.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-33-lpia\", pkgver:\"2.6.32-33.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-33-preempt\", pkgver:\"2.6.32-33.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-33-server\", pkgver:\"2.6.32-33.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-33-versatile\", pkgver:\"2.6.32-33.70\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-33-virtual\", pkgver:\"2.6.32-33.70\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T06:35:18", "description": "Vasiliy Kulikov discovered that kvm did not correctly clear memory. A\nlocal attacker could exploit this to read portions of the kernel\nstack, leading to a loss of privacy. (CVE-2010-3881)\n\nTimo Warns discovered that the LDM disk partition handling code did\nnot correctly handle certain values. By inserting a specially crafted\ndisk device, a local attacker could exploit this to gain root\nprivileges. (CVE-2011-1017)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain\norders of operation with ACL data. A remote attacker with access to an\nNFSv4 mount could exploit this to crash the system, leading to a\ndenial of service. (CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not\ncorrectly clear memory. A local attacker with physical access could\nplug in a specially crafted block device to read kernel memory,\nleading to a loss of privacy. (CVE-2011-1163)\n\nDan Rosenberg discovered that MPT devices did not correctly validate\ncertain values in ioctl calls. If these drivers were loaded, a local\nattacker could exploit this to read arbitrary kernel memory, leading\nto a loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTavis Ormandy discovered that the pidmap function did not correctly\nhandle large requests. A local attacker could exploit this to crash\nthe system, leading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver\ndid not correctly validate certain socket structures. If this driver\nwas loaded, a local attacker could crash the system, leading to a\ndenial of service. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain\nioctl values. A local attacker with access to the video subsystem\ncould exploit this to crash the system, leading to a denial of\nservice, or possibly gain root privileges. (CVE-2011-1745,\nCVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size\nof certain memory allocations. A local attacker with access to the\nvideo subsystem could exploit this to run the system out of memory,\nleading to a denial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of\nARM kernels. A local attacker could exploit this flaw to cause a\ndenial of service or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle\ncertain packet structures. A remote attacker could exploit this to\ncrash the system, leading to a denial of service. (CVE-2011-1770)\n\nTimo Warns discovered that the EFI GUID partition table was not\ncorrectly parsed. A physically local attacker that could insert\nmountable devices could exploit this to crash the system or possibly\ngain root privileges. (CVE-2011-1776)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that\nhad no prefixpaths. A local attacker with access to a CIFS partition\ncould exploit this to crash the system, leading to a denial of\nservice. (CVE-2011-3363).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-07-14T00:00:00", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1161-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2010-3881", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1776", "CVE-2011-1598", "CVE-2011-1759", "CVE-2011-2022", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-3363", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-1090"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2"], "id": "UBUNTU_USN-1161-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55590", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1161-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55590);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2010-3881\", \"CVE-2011-1017\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1748\", \"CVE-2011-1759\", \"CVE-2011-1770\", \"CVE-2011-1776\", \"CVE-2011-2022\", \"CVE-2011-3363\");\n script_bugtraq_id(44666, 46766, 46878, 47185, 47497, 47503, 47534, 47535, 47769, 47832, 47835, 47843);\n script_xref(name:\"USN\", value:\"1161-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1161-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vasiliy Kulikov discovered that kvm did not correctly clear memory. A\nlocal attacker could exploit this to read portions of the kernel\nstack, leading to a loss of privacy. (CVE-2010-3881)\n\nTimo Warns discovered that the LDM disk partition handling code did\nnot correctly handle certain values. By inserting a specially crafted\ndisk device, a local attacker could exploit this to gain root\nprivileges. (CVE-2011-1017)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain\norders of operation with ACL data. A remote attacker with access to an\nNFSv4 mount could exploit this to crash the system, leading to a\ndenial of service. (CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not\ncorrectly clear memory. A local attacker with physical access could\nplug in a specially crafted block device to read kernel memory,\nleading to a loss of privacy. (CVE-2011-1163)\n\nDan Rosenberg discovered that MPT devices did not correctly validate\ncertain values in ioctl calls. If these drivers were loaded, a local\nattacker could exploit this to read arbitrary kernel memory, leading\nto a loss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTavis Ormandy discovered that the pidmap function did not correctly\nhandle large requests. A local attacker could exploit this to crash\nthe system, leading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver\ndid not correctly validate certain socket structures. If this driver\nwas loaded, a local attacker could crash the system, leading to a\ndenial of service. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain\nioctl values. A local attacker with access to the video subsystem\ncould exploit this to crash the system, leading to a denial of\nservice, or possibly gain root privileges. (CVE-2011-1745,\nCVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size\nof certain memory allocations. A local attacker with access to the\nvideo subsystem could exploit this to run the system out of memory,\nleading to a denial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of\nARM kernels. A local attacker could exploit this flaw to cause a\ndenial of service or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle\ncertain packet structures. A remote attacker could exploit this to\ncrash the system, leading to a denial of service. (CVE-2011-1770)\n\nTimo Warns discovered that the EFI GUID partition table was not\ncorrectly parsed. A physically local attacker that could insert\nmountable devices could exploit this to crash the system or possibly\ngain root privileges. (CVE-2011-1776)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that\nhad no prefixpaths. A local attacker with access to a CIFS partition\ncould exploit this to crash the system, leading to a denial of\nservice. (CVE-2011-3363).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1161-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/12/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-3881\", \"CVE-2011-1017\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1593\", \"CVE-2011-1598\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-1748\", \"CVE-2011-1759\", \"CVE-2011-1770\", \"CVE-2011-1776\", \"CVE-2011-2022\", \"CVE-2011-3363\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1161-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-317-ec2\", pkgver:\"2.6.32-317.36\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:46:26", "description": "Description of changes:\n\n[2.6.32-100.35.1.el6uek]\n- [net] dccp: handle invalid feature options length {CVE-2011-1770}\n- [net] can: add missing socket check in can/raw release {CVE-2011-1748}\n- [net] can: Add missing socket check in can/bcm release {CVE-2011-1598}", "edition": 21, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2019)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1598", "CVE-2011-1770", "CVE-2011-1748"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:ofa-2.6.32-100.35.1.el5uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-100.35.1.el6uekdebug", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:ofa-2.6.32-100.35.1.el6uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-100.35.1.el5uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-debug"], "id": "ORACLELINUX_ELSA-2011-2019.NASL", "href": "https://www.tenable.com/plugins/nessus/68418", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2011-2019.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68418);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1770\");\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2011-2019)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[2.6.32-100.35.1.el6uek]\n- [net] dccp: handle invalid feature options length {CVE-2011-1770}\n- [net] can: add missing socket check in can/raw release {CVE-2011-1748}\n- [net] can: Add missing socket check in can/bcm release {CVE-2011-1598}\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-June/002174.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-June/002175.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-100.35.1.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-100.35.1.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-100.35.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-100.35.1.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/05/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1770\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2011-2019\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-uek-2.6.32-100.35.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-uek-debug-2.6.32-100.35.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-uek-debug-devel-2.6.32-100.35.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-uek-devel-2.6.32-100.35.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-uek-doc-2.6.32-100.35.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-uek-firmware-2.6.32-100.35.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"kernel-uek-headers-2.6.32-100.35.1.el5uek\")) flag++;\nif (rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"ofa-2.6.32-100.35.1.el5uek-1.5.1-4.0.28\")) flag++;\nif (rpm_check(release:\"EL5\", cpu:\"x86_64\", reference:\"ofa-2.6.32-100.35.1.el5uekdebug-1.5.1-4.0.28\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.32-100.35.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.32-100.35.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.32-100.35.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.32-100.35.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.32-100.35.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.32-100.35.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-headers-2.6.32-100.35.1.el6uek\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-100.35.1.el6uek-1.5.1-4.0.47\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-100.35.1.el6uekdebug-1.5.1-4.0.47\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:09:36", "description": "Update to kernel 2.6.35.13 :\n\nhttp://ftp.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.35/ChangeLog\n-2.6.35.13\n\nPlus additional security fixes that will appear in 2.6.35.14\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2011-05-10T00:00:00", "title": "Fedora 14 : kernel-2.6.35.13-91.fc14 (2011-6541)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1478", "CVE-2011-1079", "CVE-2011-1495", "CVE-2011-1745"], "modified": "2011-05-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-6541.NASL", "href": "https://www.tenable.com/plugins/nessus/53850", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-6541.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53850);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1079\", \"CVE-2011-1478\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1745\", \"CVE-2011-1746\");\n script_bugtraq_id(46616, 47056, 47185, 47534, 47535);\n script_xref(name:\"FEDORA\", value:\"2011-6541\");\n\n script_name(english:\"Fedora 14 : kernel-2.6.35.13-91.fc14 (2011-6541)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to kernel 2.6.35.13 :\n\nhttp://ftp.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.35/ChangeLog\n-2.6.35.13\n\nPlus additional security fixes that will appear in 2.6.35.14\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://ftp.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.35/ChangeLog-2.6.35.13\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?32ba0551\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=681260\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=691270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=694021\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=698996\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=698998\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-May/059860.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b0649555\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/05/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"kernel-2.6.35.13-91.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:32:13", "description": "This kernel update for the SUSE Linux Enterprise 10 SP4 kernel fixes\nseveral security issues and bugs.\n\nThe following security issues were fixed :\n\n - The dccp_rcv_state_process function in net/dccp/input.c\n in the Datagram Congestion Control Protocol (DCCP)\n implementation in the Linux kernel did not properly\n handle packets for a CLOSED endpoint, which allowed\n remote attackers to cause a denial of service (NULL\n pointer dereference and OOPS) by sending a DCCP-Close\n packet followed by a DCCP-Reset packet. (CVE-2011-1093)\n\n - The add_del_listener function in kernel/taskstats.c in\n the Linux kernel did not prevent multiple registrations\n of exit handlers, which allowed local users to cause a\n denial of service (memory and CPU consumption), and\n bypass the OOM Killer, via a crafted application.\n (CVE-2011-2484)\n\n - Integer overflow in the agp_generic_insert_memory\n function in drivers/char/agp/generic.c in the Linux\n kernel allowed local users to gain privileges or cause a\n denial of service (system crash) via a crafted\n AGPIOC_BIND agp_ioctl ioctl call. (CVE-2011-1745)\n\n - Multiple integer overflows in the (1)\n agp_allocate_memory and (2) agp_create_user_memory\n functions in drivers/char/agp/generic.c in the Linux\n kernel allowed local users to trigger buffer overflows,\n and consequently cause a denial of service (system\n crash) or possibly have unspecified other impact, via\n vectors related to calls that specify a large number of\n memory pages. (CVE-2011-1746)\n\n - The agp_generic_remove_memory function in\n drivers/char/agp/generic.c in the Linux kernel before\n 2.6.38.5 did not validate a certain start parameter,\n which allowed local users to gain privileges or cause a\n denial of service (system crash) via a crafted\n AGPIOC_UNBIND agp_ioctl ioctl call, a different\n vulnerability than CVE-2011-1745. (CVE-2011-2022)\n\n - When using a setuid root mount.cifs, local users could\n hijack password protected mounted CIFS shares of other\n local users. (CVE-2011-1585)\n\n - The do_task_stat function in fs/proc/array.c in the\n Linux kernel did not perform an expected uid check,\n which made it easier for local users to defeat the ASLR\n protection mechanism by reading the start_code and\n end_code fields in the /proc/#####/stat file for a\n process executing a PIE binary. (CVE-2011-0726)\n\n - The normal mmap paths all avoid creating a mapping where\n the pgoff inside the mapping could wrap around due to\n overflow. However, an expanding mremap() can take such a\n non-wrapping mapping and make it bigger and cause a\n wrapping condition. (CVE-2011-2496)\n\n - A local unprivileged user able to access a NFS\n filesystem could use file locking to deadlock parts of\n an nfs server under some circumstance. (CVE-2011-2491)\n\n - The code for evaluating LDM partitions (in\n fs/partitions/ldm.c) contained bugs that could crash the\n kernel for certain corrupted LDM partitions.\n (CVE-2011-1017 / CVE-2011-2182)\n\n - Multiple integer overflows in the next_pidmap function\n in kernel/pid.c in the Linux kernel allowed local users\n to cause a denial of service (system crash) via a\n crafted (1) getdents or (2) readdir system call.\n (CVE-2011-1593)\n\n - Integer overflow in the _ctl_do_mpt_command function in\n drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n might have allowed local users to gain privileges or\n cause a denial of service (memory corruption) via an\n ioctl call specifying a crafted value that triggers a\n heap-based buffer overflow. (CVE-2011-1494)\n\n - drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n did not validate (1) length and (2) offset values before\n performing memory copy operations, which might have\n allowed local users to gain privileges, cause a denial\n of service (memory corruption), or obtain sensitive\n information from kernel memory via a crafted ioctl call,\n related to the _ctl_do_mpt_command and\n _ctl_diag_read_buffer functions. (CVE-2011-1495)", "edition": 22, "published": "2012-05-17T00:00:00", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7665)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-2491", "CVE-2011-2484", "CVE-2011-2182", "CVE-2011-2022", "CVE-2011-1495", "CVE-2011-1093", "CVE-2011-1593", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1585", "CVE-2011-2496"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-7665.NASL", "href": "https://www.tenable.com/plugins/nessus/59158", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(59158);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/10/25 13:36:43\");\n\n script_cve_id(\"CVE-2011-0726\", \"CVE-2011-1017\", \"CVE-2011-1093\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1585\", \"CVE-2011-1593\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-2022\", \"CVE-2011-2182\", \"CVE-2011-2484\", \"CVE-2011-2491\", \"CVE-2011-2496\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7665)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for the SUSE Linux Enterprise 10 SP4 kernel fixes\nseveral security issues and bugs.\n\nThe following security issues were fixed :\n\n - The dccp_rcv_state_process function in net/dccp/input.c\n in the Datagram Congestion Control Protocol (DCCP)\n implementation in the Linux kernel did not properly\n handle packets for a CLOSED endpoint, which allowed\n remote attackers to cause a denial of service (NULL\n pointer dereference and OOPS) by sending a DCCP-Close\n packet followed by a DCCP-Reset packet. (CVE-2011-1093)\n\n - The add_del_listener function in kernel/taskstats.c in\n the Linux kernel did not prevent multiple registrations\n of exit handlers, which allowed local users to cause a\n denial of service (memory and CPU consumption), and\n bypass the OOM Killer, via a crafted application.\n (CVE-2011-2484)\n\n - Integer overflow in the agp_generic_insert_memory\n function in drivers/char/agp/generic.c in the Linux\n kernel allowed local users to gain privileges or cause a\n denial of service (system crash) via a crafted\n AGPIOC_BIND agp_ioctl ioctl call. (CVE-2011-1745)\n\n - Multiple integer overflows in the (1)\n agp_allocate_memory and (2) agp_create_user_memory\n functions in drivers/char/agp/generic.c in the Linux\n kernel allowed local users to trigger buffer overflows,\n and consequently cause a denial of service (system\n crash) or possibly have unspecified other impact, via\n vectors related to calls that specify a large number of\n memory pages. (CVE-2011-1746)\n\n - The agp_generic_remove_memory function in\n drivers/char/agp/generic.c in the Linux kernel before\n 2.6.38.5 did not validate a certain start parameter,\n which allowed local users to gain privileges or cause a\n denial of service (system crash) via a crafted\n AGPIOC_UNBIND agp_ioctl ioctl call, a different\n vulnerability than CVE-2011-1745. (CVE-2011-2022)\n\n - When using a setuid root mount.cifs, local users could\n hijack password protected mounted CIFS shares of other\n local users. (CVE-2011-1585)\n\n - The do_task_stat function in fs/proc/array.c in the\n Linux kernel did not perform an expected uid check,\n which made it easier for local users to defeat the ASLR\n protection mechanism by reading the start_code and\n end_code fields in the /proc/#####/stat file for a\n process executing a PIE binary. (CVE-2011-0726)\n\n - The normal mmap paths all avoid creating a mapping where\n the pgoff inside the mapping could wrap around due to\n overflow. However, an expanding mremap() can take such a\n non-wrapping mapping and make it bigger and cause a\n wrapping condition. (CVE-2011-2496)\n\n - A local unprivileged user able to access a NFS\n filesystem could use file locking to deadlock parts of\n an nfs server under some circumstance. (CVE-2011-2491)\n\n - The code for evaluating LDM partitions (in\n fs/partitions/ldm.c) contained bugs that could crash the\n kernel for certain corrupted LDM partitions.\n (CVE-2011-1017 / CVE-2011-2182)\n\n - Multiple integer overflows in the next_pidmap function\n in kernel/pid.c in the Linux kernel allowed local users\n to cause a denial of service (system crash) via a\n crafted (1) getdents or (2) readdir system call.\n (CVE-2011-1593)\n\n - Integer overflow in the _ctl_do_mpt_command function in\n drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n might have allowed local users to gain privileges or\n cause a denial of service (memory corruption) via an\n ioctl call specifying a crafted value that triggers a\n heap-based buffer overflow. (CVE-2011-1494)\n\n - drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n did not validate (1) length and (2) offset values before\n performing memory copy operations, which might have\n allowed local users to gain privileges, cause a denial\n of service (memory corruption), or obtain sensitive\n information from kernel memory via a crafted ioctl call,\n related to the _ctl_do_mpt_command and\n _ctl_diag_read_buffer functions. (CVE-2011-1495)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0726.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1093.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1494.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1495.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1585.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1593.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1745.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1746.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2022.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2182.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2484.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2491.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2496.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7665.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"kernel-debug-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"kernel-default-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"kernel-kdump-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"kernel-smp-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"kernel-source-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"kernel-syms-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"kernel-xen-2.6.16.60-0.89.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T06:32:14", "description": "This kernel update for the SUSE Linux Enterprise 10 SP4 kernel fixes\nseveral security issues and bugs.\n\nThe following security issues were fixed :\n\n - The dccp_rcv_state_process function in net/dccp/input.c\n in the Datagram Congestion Control Protocol (DCCP)\n implementation in the Linux kernel did not properly\n handle packets for a CLOSED endpoint, which allowed\n remote attackers to cause a denial of service (NULL\n pointer dereference and OOPS) by sending a DCCP-Close\n packet followed by a DCCP-Reset packet. (CVE-2011-1093)\n\n - The add_del_listener function in kernel/taskstats.c in\n the Linux kernel did not prevent multiple registrations\n of exit handlers, which allowed local users to cause a\n denial of service (memory and CPU consumption), and\n bypass the OOM Killer, via a crafted application.\n (CVE-2011-2484)\n\n - Integer overflow in the agp_generic_insert_memory\n function in drivers/char/agp/generic.c in the Linux\n kernel allowed local users to gain privileges or cause a\n denial of service (system crash) via a crafted\n AGPIOC_BIND agp_ioctl ioctl call. (CVE-2011-1745)\n\n - Multiple integer overflows in the (1)\n agp_allocate_memory and (2) agp_create_user_memory\n functions in drivers/char/agp/generic.c in the Linux\n kernel allowed local users to trigger buffer overflows,\n and consequently cause a denial of service (system\n crash) or possibly have unspecified other impact, via\n vectors related to calls that specify a large number of\n memory pages. (CVE-2011-1746)\n\n - The agp_generic_remove_memory function in\n drivers/char/agp/generic.c in the Linux kernel before\n 2.6.38.5 did not validate a certain start parameter,\n which allowed local users to gain privileges or cause a\n denial of service (system crash) via a crafted\n AGPIOC_UNBIND agp_ioctl ioctl call, a different\n vulnerability than CVE-2011-1745. (CVE-2011-2022)\n\n - When using a setuid root mount.cifs, local users could\n hijack password protected mounted CIFS shares of other\n local users. (CVE-2011-1585)\n\n - The do_task_stat function in fs/proc/array.c in the\n Linux kernel did not perform an expected uid check,\n which made it easier for local users to defeat the ASLR\n protection mechanism by reading the start_code and\n end_code fields in the /proc/#####/stat file for a\n process executing a PIE binary. (CVE-2011-0726)\n\n - The normal mmap paths all avoid creating a mapping where\n the pgoff inside the mapping could wrap around due to\n overflow. However, an expanding mremap() can take such a\n non-wrapping mapping and make it bigger and cause a\n wrapping condition. (CVE-2011-2496)\n\n - A local unprivileged user able to access a NFS\n filesystem could use file locking to deadlock parts of\n an nfs server under some circumstance. (CVE-2011-2491)\n\n - The code for evaluating LDM partitions (in\n fs/partitions/ldm.c) contained bugs that could crash the\n kernel for certain corrupted LDM partitions.\n (CVE-2011-1017 / CVE-2011-2182)\n\n - Multiple integer overflows in the next_pidmap function\n in kernel/pid.c in the Linux kernel allowed local users\n to cause a denial of service (system crash) via a\n crafted (1) getdents or (2) readdir system call.\n (CVE-2011-1593)\n\n - Integer overflow in the _ctl_do_mpt_command function in\n drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n might have allowed local users to gain privileges or\n cause a denial of service (memory corruption) via an\n ioctl call specifying a crafted value that triggers a\n heap-based buffer overflow. (CVE-2011-1494)\n\n - drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n did not validate (1) length and (2) offset values before\n performing memory copy operations, which might have\n allowed local users to gain privileges, cause a denial\n of service (memory corruption), or obtain sensitive\n information from kernel memory via a crafted ioctl call,\n related to the _ctl_do_mpt_command and\n _ctl_diag_read_buffer functions. (CVE-2011-1495)", "edition": 22, "published": "2011-12-13T00:00:00", "title": "SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7666)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-2491", "CVE-2011-2484", "CVE-2011-2182", "CVE-2011-2022", "CVE-2011-1495", "CVE-2011-1093", "CVE-2011-1593", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1585", "CVE-2011-2496"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_KERNEL-7666.NASL", "href": "https://www.tenable.com/plugins/nessus/57213", "sourceData": "#%NASL_MIN_LEVEL 80502\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57213);\n script_version (\"1.4\");\n script_cvs_date(\"Date: 2019/10/25 13:36:43\");\n\n script_cve_id(\"CVE-2011-0726\", \"CVE-2011-1017\", \"CVE-2011-1093\", \"CVE-2011-1494\", \"CVE-2011-1495\", \"CVE-2011-1585\", \"CVE-2011-1593\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-2022\", \"CVE-2011-2182\", \"CVE-2011-2484\", \"CVE-2011-2491\", \"CVE-2011-2496\");\n\n script_name(english:\"SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 7666)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This kernel update for the SUSE Linux Enterprise 10 SP4 kernel fixes\nseveral security issues and bugs.\n\nThe following security issues were fixed :\n\n - The dccp_rcv_state_process function in net/dccp/input.c\n in the Datagram Congestion Control Protocol (DCCP)\n implementation in the Linux kernel did not properly\n handle packets for a CLOSED endpoint, which allowed\n remote attackers to cause a denial of service (NULL\n pointer dereference and OOPS) by sending a DCCP-Close\n packet followed by a DCCP-Reset packet. (CVE-2011-1093)\n\n - The add_del_listener function in kernel/taskstats.c in\n the Linux kernel did not prevent multiple registrations\n of exit handlers, which allowed local users to cause a\n denial of service (memory and CPU consumption), and\n bypass the OOM Killer, via a crafted application.\n (CVE-2011-2484)\n\n - Integer overflow in the agp_generic_insert_memory\n function in drivers/char/agp/generic.c in the Linux\n kernel allowed local users to gain privileges or cause a\n denial of service (system crash) via a crafted\n AGPIOC_BIND agp_ioctl ioctl call. (CVE-2011-1745)\n\n - Multiple integer overflows in the (1)\n agp_allocate_memory and (2) agp_create_user_memory\n functions in drivers/char/agp/generic.c in the Linux\n kernel allowed local users to trigger buffer overflows,\n and consequently cause a denial of service (system\n crash) or possibly have unspecified other impact, via\n vectors related to calls that specify a large number of\n memory pages. (CVE-2011-1746)\n\n - The agp_generic_remove_memory function in\n drivers/char/agp/generic.c in the Linux kernel before\n 2.6.38.5 did not validate a certain start parameter,\n which allowed local users to gain privileges or cause a\n denial of service (system crash) via a crafted\n AGPIOC_UNBIND agp_ioctl ioctl call, a different\n vulnerability than CVE-2011-1745. (CVE-2011-2022)\n\n - When using a setuid root mount.cifs, local users could\n hijack password protected mounted CIFS shares of other\n local users. (CVE-2011-1585)\n\n - The do_task_stat function in fs/proc/array.c in the\n Linux kernel did not perform an expected uid check,\n which made it easier for local users to defeat the ASLR\n protection mechanism by reading the start_code and\n end_code fields in the /proc/#####/stat file for a\n process executing a PIE binary. (CVE-2011-0726)\n\n - The normal mmap paths all avoid creating a mapping where\n the pgoff inside the mapping could wrap around due to\n overflow. However, an expanding mremap() can take such a\n non-wrapping mapping and make it bigger and cause a\n wrapping condition. (CVE-2011-2496)\n\n - A local unprivileged user able to access a NFS\n filesystem could use file locking to deadlock parts of\n an nfs server under some circumstance. (CVE-2011-2491)\n\n - The code for evaluating LDM partitions (in\n fs/partitions/ldm.c) contained bugs that could crash the\n kernel for certain corrupted LDM partitions.\n (CVE-2011-1017 / CVE-2011-2182)\n\n - Multiple integer overflows in the next_pidmap function\n in kernel/pid.c in the Linux kernel allowed local users\n to cause a denial of service (system crash) via a\n crafted (1) getdents or (2) readdir system call.\n (CVE-2011-1593)\n\n - Integer overflow in the _ctl_do_mpt_command function in\n drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n might have allowed local users to gain privileges or\n cause a denial of service (memory corruption) via an\n ioctl call specifying a crafted value that triggers a\n heap-based buffer overflow. (CVE-2011-1494)\n\n - drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n did not validate (1) length and (2) offset values before\n performing memory copy operations, which might have\n allowed local users to gain privileges, cause a denial\n of service (memory corruption), or obtain sensitive\n information from kernel memory via a crafted ioctl call,\n related to the _ctl_do_mpt_command and\n _ctl_diag_read_buffer functions. (CVE-2011-1495)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-0726.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1017.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1093.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1494.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1495.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1585.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1593.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1745.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1746.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2022.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2182.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2484.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2491.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2496.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7666.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2019 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-bigsmp-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-debug-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-default-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-kdump-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-kdumppae-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-smp-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-source-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-syms-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-vmi-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-vmipae-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-xen-2.6.16.60-0.89.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"i586\", reference:\"kernel-xenpae-2.6.16.60-0.89.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T06:35:49", "description": "Dan Rosenberg discovered that multiple terminal ioctls did not\ncorrectly initialize structure memory. A local attacker could exploit\nthis to read portions of kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4076, CVE-2010-4077)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain\norders of operation with ACL data. A remote attacker with access to an\nNFSv4 mount could exploit this to crash the system, leading to a\ndenial of service. (CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not\ncorrectly clear memory. A local attacker with physical access could\nplug in a specially crafted block device to read kernel memory,\nleading to a loss of privacy. (CVE-2011-1163)\n\nTimo Warns discovered that the GUID partition parsing routines did not\ncorrectly validate certain structures. A local attacker with physical\naccess could plug in a specially crafted block device to crash the\nsystem, leading to a denial of service. (CVE-2011-1577)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver\ndid not correctly validate certain socket structures. If this driver\nwas loaded, a local attacker could crash the system, leading to a\ndenial of service. (CVE-2011-1598)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size\nof certain memory allocations. A local attacker with access to the\nvideo subsystem could exploit this to run the system out of memory,\nleading to a denial of service. (CVE-2011-1746).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-08-04T00:00:00", "title": "Ubuntu 10.10 : linux vulnerabilities (USN-1183-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1746", "CVE-2011-1598", "CVE-2011-1163", "CVE-2011-1090", "CVE-2010-4077", "CVE-2011-1577", "CVE-2010-4076"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1183-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55762", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1183-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55762);\n script_version(\"1.14\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1577\", \"CVE-2011-1598\", \"CVE-2011-1746\");\n script_bugtraq_id(45059, 46766, 46878, 47343, 47503, 47535);\n script_xref(name:\"USN\", value:\"1183-1\");\n\n script_name(english:\"Ubuntu 10.10 : linux vulnerabilities (USN-1183-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dan Rosenberg discovered that multiple terminal ioctls did not\ncorrectly initialize structure memory. A local attacker could exploit\nthis to read portions of kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4076, CVE-2010-4077)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain\norders of operation with ACL data. A remote attacker with access to an\nNFSv4 mount could exploit this to crash the system, leading to a\ndenial of service. (CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not\ncorrectly clear memory. A local attacker with physical access could\nplug in a specially crafted block device to read kernel memory,\nleading to a loss of privacy. (CVE-2011-1163)\n\nTimo Warns discovered that the GUID partition parsing routines did not\ncorrectly validate certain structures. A local attacker with physical\naccess could plug in a specially crafted block device to crash the\nsystem, leading to a denial of service. (CVE-2011-1577)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver\ndid not correctly validate certain socket structures. If this driver\nwas loaded, a local attacker could crash the system, leading to a\ndenial of service. (CVE-2011-1598)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size\nof certain memory allocations. A local attacker with access to the\nvideo subsystem could exploit this to run the system out of memory,\nleading to a denial of service. (CVE-2011-1746).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1183-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2011-1090\", \"CVE-2011-1163\", \"CVE-2011-1577\", \"CVE-2011-1598\", \"CVE-2011-1746\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1183-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-30-generic\", pkgver:\"2.6.35-30.56\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-30-generic-pae\", pkgver:\"2.6.35-30.56\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-30-server\", pkgver:\"2.6.35-30.56\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-30-versatile\", pkgver:\"2.6.35-30.56\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-30-virtual\", pkgver:\"2.6.35-30.56\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:35:43", "description": "Dan Rosenberg discovered that multiple terminal ioctls did not\ncorrectly initialize structure memory. A local attacker could exploit\nthis to read portions of kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4076, CVE-2010-4077)\n\nIt was discovered that Xen did not correctly handle certain block\nrequests. A local attacker in a Xen guest could cause the Xen host to\nuse all available CPU resources, leading to a denial of service.\n(CVE-2010-4247)\n\nIt was discovered that the ICMP stack did not correctly handle certain\nunreachable messages. If a remote attacker were able to acquire a\nsocket lock, they could send specially crafted traffic that would\ncrash the system, leading to a denial of service. (CVE-2010-4526)\n\nKees Cook reported that /proc/pid/stat did not correctly filter\ncertain memory locations. A local attacker could determine the memory\nlayout of processes in an attempt to increase the chances of a\nsuccessful memory corruption exploit. (CVE-2011-0726)\n\nTimo Warns discovered that OSF partition parsing routines did not\ncorrectly clear memory. A local attacker with physical access could\nplug in a specially crafted block device to read kernel memory,\nleading to a loss of privacy. (CVE-2011-1163)\n\nTimo Warns discovered that the GUID partition parsing routines did not\ncorrectly validate certain structures. A local attacker with physical\naccess could plug in a specially crafted block device to crash the\nsystem, leading to a denial of service. (CVE-2011-1577)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain\nioctl values. A local attacker with access to the video subsystem\ncould exploit this to crash the system, leading to a denial of\nservice, or possibly gain root privileges. (CVE-2011-1745,\nCVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size\nof certain memory allocations. A local attacker with access to the\nvideo subsystem could exploit this to run the system out of memory,\nleading to a denial of service. (CVE-2011-1746).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-07-18T00:00:00", "title": "Ubuntu 8.04 LTS : linux vulnerabilities (USN-1170-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1746", "CVE-2010-4526", "CVE-2011-2022", "CVE-2010-4247", "CVE-2011-1747", "CVE-2011-1163", "CVE-2011-0726", "CVE-2011-1745", "CVE-2010-4077", "CVE-2011-1577", "CVE-2010-4076"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia"], "id": "UBUNTU_USN-1170-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55607", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1170-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55607);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4247\", \"CVE-2010-4526\", \"CVE-2011-0726\", \"CVE-2011-1163\", \"CVE-2011-1577\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-2022\");\n script_bugtraq_id(45029, 45059, 45661, 46878, 47343, 47534, 47535, 47791, 47832, 47843);\n script_xref(name:\"USN\", value:\"1170-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS : linux vulnerabilities (USN-1170-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Dan Rosenberg discovered that multiple terminal ioctls did not\ncorrectly initialize structure memory. A local attacker could exploit\nthis to read portions of kernel stack memory, leading to a loss of\nprivacy. (CVE-2010-4076, CVE-2010-4077)\n\nIt was discovered that Xen did not correctly handle certain block\nrequests. A local attacker in a Xen guest could cause the Xen host to\nuse all available CPU resources, leading to a denial of service.\n(CVE-2010-4247)\n\nIt was discovered that the ICMP stack did not correctly handle certain\nunreachable messages. If a remote attacker were able to acquire a\nsocket lock, they could send specially crafted traffic that would\ncrash the system, leading to a denial of service. (CVE-2010-4526)\n\nKees Cook reported that /proc/pid/stat did not correctly filter\ncertain memory locations. A local attacker could determine the memory\nlayout of processes in an attempt to increase the chances of a\nsuccessful memory corruption exploit. (CVE-2011-0726)\n\nTimo Warns discovered that OSF partition parsing routines did not\ncorrectly clear memory. A local attacker with physical access could\nplug in a specially crafted block device to read kernel memory,\nleading to a loss of privacy. (CVE-2011-1163)\n\nTimo Warns discovered that the GUID partition parsing routines did not\ncorrectly validate certain structures. A local attacker with physical\naccess could plug in a specially crafted block device to crash the\nsystem, leading to a denial of service. (CVE-2011-1577)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain\nioctl values. A local attacker with access to the video subsystem\ncould exploit this to crash the system, leading to a denial of\nservice, or possibly gain root privileges. (CVE-2011-1745,\nCVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size\nof certain memory allocations. A local attacker with access to the\nvideo subsystem could exploit this to run the system out of memory,\nleading to a denial of service. (CVE-2011-1746).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1170-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpia\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-lpiacompat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-4076\", \"CVE-2010-4077\", \"CVE-2010-4247\", \"CVE-2010-4526\", \"CVE-2011-0726\", \"CVE-2011-1163\", \"CVE-2011-1577\", \"CVE-2011-1745\", \"CVE-2011-1746\", \"CVE-2011-1747\", \"CVE-2011-2022\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1170-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-386\", pkgver:\"2.6.24-29.91\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-generic\", pkgver:\"2.6.24-29.91\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-lpia\", pkgver:\"2.6.24-29.91\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-lpiacompat\", pkgver:\"2.6.24-29.91\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-openvz\", pkgver:\"2.6.24-29.91\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-rt\", pkgver:\"2.6.24-29.91\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-server\", pkgver:\"2.6.24-29.91\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-virtual\", pkgver:\"2.6.24-29.91\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"linux-image-2.6.24-29-xen\", pkgver:\"2.6.24-29.91\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-386 / linux-image-2.6-generic / etc\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:45:56", "description": "From Red Hat Security Advisory 2011:0836 :\n\nUpdated kernel packages that fix multiple security issues and various\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* An integer underflow flaw, leading to a buffer overflow, was found\nin the Linux kernel's Datagram Congestion Control Protocol (DCCP)\nimplementation. This could allow a remote attacker to cause a denial\nof service. (CVE-2011-1770, Important)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A missing validation check was found in the bcm_release() and\nraw_release() functions in the Linux kernel's Controller Area Network\n(CAN) implementation. This could allow a local, unprivileged user to\ncause a denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)\n\n* The fix for Red Hat Bugzilla bug 656461, as provided in\nRHSA-2011:0542, introduced a regression in the cifs_close() function\nin the Linux kernel's Common Internet File System (CIFS)\nimplementation. A local, unprivileged user with write access to a CIFS\nfile system could use this flaw to cause a denial of service.\n(CVE-2011-1771, Moderate)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770;\nBrad Spengler for reporting CVE-2010-3858; and Oliver Hartkopp for\nreporting CVE-2011-1748.\n\nThis update also fixes various bugs. Documentation for these bug fixes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to resolve these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : kernel (ELSA-2011-0836)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1771", "CVE-2011-1598", "CVE-2011-1770", "CVE-2010-3858", "CVE-2011-1748"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware"], "id": "ORACLELINUX_ELSA-2011-0836.NASL", "href": "https://www.tenable.com/plugins/nessus/68277", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:0836 and \n# Oracle Linux Security Advisory ELSA-2011-0836 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68277);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3858\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1770\", \"CVE-2011-1771\");\n script_bugtraq_id(44301, 47503, 47768, 47769, 47835);\n script_xref(name:\"RHSA\", value:\"2011:0836\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2011-0836)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:0836 :\n\nUpdated kernel packages that fix multiple security issues and various\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* An integer underflow flaw, leading to a buffer overflow, was found\nin the Linux kernel's Datagram Congestion Control Protocol (DCCP)\nimplementation. This could allow a remote attacker to cause a denial\nof service. (CVE-2011-1770, Important)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A missing validation check was found in the bcm_release() and\nraw_release() functions in the Linux kernel's Controller Area Network\n(CAN) implementation. This could allow a local, unprivileged user to\ncause a denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)\n\n* The fix for Red Hat Bugzilla bug 656461, as provided in\nRHSA-2011:0542, introduced a regression in the cifs_close() function\nin the Linux kernel's Common Internet File System (CIFS)\nimplementation. A local, unprivileged user with write access to a CIFS\nfile system could use this flaw to cause a denial of service.\n(CVE-2011-1771, Moderate)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770;\nBrad Spengler for reporting CVE-2010-3858; and Oliver Hartkopp for\nreporting CVE-2011-1748.\n\nThis update also fixes various bugs. Documentation for these bug fixes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to resolve these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-June/002176.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-3858\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1770\", \"CVE-2011-1771\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2011-0836\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-131.2.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-131.2.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-131.2.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-131.2.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-131.2.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-131.2.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-131.2.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:09:15", "description": "Updated kernel packages that fix multiple security issues and various\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* An integer underflow flaw, leading to a buffer overflow, was found\nin the Linux kernel's Datagram Congestion Control Protocol (DCCP)\nimplementation. This could allow a remote attacker to cause a denial\nof service. (CVE-2011-1770, Important)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A missing validation check was found in the bcm_release() and\nraw_release() functions in the Linux kernel's Controller Area Network\n(CAN) implementation. This could allow a local, unprivileged user to\ncause a denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)\n\n* The fix for Red Hat Bugzilla bug 656461, as provided in\nRHSA-2011:0542, introduced a regression in the cifs_close() function\nin the Linux kernel's Common Internet File System (CIFS)\nimplementation. A local, unprivileged user with write access to a CIFS\nfile system could use this flaw to cause a denial of service.\n(CVE-2011-1771, Moderate)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770;\nBrad Spengler for reporting CVE-2010-3858; and Oliver Hartkopp for\nreporting CVE-2011-1748.\n\nThis update also fixes various bugs. Documentation for these bug fixes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to resolve these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.", "edition": 29, "published": "2011-06-02T00:00:00", "title": "RHEL 6 : kernel (RHSA-2011:0836)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1771", "CVE-2011-1598", "CVE-2011-1770", "CVE-2010-3858", "CVE-2011-1748"], "modified": "2011-06-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "cpe:/o:redhat:enterprise_linux:6.1", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2011-0836.NASL", "href": "https://www.tenable.com/plugins/nessus/54941", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:0836. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54941);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2010-3858\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1770\", \"CVE-2011-1771\");\n script_bugtraq_id(44301, 47503, 47768, 47769, 47835);\n script_xref(name:\"RHSA\", value:\"2011:0836\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2011:0836)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel packages that fix multiple security issues and various\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* An integer underflow flaw, leading to a buffer overflow, was found\nin the Linux kernel's Datagram Congestion Control Protocol (DCCP)\nimplementation. This could allow a remote attacker to cause a denial\nof service. (CVE-2011-1770, Important)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on\nthe stack very large, it could trigger a BUG_ON(), resulting in a\nlocal denial of service. (CVE-2010-3858, Moderate)\n\n* A missing validation check was found in the bcm_release() and\nraw_release() functions in the Linux kernel's Controller Area Network\n(CAN) implementation. This could allow a local, unprivileged user to\ncause a denial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)\n\n* The fix for Red Hat Bugzilla bug 656461, as provided in\nRHSA-2011:0542, introduced a regression in the cifs_close() function\nin the Linux kernel's Common Internet File System (CIFS)\nimplementation. A local, unprivileged user with write access to a CIFS\nfile system could use this flaw to cause a denial of service.\n(CVE-2011-1771, Moderate)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770;\nBrad Spengler for reporting CVE-2010-3858; and Oliver Hartkopp for\nreporting CVE-2011-1748.\n\nThis update also fixes various bugs. Documentation for these bug fixes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to resolve these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2010-3858\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1598\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1770\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-1771\"\n );\n # https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?056c0c27\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0836\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/11/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2010-3858\", \"CVE-2011-1598\", \"CVE-2011-1748\", \"CVE-2011-1770\", \"CVE-2011-1771\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2011:0836\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:0836\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-131.2.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:20:32", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1776", "CVE-2011-1598", "CVE-2011-1759", "CVE-2011-2022", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-3363", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-1090"], "description": "Timo Warns discovered that the LDM disk partition handling code did not \ncorrectly handle certain values. By inserting a specially crafted disk \ndevice, a local attacker could exploit this to gain root privileges. \n(CVE-2011-1017)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain orders \nof operation with ACL data. A remote attacker with access to an NFSv4 mount \ncould exploit this to crash the system, leading to a denial of service. \n(CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not correctly \nclear memory. A local attacker with physical access could plug in a \nspecially crafted block device to read kernel memory, leading to a loss of \nprivacy. (CVE-2011-1163)\n\nDan Rosenberg discovered that MPT devices did not correctly validate \ncertain values in ioctl calls. If these drivers were loaded, a local \nattacker could exploit this to read arbitrary kernel memory, leading to a \nloss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTavis Ormandy discovered that the pidmap function did not correctly handle \nlarge requests. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did \nnot correctly validate certain socket structures. If this driver was \nloaded, a local attacker could crash the system, leading to a denial of \nservice. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl \nvalues. A local attacker with access to the video subsystem could exploit \nthis to crash the system, leading to a denial of service, or possibly gain \nroot privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of ARM \nkernels. A local attacker could exploit this flaw to cause a denial of \nservice or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle \ncertain packet structures. A remote attacker could exploit this to crash \nthe system, leading to a denial of service. (CVE-2011-1770)\n\nTimo Warns discovered that the EFI GUID partition table was not correctly \nparsed. A physically local attacker that could insert mountable devices \ncould exploit this to crash the system or possibly gain root privileges. \n(CVE-2011-1776)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that had \nno prefixpaths. A local attacker with access to a CIFS partition could \nexploit this to crash the system, leading to a denial of service. \n(CVE-2011-3363)", "edition": 5, "modified": "2011-07-15T00:00:00", "published": "2011-07-15T00:00:00", "id": "USN-1168-1", "href": "https://ubuntu.com/security/notices/USN-1168-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T01:37:01", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2010-3881", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-1776", "CVE-2011-1598", "CVE-2011-1759", "CVE-2011-2022", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-3363", "CVE-2011-1593", "CVE-2011-1748", "CVE-2011-1745", "CVE-2011-1090"], "description": "Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local \nattacker could exploit this to read portions of the kernel stack, leading \nto a loss of privacy. (CVE-2010-3881)\n\nTimo Warns discovered that the LDM disk partition handling code did not \ncorrectly handle certain values. By inserting a specially crafted disk \ndevice, a local attacker could exploit this to gain root privileges. \n(CVE-2011-1017)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain orders \nof operation with ACL data. A remote attacker with access to an NFSv4 mount \ncould exploit this to crash the system, leading to a denial of service. \n(CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not correctly \nclear memory. A local attacker with physical access could plug in a \nspecially crafted block device to read kernel memory, leading to a loss of \nprivacy. (CVE-2011-1163)\n\nDan Rosenberg discovered that MPT devices did not correctly validate \ncertain values in ioctl calls. If these drivers were loaded, a local \nattacker could exploit this to read arbitrary kernel memory, leading to a \nloss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTavis Ormandy discovered that the pidmap function did not correctly handle \nlarge requests. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did \nnot correctly validate certain socket structures. If this driver was \nloaded, a local attacker could crash the system, leading to a denial of \nservice. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl \nvalues. A local attacker with access to the video subsystem could exploit \nthis to crash the system, leading to a denial of service, or possibly gain \nroot privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of ARM \nkernels. A local attacker could exploit this flaw to cause a denial of \nservice or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle \ncertain packet structures. A remote attacker could exploit this to crash \nthe system, leading to a denial of service. (CVE-2011-1770)\n\nTimo Warns discovered that the EFI GUID partition table was not correctly \nparsed. A physically local attacker that could insert mountable devices \ncould exploit this to crash the system or possibly gain root privileges. \n(CVE-2011-1776)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that had \nno prefixpaths. A local attacker with access to a CIFS partition could \nexploit this to crash the system, leading to a denial of service. \n(CVE-2011-3363)", "edition": 5, "modified": "2011-07-13T00:00:00", "published": "2011-07-13T00:00:00", "id": "USN-1161-1", "href": "https://ubuntu.com/security/notices/USN-1161-1", "title": "Linux kernel vulnerabilities (EC2)", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-08T23:37:21", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1746", "CVE-2011-1598", "CVE-2011-1163", "CVE-2011-1090", "CVE-2010-4077", "CVE-2011-1577", "CVE-2010-4076"], "description": "Dan Rosenberg discovered that multiple terminal ioctls did not correctly \ninitialize structure memory. A local attacker could exploit this to read \nportions of kernel stack memory, leading to a loss of privacy. \n(CVE-2010-4076, CVE-2010-4077)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain orders \nof operation with ACL data. A remote attacker with access to an NFSv4 mount \ncould exploit this to crash the system, leading to a denial of service. \n(CVE-2011-1090)\n\nTimo Warns discovered that OSF partition parsing routines did not correctly \nclear memory. A local attacker with physical access could plug in a \nspecially crafted block device to read kernel memory, leading to a loss of \nprivacy. (CVE-2011-1163)\n\nTimo Warns discovered that the GUID partition parsing routines did not \ncorrectly validate certain structures. A local attacker with physical \naccess could plug in a specially crafted block device to crash the system, \nleading to a denial of service. (CVE-2011-1577)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did \nnot correctly validate certain socket structures. If this driver was \nloaded, a local attacker could crash the system, leading to a denial of \nservice. (CVE-2011-1598)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)", "edition": 5, "modified": "2011-08-03T00:00:00", "published": "2011-08-03T00:00:00", "id": "USN-1183-1", "href": "https://ubuntu.com/security/notices/USN-1183-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:41:58", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1746", "CVE-2010-4526", "CVE-2011-2022", "CVE-2010-4247", "CVE-2011-1163", "CVE-2011-0726", "CVE-2011-1745", "CVE-2010-4077", "CVE-2011-1577", "CVE-2010-4076"], "description": "Dan Rosenberg discovered that multiple terminal ioctls did not correctly \ninitialize structure memory. A local attacker could exploit this to read \nportions of kernel stack memory, leading to a loss of privacy. \n(CVE-2010-4076, CVE-2010-4077)\n\nIt was discovered that Xen did not correctly handle certain block requests. \nA local attacker in a Xen guest could cause the Xen host to use all \navailable CPU resources, leading to a denial of service. (CVE-2010-4247)\n\nIt was discovered that the ICMP stack did not correctly handle certain \nunreachable messages. If a remote attacker were able to acquire a socket \nlock, they could send specially crafted traffic that would crash the \nsystem, leading to a denial of service. (CVE-2010-4526)\n\nKees Cook reported that /proc/pid/stat did not correctly filter certain \nmemory locations. A local attacker could determine the memory layout of \nprocesses in an attempt to increase the chances of a successful memory \ncorruption exploit. (CVE-2011-0726)\n\nTimo Warns discovered that OSF partition parsing routines did not correctly \nclear memory. A local attacker with physical access could plug in a \nspecially crafted block device to read kernel memory, leading to a loss of \nprivacy. (CVE-2011-1163)\n\nTimo Warns discovered that the GUID partition parsing routines did not \ncorrectly validate certain structures. A local attacker with physical \naccess could plug in a specially crafted block device to crash the system, \nleading to a denial of service. (CVE-2011-1577)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl \nvalues. A local attacker with access to the video subsystem could exploit \nthis to crash the system, leading to a denial of service, or possibly gain \nroot privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)", "edition": 5, "modified": "2011-07-15T00:00:00", "published": "2011-07-15T00:00:00", "id": "USN-1170-1", "href": "https://ubuntu.com/security/notices/USN-1170-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:35:20", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1476", "CVE-2011-2498", "CVE-2011-1746", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-1776", "CVE-2011-1771", "CVE-2011-1598", "CVE-2011-1173", "CVE-2011-1759", "CVE-2011-0463", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-3359", "CVE-2011-1079", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-3363", "CVE-2011-4913", "CVE-2010-4250", "CVE-2011-1093", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-2479", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-1479", "CVE-2011-2534", "CVE-2011-1927", "CVE-2011-1745", "CVE-2011-1080", "CVE-2011-2496"], "description": "Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's \nhandling of IPv4 icmp packets. A remote user could exploit this to cause a \ndenial of service. (CVE-2011-1927)\n\nGoldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly \nclear memory when writing certain file holes. A local attacker could \nexploit this to read uninitialized data from the disk, leading to a loss of \nprivacy. (CVE-2011-0463)\n\nTimo Warns discovered that the LDM disk partition handling code did not \ncorrectly handle certain values. By inserting a specially crafted disk \ndevice, a local attacker could exploit this to gain root privileges. \n(CVE-2011-1017)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly clear \nmemory. A local attacker could exploit this to read kernel stack memory, \nleading to a loss of privacy. (CVE-2011-1078)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly check \nthat device name strings were NULL terminated. A local attacker could \nexploit this to crash the system, leading to a denial of service, or leak \ncontents of kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1079)\n\nVasiliy Kulikov discovered that bridge network filtering did not check that \nname fields were NULL terminated. A local attacker could exploit this to \nleak contents of kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1080)\n\nJohan Hovold discovered that the DCCP network stack did not correctly \nhandle certain packet combinations. A remote attacker could send specially \ncrafted network traffic that would crash the system, leading to a denial of \nservice. (CVE-2011-1093)\n\nPeter Huewe discovered that the TPM device did not correctly initialize \nmemory. A local attacker could exploit this to read kernel heap memory \ncontents, leading to a loss of privacy. (CVE-2011-1160)\n\nVasiliy Kulikov discovered that the netfilter code did not check certain \nstrings copied from userspace. A local attacker with netfilter access could \nexploit this to read kernel memory or crash the system, leading to a denial \nof service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)\n\nVasiliy Kulikov discovered that the Acorn Universal Networking driver did \nnot correctly initialize memory. A remote attacker could send specially \ncrafted traffic to read kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1173)\n\nDan Rosenberg discovered that the IRDA subsystem did not correctly check \ncertain field sizes. If a system was using IRDA, a remote attacker could \nsend specially crafted traffic to crash the system or gain root privileges. \n(CVE-2011-1180)\n\nDan Rosenberg reported errors in the OSS (Open Sound System) MIDI \ninterface. A local attacker on non-x86 systems might be able to cause a \ndenial of service. (CVE-2011-1476)\n\nDan Rosenberg reported errors in the kernel's OSS (Open Sound System) \ndriver for Yamaha FM synthesizer chips. A local user can exploit this to \ncause memory corruption, causing a denial of service or privilege \nescalation. (CVE-2011-1477)\n\nIt was discovered that the security fix for CVE-2010-4250 introduced a \nregression. A remote attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1479)\n\nDan Rosenberg discovered that MPT devices did not correctly validate \ncertain values in ioctl calls. If these drivers were loaded, a local \nattacker could exploit this to read arbitrary kernel memory, leading to a \nloss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTavis Ormandy discovered that the pidmap function did not correctly handle \nlarge requests. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did \nnot correctly validate certain socket structures. If this driver was \nloaded, a local attacker could crash the system, leading to a denial of \nservice. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl \nvalues. A local attacker with access to the video subsystem could exploit \nthis to crash the system, leading to a denial of service, or possibly gain \nroot privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of ARM \nkernels. A local attacker could exploit this flaw to cause a denial of \nservice or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle \ncertain packet structures. A remote attacker could exploit this to crash \nthe system, leading to a denial of service. (CVE-2011-1770)\n\nBen Greear discovered that CIFS did not correctly handle direct I/O. A \nlocal attacker with access to a CIFS partition could exploit this to crash \nthe system, leading to a denial of service. (CVE-2011-1771)\n\nTimo Warns discovered that the EFI GUID partition table was not correctly \nparsed. A physically local attacker that could insert mountable devices \ncould exploit this to crash the system or possibly gain root privileges. \n(CVE-2011-1776)\n\nIt was discovered that an mmap() call with the MAP_PRIVATE flag on \n\"/dev/zero\" was incorrectly handled. A local attacker could exploit this to \ncrash the system, leading to a denial of service. (CVE-2011-2479)\n\nRobert Swiecki discovered that mapping extensions were incorrectly handled. \nA local attacker could exploit this to crash the system, leading to a \ndenial of service. (CVE-2011-2496)\n\nThe linux kernel did not properly account for PTE pages when deciding which \ntask to kill in out of memory conditions. A local, unprivileged could \nexploit this flaw to cause a denial of service. (CVE-2011-2498)\n\nA flaw was found in the b43 driver in the Linux kernel. An attacker could \nuse this flaw to cause a denial of service if the system has an active \nwireless interface using the b43 driver. (CVE-2011-3359)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that had \nno prefixpaths. A local attacker with access to a CIFS partition could \nexploit this to crash the system, leading to a denial of service. \n(CVE-2011-3363)\n\nDan Rosenberg discovered flaws in the linux Rose (X.25 PLP) layer used by \namateur radio. A local user or a remote user on an X.25 network could \nexploit these flaws to execute arbitrary code as root. (CVE-2011-4913)", "edition": 5, "modified": "2011-07-13T00:00:00", "published": "2011-07-13T00:00:00", "id": "USN-1167-1", "href": "https://ubuntu.com/security/notices/USN-1167-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-08-08T14:08:14", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2010-4529", "CVE-2011-1476", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-1478", "CVE-2011-1776", "CVE-2011-1598", "CVE-2011-1573", "CVE-2011-1173", "CVE-2011-1759", "CVE-2011-0463", "CVE-2011-4611", "CVE-2011-0711", "CVE-2011-2022", "CVE-2010-4263", "CVE-2011-1180", "CVE-2011-3359", "CVE-2011-1079", "CVE-2011-1770", "CVE-2011-1019", "CVE-2011-1495", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-3363", "CVE-2011-4913", "CVE-2011-1013", "CVE-2010-4342", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-2534", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-4565", "CVE-2011-1080"], "description": "Brad Spengler discovered that the kernel did not correctly account for \nuserspace memory allocations during exec() calls. A local attacker could \nexploit this to consume all system memory, leading to a denial of service. \n(CVE-2010-4243)\n\nAlexander Duyck discovered that the Intel Gigabit Ethernet driver did not \ncorrectly handle certain configurations. If such a device was configured \nwithout VLANs, a remote attacker could crash the system, leading to a \ndenial of service. (CVE-2010-4263)\n\nNelson Elhage discovered that Econet did not correctly handle AUN packets \nover UDP. A local attacker could send specially crafted traffic to crash \nthe system, leading to a denial of service. (CVE-2010-4342)\n\nDan Rosenberg discovered that IRDA did not correctly check the size of \nbuffers. On non-x86 systems, a local attacker could exploit this to read \nkernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n\nDan Rosenburg discovered that the CAN subsystem leaked kernel addresses \ninto the /proc filesystem. A local attacker could use this to increase the \nchances of a successful memory corruption exploit. (CVE-2010-4565)\n\nGoldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly \nclear memory when writing certain file holes. A local attacker could \nexploit this to read uninitialized data from the disk, leading to a loss of \nprivacy. (CVE-2011-0463)\n\nJens Kuehnel discovered that the InfiniBand driver contained a race \ncondition. On systems using InfiniBand, a local attacker could send \nspecially crafted requests to crash the system, leading to a denial of \nservice. (CVE-2011-0695)\n\nDan Rosenberg discovered that XFS did not correctly initialize memory. A \nlocal attacker could make crafted ioctl calls to leak portions of kernel \nstack memory, leading to a loss of privacy. (CVE-2011-0711)\n\nKees Cook reported that /proc/pid/stat did not correctly filter certain \nmemory locations. A local attacker could determine the memory layout of \nprocesses in an attempt to increase the chances of a successful memory \ncorruption exploit. (CVE-2011-0726)\n\nMatthiew Herrb discovered that the drm modeset interface did not correctly \nhandle a signed comparison. A local attacker could exploit this to crash \nthe system or possibly gain root privileges. (CVE-2011-1013)\n\nMarek Ol\u0161\u00e1k discovered that the Radeon GPU drivers did not correctly \nvalidate certain registers. On systems with specific hardware, a local \nattacker could exploit this to write to arbitrary video memory. \n(CVE-2011-1016)\n\nTimo Warns discovered that the LDM disk partition handling code did not \ncorrectly handle certain values. By inserting a specially crafted disk \ndevice, a local attacker could exploit this to gain root privileges. \n(CVE-2011-1017)\n\nVasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not \nneeded to load kernel modules. A local attacker with the CAP_NET_ADMIN \ncapability could load existing kernel modules, possibly increasing the \nattack surface available on the system. (CVE-2011-1019)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly clear \nmemory. A local attacker could exploit this to read kernel stack memory, \nleading to a loss of privacy. (CVE-2011-1078)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly check \nthat device name strings were NULL terminated. A local attacker could \nexploit this to crash the system, leading to a denial of service, or leak \ncontents of kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1079)\n\nVasiliy Kulikov discovered that bridge network filtering did not check that \nname fields were NULL terminated. A local attacker could exploit this to \nleak contents of kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1080)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain orders \nof operation with ACL data. A remote attacker with access to an NFSv4 mount \ncould exploit this to crash the system, leading to a denial of service. \n(CVE-2011-1090)\n\nPeter Huewe discovered that the TPM device did not correctly initialize \nmemory. A local attacker could exploit this to read kernel heap memory \ncontents, leading to a loss of privacy. (CVE-2011-1160)\n\nTimo Warns discovered that OSF partition parsing routines did not correctly \nclear memory. A local attacker with physical access could plug in a \nspecially crafted block device to read kernel memory, leading to a loss of \nprivacy. (CVE-2011-1163)\n\nVasiliy Kulikov discovered that the netfilter code did not check certain \nstrings copied from userspace. A local attacker with netfilter access could \nexploit this to read kernel memory or crash the system, leading to a denial \nof service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)\n\nVasiliy Kulikov discovered that the Acorn Universal Networking driver did \nnot correctly initialize memory. A remote attacker could send specially \ncrafted traffic to read kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1173)\n\nDan Rosenberg discovered that the IRDA subsystem did not correctly check \ncertain field sizes. If a system was using IRDA, a remote attacker could \nsend specially crafted traffic to crash the system or gain root privileges. \n(CVE-2011-1180)\n\nJulien Tinnes discovered that the kernel did not correctly validate the \nsignal structure from tkill(). A local attacker could exploit this to send \nsignals to arbitrary threads, possibly bypassing expected restrictions. \n(CVE-2011-1182)\n\nDan Rosenberg reported errors in the OSS (Open Sound System) MIDI \ninterface. A local attacker on non-x86 systems might be able to cause a \ndenial of service. (CVE-2011-1476)\n\nDan Rosenberg reported errors in the kernel's OSS (Open Sound System) \ndriver for Yamaha FM synthesizer chips. A local user can exploit this to \ncause memory corruption, causing a denial of service or privilege \nescalation. (CVE-2011-1477)\n\nRyan Sweat discovered that the GRO code did not correctly validate memory. \nIn some configurations on systems using VLANs, a remote attacker could send \nspecially crafted traffic to crash the system, leading to a denial of \nservice. (CVE-2011-1478)\n\nDan Rosenberg discovered that MPT devices did not correctly validate \ncertain values in ioctl calls. If these drivers were loaded, a local \nattacker could exploit this to read arbitrary kernel memory, leading to a \nloss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nIt was discovered that the Stream Control Transmission Protocol (SCTP) \nimplementation incorrectly calculated lengths. If the net.sctp.addip_enable \nvariable was turned on, a remote attacker could send specially crafted \ntraffic to crash the system. (CVE-2011-1573)\n\nTavis Ormandy discovered that the pidmap function did not correctly handle \nlarge requests. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did \nnot correctly validate certain socket structures. If this driver was \nloaded, a local attacker could crash the system, leading to a denial of \nservice. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl \nvalues. A local attacker with access to the video subsystem could exploit \nthis to crash the system, leading to a denial of service, or possibly gain \nroot privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of ARM \nkernels. A local attacker could exploit this flaw to cause a denial of \nservice or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle \ncertain packet structures. A remote attacker could exploit this to crash \nthe system, leading to a denial of service. (CVE-2011-1770)\n\nTimo Warns discovered that the EFI GUID partition table was not correctly \nparsed. A physically local attacker that could insert mountable devices \ncould exploit this to crash the system or possibly gain root privileges. \n(CVE-2011-1776)\n\nA flaw was found in the b43 driver in the Linux kernel. An attacker could \nuse this flaw to cause a denial of service if the system has an active \nwireless interface using the b43 driver. (CVE-2011-3359)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that had \nno prefixpaths. A local attacker with access to a CIFS partition could \nexploit this to crash the system, leading to a denial of service. \n(CVE-2011-3363)\n\nMaynard Johnson discovered that on POWER7, certain speculative events may \nraise a performance monitor exception. A local attacker could exploit this \nto crash the system, leading to a denial of service. (CVE-2011-4611)\n\nDan Rosenberg discovered flaws in the linux Rose (X.25 PLP) layer used by \namateur radio. A local user or a remote user on an X.25 network could \nexploit these flaws to execute arbitrary code as root. (CVE-2011-4913)", "edition": 6, "modified": "2011-06-29T00:00:00", "published": "2011-06-29T00:00:00", "id": "USN-1162-1", "href": "https://ubuntu.com/security/notices/USN-1162-1", "title": "Linux kernel vulnerabilities (Marvell Dove)", "type": "ubuntu", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-08-08T13:59:09", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2010-4529", "CVE-2011-1476", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-1478", "CVE-2011-1776", "CVE-2011-1598", "CVE-2011-1573", "CVE-2011-1173", "CVE-2011-1759", "CVE-2011-0463", "CVE-2011-4611", "CVE-2011-0711", "CVE-2011-2022", "CVE-2010-4263", "CVE-2011-1180", "CVE-2011-3359", "CVE-2011-1079", "CVE-2011-1770", "CVE-2011-1019", "CVE-2011-1495", "CVE-2010-4243", "CVE-2011-1163", "CVE-2011-3363", "CVE-2011-4913", "CVE-2011-1013", "CVE-2010-4342", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-2534", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2010-4565", "CVE-2011-1080"], "description": "Brad Spengler discovered that the kernel did not correctly account for \nuserspace memory allocations during exec() calls. A local attacker could \nexploit this to consume all system memory, leading to a denial of service. \n(CVE-2010-4243)\n\nAlexander Duyck discovered that the Intel Gigabit Ethernet driver did not \ncorrectly handle certain configurations. If such a device was configured \nwithout VLANs, a remote attacker could crash the system, leading to a \ndenial of service. (CVE-2010-4263)\n\nNelson Elhage discovered that Econet did not correctly handle AUN packets \nover UDP. A local attacker could send specially crafted traffic to crash \nthe system, leading to a denial of service. (CVE-2010-4342)\n\nDan Rosenberg discovered that IRDA did not correctly check the size of \nbuffers. On non-x86 systems, a local attacker could exploit this to read \nkernel heap memory, leading to a loss of privacy. (CVE-2010-4529)\n\nDan Rosenburg discovered that the CAN subsystem leaked kernel addresses \ninto the /proc filesystem. A local attacker could use this to increase the \nchances of a successful memory corruption exploit. (CVE-2010-4565)\n\nGoldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly \nclear memory when writing certain file holes. A local attacker could \nexploit this to read uninitialized data from the disk, leading to a loss of \nprivacy. (CVE-2011-0463)\n\nJens Kuehnel discovered that the InfiniBand driver contained a race \ncondition. On systems using InfiniBand, a local attacker could send \nspecially crafted requests to crash the system, leading to a denial of \nservice. (CVE-2011-0695)\n\nDan Rosenberg discovered that XFS did not correctly initialize memory. A \nlocal attacker could make crafted ioctl calls to leak portions of kernel \nstack memory, leading to a loss of privacy. (CVE-2011-0711)\n\nKees Cook reported that /proc/pid/stat did not correctly filter certain \nmemory locations. A local attacker could determine the memory layout of \nprocesses in an attempt to increase the chances of a successful memory \ncorruption exploit. (CVE-2011-0726)\n\nMatthiew Herrb discovered that the drm modeset interface did not correctly \nhandle a signed comparison. A local attacker could exploit this to crash \nthe system or possibly gain root privileges. (CVE-2011-1013)\n\nMarek Ol\u0161\u00e1k discovered that the Radeon GPU drivers did not correctly \nvalidate certain registers. On systems with specific hardware, a local \nattacker could exploit this to write to arbitrary video memory. \n(CVE-2011-1016)\n\nTimo Warns discovered that the LDM disk partition handling code did not \ncorrectly handle certain values. By inserting a specially crafted disk \ndevice, a local attacker could exploit this to gain root privileges. \n(CVE-2011-1017)\n\nVasiliy Kulikov discovered that the CAP_SYS_MODULE capability was not \nneeded to load kernel modules. A local attacker with the CAP_NET_ADMIN \ncapability could load existing kernel modules, possibly increasing the \nattack surface available on the system. (CVE-2011-1019)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly clear \nmemory. A local attacker could exploit this to read kernel stack memory, \nleading to a loss of privacy. (CVE-2011-1078)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly check \nthat device name strings were NULL terminated. A local attacker could \nexploit this to crash the system, leading to a denial of service, or leak \ncontents of kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1079)\n\nVasiliy Kulikov discovered that bridge network filtering did not check that \nname fields were NULL terminated. A local attacker could exploit this to \nleak contents of kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1080)\n\nNeil Horman discovered that NFSv4 did not correctly handle certain orders \nof operation with ACL data. A remote attacker with access to an NFSv4 mount \ncould exploit this to crash the system, leading to a denial of service. \n(CVE-2011-1090)\n\nPeter Huewe discovered that the TPM device did not correctly initialize \nmemory. A local attacker could exploit this to read kernel heap memory \ncontents, leading to a loss of privacy. (CVE-2011-1160)\n\nTimo Warns discovered that OSF partition parsing routines did not correctly \nclear memory. A local attacker with physical access could plug in a \nspecially crafted block device to read kernel memory, leading to a loss of \nprivacy. (CVE-2011-1163)\n\nVasiliy Kulikov discovered that the netfilter code did not check certain \nstrings copied from userspace. A local attacker with netfilter access could \nexploit this to read kernel memory or crash the system, leading to a denial \nof service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)\n\nVasiliy Kulikov discovered that the Acorn Universal Networking driver did \nnot correctly initialize memory. A remote attacker could send specially \ncrafted traffic to read kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1173)\n\nDan Rosenberg discovered that the IRDA subsystem did not correctly check \ncertain field sizes. If a system was using IRDA, a remote attacker could \nsend specially crafted traffic to crash the system or gain root privileges. \n(CVE-2011-1180)\n\nJulien Tinnes discovered that the kernel did not correctly validate the \nsignal structure from tkill(). A local attacker could exploit this to send \nsignals to arbitrary threads, possibly bypassing expected restrictions. \n(CVE-2011-1182)\n\nDan Rosenberg reported errors in the OSS (Open Sound System) MIDI \ninterface. A local attacker on non-x86 systems might be able to cause a \ndenial of service. (CVE-2011-1476)\n\nDan Rosenberg reported errors in the kernel's OSS (Open Sound System) \ndriver for Yamaha FM synthesizer chips. A local user can exploit this to \ncause memory corruption, causing a denial of service or privilege \nescalation. (CVE-2011-1477)\n\nRyan Sweat discovered that the GRO code did not correctly validate memory. \nIn some configurations on systems using VLANs, a remote attacker could send \nspecially crafted traffic to crash the system, leading to a denial of \nservice. (CVE-2011-1478)\n\nDan Rosenberg discovered that MPT devices did not correctly validate \ncertain values in ioctl calls. If these drivers were loaded, a local \nattacker could exploit this to read arbitrary kernel memory, leading to a \nloss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nIt was discovered that the Stream Control Transmission Protocol (SCTP) \nimplementation incorrectly calculated lengths. If the net.sctp.addip_enable \nvariable was turned on, a remote attacker could send specially crafted \ntraffic to crash the system. (CVE-2011-1573)\n\nTavis Ormandy discovered that the pidmap function did not correctly handle \nlarge requests. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did \nnot correctly validate certain socket structures. If this driver was \nloaded, a local attacker could crash the system, leading to a denial of \nservice. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl \nvalues. A local attacker with access to the video subsystem could exploit \nthis to crash the system, leading to a denial of service, or possibly gain \nroot privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of ARM \nkernels. A local attacker could exploit this flaw to cause a denial of \nservice or gain root privileges. (CVE-2011-1759)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle \ncertain packet structures. A remote attacker could exploit this to crash \nthe system, leading to a denial of service. (CVE-2011-1770)\n\nTimo Warns discovered that the EFI GUID partition table was not correctly \nparsed. A physically local attacker that could insert mountable devices \ncould exploit this to crash the system or possibly gain root privileges. \n(CVE-2011-1776)\n\nA flaw was found in the b43 driver in the Linux kernel. An attacker could \nuse this flaw to cause a denial of service if the system has an active \nwireless interface using the b43 driver. (CVE-2011-3359)\n\nYogesh Sharma discovered that CIFS did not correctly handle UNCs that had \nno prefixpaths. A local attacker with access to a CIFS partition could \nexploit this to crash the system, leading to a denial of service. \n(CVE-2011-3363)\n\nMaynard Johnson discovered that on POWER7, certain speculative events may \nraise a performance monitor exception. A local attacker could exploit this \nto crash the system, leading to a denial of service. (CVE-2011-4611)\n\nDan Rosenberg discovered flaws in the linux Rose (X.25 PLP) layer used by \namateur radio. A local user or a remote user on an X.25 network could \nexploit these flaws to execute arbitrary code as root. (CVE-2011-4913)", "edition": 6, "modified": "2011-07-13T00:00:00", "published": "2011-07-13T00:00:00", "id": "USN-1159-1", "href": "https://ubuntu.com/security/notices/USN-1159-1", "title": "Linux kernel vulnerabilities (Marvell Dove)", "type": "ubuntu", "cvss": {"score": 7.9, "vector": "AV:A/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-30T13:34:59", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-2918", "CVE-2011-4621", "CVE-2011-1476", "CVE-2011-1746", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-2493", "CVE-2011-1494", "CVE-2011-1771", "CVE-2011-1598", "CVE-2011-2492", "CVE-2011-1173", "CVE-2011-2699", "CVE-2011-0463", "CVE-2011-2484", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-3359", "CVE-2011-1079", "CVE-2011-1581", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-4913", "CVE-2011-1833", "CVE-2011-4914", "CVE-2010-4250", "CVE-2011-1020", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-1493", "CVE-2011-2689", "CVE-2011-1479", "CVE-2011-2534", "CVE-2011-3637", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1080", "CVE-2011-1577"], "description": "Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly \nclear memory when writing certain file holes. A local attacker could \nexploit this to read uninitialized data from the disk, leading to a loss of \nprivacy. (CVE-2011-0463)\n\nTimo Warns discovered that the LDM disk partition handling code did not \ncorrectly handle certain values. By inserting a specially crafted disk \ndevice, a local attacker could exploit this to gain root privileges. \n(CVE-2011-1017)\n\nIt was discovered that the /proc filesystem did not correctly handle \npermission changes when programs executed. A local attacker could hold open \nfiles to examine details about programs running with higher privileges, \npotentially increasing the chances of exploiting additional \nvulnerabilities. (CVE-2011-1020)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly clear \nmemory. A local attacker could exploit this to read kernel stack memory, \nleading to a loss of privacy. (CVE-2011-1078)\n\nVasiliy Kulikov discovered that the Bluetooth stack did not correctly check \nthat device name strings were NULL terminated. A local attacker could \nexploit this to crash the system, leading to a denial of service, or leak \ncontents of kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1079)\n\nVasiliy Kulikov discovered that bridge network filtering did not check that \nname fields were NULL terminated. A local attacker could exploit this to \nleak contents of kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1080)\n\nPeter Huewe discovered that the TPM device did not correctly initialize \nmemory. A local attacker could exploit this to read kernel heap memory \ncontents, leading to a loss of privacy. (CVE-2011-1160)\n\nVasiliy Kulikov discovered that the netfilter code did not check certain \nstrings copied from userspace. A local attacker with netfilter access could \nexploit this to read kernel memory or crash the system, leading to a denial \nof service. (CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-2534)\n\nVasiliy Kulikov discovered that the Acorn Universal Networking driver did \nnot correctly initialize memory. A remote attacker could send specially \ncrafted traffic to read kernel stack memory, leading to a loss of privacy. \n(CVE-2011-1173)\n\nDan Rosenberg discovered that the IRDA subsystem did not correctly check \ncertain field sizes. If a system was using IRDA, a remote attacker could \nsend specially crafted traffic to crash the system or gain root privileges. \n(CVE-2011-1180)\n\nJulien Tinnes discovered that the kernel did not correctly validate the \nsignal structure from tkill(). A local attacker could exploit this to send \nsignals to arbitrary threads, possibly bypassing expected restrictions. \n(CVE-2011-1182)\n\nDan Rosenberg reported errors in the OSS (Open Sound System) MIDI \ninterface. A local attacker on non-x86 systems might be able to cause a \ndenial of service. (CVE-2011-1476)\n\nDan Rosenberg reported errors in the kernel's OSS (Open Sound System) \ndriver for Yamaha FM synthesizer chips. A local user can exploit this to \ncause memory corruption, causing a denial of service or privilege \nescalation. (CVE-2011-1477)\n\nIt was discovered that the security fix for CVE-2010-4250 introduced a \nregression. A remote attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1479)\n\nDan Rosenberg discovered that the X.25 Rose network stack did not correctly \nhandle certain fields. If a system was running with Rose enabled, a remote \nattacker could send specially crafted traffic to gain root privileges. \n(CVE-2011-1493)\n\nDan Rosenberg discovered that MPT devices did not correctly validate \ncertain values in ioctl calls. If these drivers were loaded, a local \nattacker could exploit this to read arbitrary kernel memory, leading to a \nloss of privacy. (CVE-2011-1494, CVE-2011-1495)\n\nTimo Warns discovered that the GUID partition parsing routines did not \ncorrectly validate certain structures. A local attacker with physical \naccess could plug in a specially crafted block device to crash the system, \nleading to a denial of service. (CVE-2011-1577)\n\nPhil Oester discovered that the network bonding system did not correctly \nhandle large queues. On some systems, a remote attacker could send \nspecially crafted traffic to crash the system, leading to a denial of \nservice. (CVE-2011-1581)\n\nTavis Ormandy discovered that the pidmap function did not correctly handle \nlarge requests. A local attacker could exploit this to crash the system, \nleading to a denial of service. (CVE-2011-1593)\n\nOliver Hartkopp and Dave Jones discovered that the CAN network driver did \nnot correctly validate certain socket structures. If this driver was \nloaded, a local attacker could crash the system, leading to a denial of \nservice. (CVE-2011-1598, CVE-2011-1748)\n\nVasiliy Kulikov discovered that the AGP driver did not check certain ioctl \nvalues. A local attacker with access to the video subsystem could exploit \nthis to crash the system, leading to a denial of service, or possibly gain \nroot privileges. (CVE-2011-1745, CVE-2011-2022)\n\nVasiliy Kulikov discovered that the AGP driver did not check the size of \ncertain memory allocations. A local attacker with access to the video \nsubsystem could exploit this to run the system out of memory, leading to a \ndenial of service. (CVE-2011-1746)\n\nDan Rosenberg discovered that the DCCP stack did not correctly handle \ncertain packet structures. A remote attacker could exploit this to crash \nthe system, leading to a denial of service. (CVE-2011-1770)\n\nBen Greear discovered that CIFS did not correctly handle direct I/O. A \nlocal attacker with access to a CIFS partition could exploit this to crash \nthe system, leading to a denial of service. (CVE-2011-1771)\n\nVasiliy Kulikov and Dan Rosenberg discovered that ecryptfs did not \ncorrectly check the origin of mount points. A local attacker could exploit \nthis to trick the system into unmounting arbitrary mount points, leading to \na denial of service. (CVE-2011-1833)\n\nVasiliy Kulikov discovered that taskstats listeners were not correctly \nhandled. A local attacker could expoit this to exhaust memory and CPU \nresources, leading to a denial of service. (CVE-2011-2484)\n\nIt was discovered that Bluetooth l2cap and rfcomm did not correctly \ninitialize structures. A local attacker could exploit this to read portions \nof the kernel stack, leading to a loss of privacy. (CVE-2011-2492)\n\nSami Liedes discovered that ext4 did not correctly handle missing root \ninodes. A local attacker could trigger the mount of a specially crafted \nfilesystem to cause the system to crash, leading to a denial of service. \n(CVE-2011-2493)\n\nIt was discovered that GFS2 did not correctly check block sizes. A local \nattacker could exploit this to crash the system, leading to a denial of \nservice. (CVE-2011-2689)\n\nFernando Gont discovered that the IPv6 stack used predictable fragment \nidentification numbers. A remote attacker could exploit this to exhaust \nnetwork resources, leading to a denial of service. (CVE-2011-2699)\n\nThe performance counter subsystem did not correctly handle certain \ncounters. A local attacker could exploit this to crash the system, leading \nto a denial of service. (CVE-2011-2918)\n\nA flaw was found in the b43 driver in the Linux kernel. An attacker could \nuse this flaw to cause a denial of service if the system has an active \nwireless interface using the b43 driver. (CVE-2011-3359)\n\nA flaw was found in the Linux kernel's /proc/_/_map* interface. A local, \nunprivileged user could exploit this flaw to cause a denial of service. \n(CVE-2011-3637)\n\nIt was discovered that some import kernel threads can be blocked by a user \nlevel process. An unprivileged local user could exploit this flaw to cause \na denial of service. (CVE-2011-4621)\n\nDan Rosenberg discovered flaws in the linux Rose (X.25 PLP) layer used by \namateur radio. A local user or a remote user on an X.25 network could \nexploit these flaws to execute arbitrary code as root. (CVE-2011-4913)\n\nBen Hutchings discovered several flaws in the Linux Rose (X.25 PLP) layer. \nA local user or a remote user on an X.25 network could exploit these flaws \nto execute arbitrary code as root. (CVE-2011-4914)", "edition": 6, "modified": "2011-09-21T00:00:00", "published": "2011-09-21T00:00:00", "id": "USN-1212-1", "href": "https://ubuntu.com/security/notices/USN-1212-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:C"}}], "cve": [{"lastseen": "2020-12-09T19:39:06", "description": "The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not properly restrict memory allocation by the (1) AGPIOC_RESERVE and (2) AGPIOC_ALLOCATE ioctls, which allows local users to cause a denial of service (memory consumption) by making many calls to these ioctls.", "edition": 7, "cvss3": {}, "published": "2011-05-09T19:55:00", "title": "CVE-2011-1747", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1747"], "modified": "2020-07-29T15:17:00", "cpe": [], "id": "CVE-2011-1747", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1747", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2020-12-09T19:39:06", "description": "The bcm_release function in net/can/bcm.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.", "edition": 7, "cvss3": {}, "published": "2011-05-09T22:55:00", "title": "CVE-2011-1598", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1598"], "modified": "2020-07-31T19:38:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.39"], "id": "CVE-2011-1598", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1598", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.39:-:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages.", "edition": 7, "cvss3": {}, "published": "2011-05-09T19:55:00", "title": "CVE-2011-1746", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1746"], "modified": "2020-07-28T19:28:00", "cpe": ["cpe:/o:redhat:enterprise_linux_eus:5.6", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:redhat:enterprise_linux_aus:5.6", "cpe:/o:redhat:enterprise_linux:5.0", "cpe:/o:redhat:enterprise_linux_server:5.0"], "id": "CVE-2011-1746", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1746", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_aus:5.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:07", "description": "The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.", "edition": 7, "cvss3": {}, "published": "2011-05-09T19:55:00", "title": "CVE-2011-2022", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2022"], "modified": "2020-07-29T15:17:00", "cpe": ["cpe:/o:redhat:enterprise_linux_eus:5.6", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:redhat:enterprise_linux_aus:5.6", "cpe:/o:redhat:enterprise_linux:5.0", "cpe:/o:redhat:enterprise_linux_server:5.0"], "id": "CVE-2011-2022", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2022", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_aus:5.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "The raw_release function in net/can/raw.c in the Linux kernel before 2.6.39-rc6 does not properly validate a socket data structure, which allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impact via a crafted release operation.", "edition": 7, "cvss3": {}, "published": "2011-05-09T22:55:00", "title": "CVE-2011-1748", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1748"], "modified": "2020-07-31T19:44:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.39"], "id": "CVE-2011-1748", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1748", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.39:-:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.39:rc4:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions.", "edition": 5, "cvss3": {}, "published": "2011-05-03T19:55:00", "title": "CVE-2011-1495", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1495"], "modified": "2018-10-09T19:31:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.20.9", "cpe:/o:linux:linux_kernel:2.6.18.1", "cpe:/o:linux:linux_kernel:2.6.27.51", "cpe:/o:linux:linux_kernel:2.6.22.3", "cpe:/o:linux:linux_kernel:2.6.30.4", "cpe:/o:linux:linux_kernel:2.6.16.49", "cpe:/o:linux:linux_kernel:2.6.19.1", "cpe:/o:linux:linux_kernel:2.6.28.6", "cpe:/o:linux:linux_kernel:2.6.31.2", "cpe:/o:linux:linux_kernel:2.6.22.19", "cpe:/o:linux:linux_kernel:2.6.32.17", "cpe:/o:linux:linux_kernel:2.6.37.2", "cpe:/o:linux:linux_kernel:2.6.16.4", "cpe:/o:linux:linux_kernel:2.6.32.24", "cpe:/o:linux:linux_kernel:2.6.16.15", "cpe:/o:linux:linux_kernel:2.6.15.2", "cpe:/o:linux:linux_kernel:2.6.27.30", "cpe:/o:linux:linux_kernel:2.6.22.15", "cpe:/o:linux:linux_kernel:2.6.23.17", "cpe:/o:linux:linux_kernel:2.6.23.12", "cpe:/o:linux:linux_kernel:2.6.16.3", "cpe:/o:linux:linux_kernel:2.6.23.1", "cpe:/o:linux:linux_kernel:2.6.34.4", "cpe:/o:linux:linux_kernel:2.6.21", "cpe:/o:linux:linux_kernel:2.6.35.5", "cpe:/o:linux:linux_kernel:2.6.14.4", "cpe:/o:linux:linux_kernel:2.6.16.20", "cpe:/o:linux:linux_kernel:2.6.23.8", "cpe:/o:linux:linux_kernel:2.6.29.2", "cpe:/o:linux:linux_kernel:2.6.32.7", "cpe:/o:linux:linux_kernel:2.6.26.2", "cpe:/o:linux:linux_kernel:2.6.4", "cpe:/o:linux:linux_kernel:2.6.27.39", "cpe:/o:linux:linux_kernel:2.6.27.54", "cpe:/o:linux:linux_kernel:2.6.22.16", "cpe:/o:linux:linux_kernel:2.6.35.7", "cpe:/o:linux:linux_kernel:2.6.33.5", "cpe:/o:linux:linux_kernel:2.6.30.10", "cpe:/o:linux:linux_kernel:2.6.28.9", "cpe:/o:linux:linux_kernel:2.6.16.9", "cpe:/o:linux:linux_kernel:2.6.29.6", "cpe:/o:linux:linux_kernel:2.6.34.2", "cpe:/o:linux:linux_kernel:2.6.16.10", "cpe:/o:linux:linux_kernel:2.6.11.7", "cpe:/o:linux:linux_kernel:2.6.11.8", "cpe:/o:linux:linux_kernel:2.6.25.3", "cpe:/o:linux:linux_kernel:2.6.32.25", "cpe:/o:linux:linux_kernel:2.6.12.3", "cpe:/o:linux:linux_kernel:2.6.38", "cpe:/o:linux:linux_kernel:2.6.14.1", "cpe:/o:linux:linux_kernel:2.6.32.2", "cpe:/o:linux:linux_kernel:2.6.14.7", "cpe:/o:linux:linux_kernel:2.6.16.50", "cpe:/o:linux:linux_kernel:2.6.16.40", "cpe:/o:linux:linux_kernel:2.6.16.22", "cpe:/o:linux:linux_kernel:2.6.16.5", "cpe:/o:linux:linux_kernel:2.6.25.14", "cpe:/o:linux:linux_kernel:2.6.27.6", "cpe:/o:linux:linux_kernel:2.6.24.1", "cpe:/o:linux:linux_kernel:2.6.23.2", "cpe:/o:linux:linux_kernel:2.6.16.55", "cpe:/o:linux:linux_kernel:2.6.24.2", "cpe:/o:linux:linux_kernel:2.6.26.8", "cpe:/o:linux:linux_kernel:2.6.12", "cpe:/o:linux:linux_kernel:2.6.23.11", "cpe:/o:linux:linux_kernel:2.6.8", "cpe:/o:linux:linux_kernel:2.6.21.1", "cpe:/o:linux:linux_kernel:2.6.1", "cpe:/o:linux:linux_kernel:2.6.23.9", "cpe:/o:linux:linux_kernel:2.6.30.9", "cpe:/o:linux:linux_kernel:2.6.16.44", "cpe:/o:linux:linux_kernel:2.6.26.5", "cpe:/o:linux:linux_kernel:2.6.21.7", "cpe:/o:linux:linux_kernel:2.6.32.26", "cpe:/o:linux:linux_kernel:2.6.27.12", "cpe:/o:linux:linux_kernel:2.6.33.3", "cpe:/o:linux:linux_kernel:2.6.29.5", "cpe:/o:linux:linux_kernel:2.6.23.14", "cpe:/o:linux:linux_kernel:2.6.24.5", "cpe:/o:linux:linux_kernel:2.6.27.8", "cpe:/o:linux:linux_kernel:2.6.27.5", "cpe:/o:linux:linux_kernel:2.6.37", "cpe:/o:linux:linux_kernel:2.6.36.3", "cpe:/o:linux:linux_kernel:2.6.16.18", "cpe:/o:linux:linux_kernel:2.6.32.3", "cpe:/o:linux:linux_kernel:2.6.22.1", "cpe:/o:linux:linux_kernel:2.6.15.7", "cpe:/o:linux:linux_kernel:2.6.17.11", "cpe:/o:linux:linux_kernel:2.6.14", "cpe:/o:linux:linux_kernel:2.6.16.29", "cpe:/o:linux:linux_kernel:2.6.16.27", "cpe:/o:linux:linux_kernel:2.6.32.20", "cpe:/o:linux:linux_kernel:2.6.27.16", "cpe:/o:linux:linux_kernel:2.6.30.5", "cpe:/o:linux:linux_kernel:2.6.22.11", "cpe:/o:linux:linux_kernel:2.6.11.2", "cpe:/o:linux:linux_kernel:2.6.17.2", "cpe:/o:linux:linux_kernel:2.6.27.7", "cpe:/o:linux:linux_kernel:2.6.27.2", "cpe:/o:linux:linux_kernel:2.6.27.18", "cpe:/o:linux:linux_kernel:2.6.11.11", "cpe:/o:linux:linux_kernel:2.6.36.2", "cpe:/o:linux:linux_kernel:2.6.27.15", "cpe:/o:linux:linux_kernel:2.6.16.21", "cpe:/o:linux:linux_kernel:2.6.33.2", "cpe:/o:linux:linux_kernel:2.6.27.53", "cpe:/o:linux:linux_kernel:2.6.27.11", "cpe:/o:linux:linux_kernel:2.6.28.10", "cpe:/o:linux:linux_kernel:2.6.27.33", "cpe:/o:linux:linux_kernel:2.6.32.1", "cpe:/o:linux:linux_kernel:2.6.23", "cpe:/o:linux:linux_kernel:2.6.19", "cpe:/o:linux:linux_kernel:2.6.33.4", "cpe:/o:linux:linux_kernel:2.6.27.32", "cpe:/o:linux:linux_kernel:2.6.34.1", "cpe:/o:linux:linux_kernel:2.6.12.5", "cpe:/o:linux:linux_kernel:2.6.21.6", "cpe:/o:linux:linux_kernel:2.6.19.5", "cpe:/o:linux:linux_kernel:2.6.30.7", "cpe:/o:linux:linux_kernel:2.6.16.51", "cpe:/o:linux:linux_kernel:2.6.17.1", "cpe:/o:linux:linux_kernel:2.6.31.3", "cpe:/o:linux:linux_kernel:2.6.16.30", "cpe:/o:linux:linux_kernel:2.6.20.15", "cpe:/o:linux:linux_kernel:2.6.26.7", "cpe:/o:linux:linux_kernel:2.6.16.53", "cpe:/o:linux:linux_kernel:2.6.19.6", "cpe:/o:linux:linux_kernel:2.6.23.13", "cpe:/o:linux:linux_kernel:2.6.27.38", "cpe:/o:linux:linux_kernel:2.6.23.10", "cpe:/o:linux:linux_kernel:2.6.16.57", "cpe:/o:linux:linux_kernel:2.6.34.6", "cpe:/o:linux:linux_kernel:2.6.26.4", "cpe:/o:linux:linux_kernel:2.6.13", "cpe:/o:linux:linux_kernel:2.6.11.9", "cpe:/o:linux:linux_kernel:2.6.35.3", "cpe:/o:linux:linux_kernel:2.6.14.5", "cpe:/o:linux:linux_kernel:2.6.27.23", "cpe:/o:linux:linux_kernel:2.6.20.11", "cpe:/o:linux:linux_kernel:2.6.31.9", "cpe:/o:linux:linux_kernel:2.6.37.3", "cpe:/o:linux:linux_kernel:2.6.35.6", "cpe:/o:linux:linux_kernel:2.6.27.24", "cpe:/o:linux:linux_kernel:2.6.28.8", "cpe:/o:linux:linux_kernel:2.6.37.6", "cpe:/o:linux:linux_kernel:2.6.31", "cpe:/o:linux:linux_kernel:2.6.23.6", "cpe:/o:linux:linux_kernel:2.6.15.6", "cpe:/o:linux:linux_kernel:2.6.27.4", "cpe:/o:linux:linux_kernel:2.6.27.29", "cpe:/o:linux:linux_kernel:2.6.19.2", "cpe:/o:linux:linux_kernel:2.6.30.2", "cpe:/o:linux:linux_kernel:2.6.17.10", "cpe:/o:linux:linux_kernel:2.6.16.19", "cpe:/o:linux:linux_kernel:2.6.15.1", "cpe:/o:linux:linux_kernel:2.6.23.7", "cpe:/o:linux:linux_kernel:2.6.22.20", "cpe:/o:linux:linux_kernel:2.6.31.8", "cpe:/o:linux:linux_kernel:2.6.27.46", "cpe:/o:linux:linux_kernel:2.6.20", "cpe:/o:linux:linux_kernel:2.6.16.60", "cpe:/o:linux:linux_kernel:2.6.16.34", "cpe:/o:linux:linux_kernel:2.6.22.7", "cpe:/o:linux:linux_kernel:2.6.25.1", "cpe:/o:linux:linux_kernel:2.6.16.14", "cpe:/o:linux:linux_kernel:2.6.27.26", "cpe:/o:linux:linux_kernel:2.6.25.11", "cpe:/o:linux:linux_kernel:2.6.22.4", "cpe:/o:linux:linux_kernel:2.6.32.10", "cpe:/o:linux:linux_kernel:2.6.18", "cpe:/o:linux:linux_kernel:2.6.27.3", "cpe:/o:linux:linux_kernel:2.6.23.16", "cpe:/o:linux:linux_kernel:2.6.34.7", "cpe:/o:linux:linux_kernel:2.6.25.5", "cpe:/o:linux:linux_kernel:2.6.20.8", "cpe:/o:linux:linux_kernel:2.6.16.42", "cpe:/o:linux:linux_kernel:2.6.25.13", "cpe:/o:linux:linux_kernel:2.6.24.7", "cpe:/o:linux:linux_kernel:2.6.26.6", "cpe:/o:linux:linux_kernel:2.6.25.12", "cpe:/o:linux:linux_kernel:2.6.16.56", "cpe:/o:linux:linux_kernel:2.6.3", "cpe:/o:linux:linux_kernel:2.6.14.2", "cpe:/o:linux:linux_kernel:2.6.25.17", "cpe:/o:linux:linux_kernel:2.6.32.21", "cpe:/o:linux:linux_kernel:2.6.34", "cpe:/o:linux:linux_kernel:2.6.16.48", "cpe:/o:linux:linux_kernel:2.6.27.47", "cpe:/o:linux:linux_kernel:2.6.11.10", "cpe:/o:linux:linux_kernel:2.6.29.4", "cpe:/o:linux:linux_kernel:2.6.16.12", "cpe:/o:linux:linux_kernel:2.6.27.42", "cpe:/o:linux:linux_kernel:2.6.28.7", "cpe:/o:linux:linux_kernel:2.6.20.21", "cpe:/o:linux:linux_kernel:2.6.35.4", "cpe:/o:linux:linux_kernel:2.6.23.5", "cpe:/o:linux:linux_kernel:2.6.20.14", "cpe:/o:linux:linux_kernel:2.6.32.22", "cpe:/o:linux:linux_kernel:2.6.20.18", "cpe:/o:linux:linux_kernel:2.6.27.57", "cpe:/o:linux:linux_kernel:2.6.17.13", "cpe:/o:linux:linux_kernel:2.6.26.3", "cpe:/o:linux:linux_kernel:2.6.6", "cpe:/o:linux:linux_kernel:2.6.20.12", "cpe:/o:linux:linux_kernel:2.6.12.1", "cpe:/o:linux:linux_kernel:2.6.16.39", "cpe:/o:linux:linux_kernel:2.6.27.22", "cpe:/o:linux:linux_kernel:2.6.30.1", "cpe:/o:linux:linux_kernel:2.6.20.3", "cpe:/o:linux:linux_kernel:2.6.16.8", "cpe:/o:linux:linux_kernel:2.6.27.1", "cpe:/o:linux:linux_kernel:2.6.16.25", "cpe:/o:linux:linux_kernel:2.6.32.12", "cpe:/o:linux:linux_kernel:2.6.22.9", "cpe:/o:linux:linux_kernel:2.6.29.1", "cpe:/o:linux:linux_kernel:2.6.18.5", "cpe:/o:linux:linux_kernel:2.6.27.19", "cpe:/o:linux:linux_kernel:2.6.35.2", "cpe:/o:linux:linux_kernel:2.6.16.17", "cpe:/o:linux:linux_kernel:2.6.26.1", "cpe:/o:linux:linux_kernel:2.6.32.19", "cpe:/o:linux:linux_kernel:2.6.5", "cpe:/o:linux:linux_kernel:2.6.16.26", "cpe:/o:linux:linux_kernel:2.6.16.32", "cpe:/o:linux:linux_kernel:2.6.27.21", "cpe:/o:linux:linux_kernel:2.6.14.3", "cpe:/o:linux:linux_kernel:2.6.24.6", "cpe:/o:linux:linux_kernel:2.6.32.11", "cpe:/o:linux:linux_kernel:2.6.32.27", "cpe:/o:linux:linux_kernel:2.6.16.1", "cpe:/o:linux:linux_kernel:2.6.17.3", "cpe:/o:linux:linux_kernel:2.6.30", "cpe:/o:linux:linux_kernel:2.6.16.33", "cpe:/o:linux:linux_kernel:2.6.22.12", "cpe:/o:linux:linux_kernel:2.6.21.4", "cpe:/o:linux:linux_kernel:2.6.33", "cpe:/o:linux:linux_kernel:2.6.19.3", "cpe:/o:linux:linux_kernel:2.6.18.3", "cpe:/o:linux:linux_kernel:2.6.36", "cpe:/o:linux:linux_kernel:2.6.31.10", "cpe:/o:linux:linux_kernel:2.6.18.6", "cpe:/o:linux:linux_kernel:2.6.20.16", "cpe:/o:linux:linux_kernel:2.6.0", "cpe:/o:linux:linux_kernel:2.6.27.13", "cpe:/o:linux:linux_kernel:2.6.2", "cpe:/o:linux:linux_kernel:2.6.22", "cpe:/o:linux:linux_kernel:2.6.13.2", "cpe:/o:linux:linux_kernel:2.6.21.5", "cpe:/o:linux:linux_kernel:2.6.22.5", "cpe:/o:linux:linux_kernel:2.6.16.59", "cpe:/o:linux:linux_kernel:2.6.32", "cpe:/o:linux:linux_kernel:2.6.16.36", "cpe:/o:linux:linux_kernel:2.6.16.37", "cpe:/o:linux:linux_kernel:2.6.13.5", "cpe:/o:linux:linux_kernel:2.6.17.9", "cpe:/o:linux:linux_kernel:2.6.28.3", "cpe:/o:linux:linux_kernel:2.6.18.2", "cpe:/o:linux:linux_kernel:2.6.32.4", "cpe:/o:linux:linux_kernel:2.6.20.6", "cpe:/o:linux:linux_kernel:2.6.37.1", "cpe:/o:linux:linux_kernel:2.6.9", "cpe:/o:linux:linux_kernel:2.6.19.7", "cpe:/o:linux:linux_kernel:2.6.20.2", "cpe:/o:linux:linux_kernel:2.6.27.27", "cpe:/o:linux:linux_kernel:2.6.10", "cpe:/o:linux:linux_kernel:2.6.17.8", "cpe:/o:linux:linux_kernel:2.6.11.12", "cpe:/o:linux:linux_kernel:2.6.11", "cpe:/o:linux:linux_kernel:2.6.27.35", "cpe:/o:linux:linux_kernel:2.6.15.5", "cpe:/o:linux:linux_kernel:2.6.32.13", "cpe:/o:linux:linux_kernel:2.6.27.43", "cpe:/o:linux:linux_kernel:2.6.15.3", "cpe:/o:linux:linux_kernel:2.6.27.14", "cpe:/o:linux:linux_kernel:2.6.31.11", "cpe:/o:linux:linux_kernel:2.6.36.4", "cpe:/o:linux:linux_kernel:2.6.17.14", "cpe:/o:linux:linux_kernel:2.6.16.7", "cpe:/o:linux:linux_kernel:2.6.20.19", "cpe:/o:linux:linux_kernel:2.6.23.4", "cpe:/o:linux:linux_kernel:2.6.18.7", "cpe:/o:linux:linux_kernel:2.6.32.14", "cpe:/o:linux:linux_kernel:2.6.22.22", "cpe:/o:linux:linux_kernel:2.6.16.47", "cpe:/o:linux:linux_kernel:2.6.27.25", "cpe:/o:linux:linux_kernel:2.6.15.4", "cpe:/o:linux:linux_kernel:2.6.35.9", "cpe:/o:linux:linux_kernel:2.6.25.20", "cpe:/o:linux:linux_kernel:2.6.31.4", "cpe:/o:linux:linux_kernel:2.6.27.20", "cpe:/o:linux:linux_kernel:2.6.32.5", "cpe:/o:linux:linux_kernel:2.6.20.5", "cpe:/o:linux:linux_kernel:2.6.27.36", "cpe:/o:linux:linux_kernel:2.6.11.6", "cpe:/o:linux:linux_kernel:2.6.31.7", "cpe:/o:linux:linux_kernel:2.6.22.10", "cpe:/o:linux:linux_kernel:2.6.27.40", "cpe:/o:linux:linux_kernel:2.6.32.16", "cpe:/o:linux:linux_kernel:2.6.33.1", "cpe:/o:linux:linux_kernel:2.6.16.38", "cpe:/o:linux:linux_kernel:2.6.27", "cpe:/o:linux:linux_kernel:2.6.25.18", "cpe:/o:linux:linux_kernel:2.6.17.12", "cpe:/o:linux:linux_kernel:2.6.16.16", "cpe:/o:linux:linux_kernel:2.6.28", "cpe:/o:linux:linux_kernel:2.6.16.2", "cpe:/o:linux:linux_kernel:2.6.27.50", "cpe:/o:linux:linux_kernel:2.6.25.19", "cpe:/o:linux:linux_kernel:2.6.20.17", "cpe:/o:linux:linux_kernel:2.6.20.7", "cpe:/o:linux:linux_kernel:2.6.28.5", "cpe:/o:linux:linux_kernel:2.6.27.28", "cpe:/o:linux:linux_kernel:2.6.20.20", "cpe:/o:linux:linux_kernel:2.6.27.44", "cpe:/o:linux:linux_kernel:2.6.17", "cpe:/o:linux:linux_kernel:2.6.16.31", "cpe:/o:linux:linux_kernel:2.6.36.1", "cpe:/o:linux:linux_kernel:2.6.27.17", "cpe:/o:linux:linux_kernel:2.6.20.4", "cpe:/o:linux:linux_kernel:2.6.25.16", "cpe:/o:linux:linux_kernel:2.6.16.52", "cpe:/o:linux:linux_kernel:2.6.27.34", "cpe:/o:linux:linux_kernel:2.6.27.56", "cpe:/o:linux:linux_kernel:2.6.31.14", "cpe:/o:linux:linux_kernel:2.6.24.3", "cpe:/o:linux:linux_kernel:2.6.16.61", "cpe:/o:linux:linux_kernel:2.6.37.4", "cpe:/o:linux:linux_kernel:2.6.29", "cpe:/o:linux:linux_kernel:2.6.25.9", "cpe:/o:linux:linux_kernel:2.6.25", "cpe:/o:linux:linux_kernel:2.6.13.4", "cpe:/o:linux:linux_kernel:2.6.23.15", "cpe:/o:linux:linux_kernel:2.6.11.4", "cpe:/o:linux:linux_kernel:2.6.12.4", "cpe:/o:linux:linux_kernel:2.6.35.8", "cpe:/o:linux:linux_kernel:2.6.7", "cpe:/o:linux:linux_kernel:2.6.16", "cpe:/o:linux:linux_kernel:2.6.22.8", "cpe:/o:linux:linux_kernel:2.6.25.7", "cpe:/o:linux:linux_kernel:2.6.33.6", "cpe:/o:linux:linux_kernel:2.6.16.46", "cpe:/o:linux:linux_kernel:2.6.34.5", "cpe:/o:linux:linux_kernel:2.6.16.41", "cpe:/o:linux:linux_kernel:2.6.34.3", "cpe:/o:linux:linux_kernel:2.6.32.18", "cpe:/o:linux:linux_kernel:2.6.29.3", "cpe:/o:linux:linux_kernel:2.6.33.7", "cpe:/o:linux:linux_kernel:2.6.25.4", "cpe:/o:linux:linux_kernel:2.6.24", "cpe:/o:linux:linux_kernel:2.6.27.31", "cpe:/o:linux:linux_kernel:2.6.16.45", "cpe:/o:linux:linux_kernel:2.6.26", "cpe:/o:linux:linux_kernel:2.6.15", "cpe:/o:linux:linux_kernel:2.6.17.7", "cpe:/o:linux:linux_kernel:2.6.11.1", "cpe:/o:linux:linux_kernel:2.6.22.18", "cpe:/o:linux:linux_kernel:2.6.16.28", "cpe:/o:linux:linux_kernel:2.6.18.4", "cpe:/o:linux:linux_kernel:2.6.21.3", "cpe:/o:linux:linux_kernel:2.6.32.23", "cpe:/o:linux:linux_kernel:2.6.25.6", "cpe:/o:linux:linux_kernel:2.6.8.1", "cpe:/o:linux:linux_kernel:2.6.32.8", "cpe:/o:linux:linux_kernel:2.6.11.5", "cpe:/o:linux:linux_kernel:2.6.12.6", "cpe:/o:linux:linux_kernel:2.6.22.21", "cpe:/o:linux:linux_kernel:2.6.31.6", "cpe:/o:linux:linux_kernel:2.6.16.24", "cpe:/o:linux:linux_kernel:2.6.16.58", "cpe:/o:linux:linux_kernel:2.6.19.4", "cpe:/o:linux:linux_kernel:2.6.25.2", "cpe:/o:linux:linux_kernel:2.6.30.3", "cpe:/o:linux:linux_kernel:2.6.28.2", "cpe:/o:linux:linux_kernel:2.6.32.6", "cpe:/o:linux:linux_kernel:2.6.35", "cpe:/o:linux:linux_kernel:2.6.17.6", "cpe:/o:linux:linux_kernel:2.6.27.52", "cpe:/o:linux:linux_kernel:2.6.37.5", "cpe:/o:linux:linux_kernel:2.6.22.14", "cpe:/o:linux:linux_kernel:2.6.27.45", "cpe:/o:linux:linux_kernel:2.6.22.13", "cpe:/o:linux:linux_kernel:2.6.22.17", "cpe:/o:linux:linux_kernel:2.6.20.1", "cpe:/o:linux:linux_kernel:2.6.16.54", "cpe:/o:linux:linux_kernel:2.6.27.48", "cpe:/o:linux:linux_kernel:2.6.27.37", "cpe:/o:linux:linux_kernel:2.6.31.1", "cpe:/o:linux:linux_kernel:2.6.17.4", "cpe:/o:linux:linux_kernel:2.6.13.1", "cpe:/o:linux:linux_kernel:2.6.30.6", "cpe:/o:linux:linux_kernel:2.6.16.6", "cpe:/o:linux:linux_kernel:2.6.24.4", "cpe:/o:linux:linux_kernel:2.6.25.15", "cpe:/o:linux:linux_kernel:2.6.32.9", "cpe:/o:linux:linux_kernel:2.6.27.9", "cpe:/o:linux:linux_kernel:2.6.28.4", "cpe:/o:linux:linux_kernel:2.6.11.3", "cpe:/o:linux:linux_kernel:2.6.14.6", "cpe:/o:linux:linux_kernel:2.6.18.8", "cpe:/o:linux:linux_kernel:2.6.16.35", "cpe:/o:linux:linux_kernel:2.6.12.2", "cpe:/o:linux:linux_kernel:2.6.20.13", "cpe:/o:linux:linux_kernel:2.6.27.10", "cpe:/o:linux:linux_kernel:2.6.16.11", "cpe:/o:linux:linux_kernel:2.6.32.15", "cpe:/o:linux:linux_kernel:2.6.28.1", "cpe:/o:linux:linux_kernel:2.6.35.1", "cpe:/o:linux:linux_kernel:2.6.27.41", "cpe:/o:linux:linux_kernel:2.6.31.5", "cpe:/o:linux:linux_kernel:2.6.27.49", "cpe:/o:linux:linux_kernel:2.6.20.10", "cpe:/o:linux:linux_kernel:2.6.17.5", "cpe:/o:linux:linux_kernel:2.6.30.8", "cpe:/o:linux:linux_kernel:2.6.16.23", "cpe:/o:linux:linux_kernel:2.6.23.3", "cpe:/o:linux:linux_kernel:2.6.25.10", "cpe:/o:linux:linux_kernel:2.6.13.3", "cpe:/o:linux:linux_kernel:2.6.22.2", "cpe:/o:linux:linux_kernel:2.6.21.2", "cpe:/o:linux:linux_kernel:2.6.27.55", "cpe:/o:linux:linux_kernel:2.6.16.13", "cpe:/o:linux:linux_kernel:2.6.25.8", "cpe:/o:linux:linux_kernel:2.6.22.6", "cpe:/o:linux:linux_kernel:2.6.16.43", "cpe:/o:linux:linux_kernel:2.6.16.62", "cpe:/o:linux:linux_kernel:2.6.31.12", "cpe:/o:linux:linux_kernel:2.6.31.13"], "id": "CVE-2011-1495", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1495", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Integer underflow in the dccp_parse_options function (net/dccp/options.c) in the Linux kernel before 2.6.33.14 allows remote attackers to cause a denial of service via a Datagram Congestion Control Protocol (DCCP) packet with an invalid feature options length, which triggers a buffer over-read.", "edition": 7, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2011-06-24T20:55:00", "title": "CVE-2011-1770", "type": "cve", "cwe": ["CWE-191"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1770"], "modified": "2020-07-27T20:08:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "cpe:/o:fedoraproject:fedora:15"], "id": "CVE-2011-1770", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1770", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Integer overflow in the _ctl_do_mpt_command function in drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier might allow local users to gain privileges or cause a denial of service (memory corruption) via an ioctl call specifying a crafted value that triggers a heap-based buffer overflow.", "edition": 5, "cvss3": {}, "published": "2011-05-03T19:55:00", "title": "CVE-2011-1494", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1494"], "modified": "2018-10-09T19:30:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.20.9", "cpe:/o:linux:linux_kernel:2.6.18.1", "cpe:/o:linux:linux_kernel:2.6.27.51", "cpe:/o:linux:linux_kernel:2.6.22.3", "cpe:/o:linux:linux_kernel:2.6.30.4", "cpe:/o:linux:linux_kernel:2.6.16.49", "cpe:/o:linux:linux_kernel:2.6.19.1", "cpe:/o:linux:linux_kernel:2.6.28.6", "cpe:/o:linux:linux_kernel:2.6.31.2", "cpe:/o:linux:linux_kernel:2.6.22.19", "cpe:/o:linux:linux_kernel:2.6.32.17", "cpe:/o:linux:linux_kernel:2.6.37.2", "cpe:/o:linux:linux_kernel:2.6.16.4", "cpe:/o:linux:linux_kernel:2.6.32.24", "cpe:/o:linux:linux_kernel:2.6.16.15", "cpe:/o:linux:linux_kernel:2.6.15.2", "cpe:/o:linux:linux_kernel:2.6.27.30", "cpe:/o:linux:linux_kernel:2.6.22.15", "cpe:/o:linux:linux_kernel:2.6.23.17", "cpe:/o:linux:linux_kernel:2.6.23.12", "cpe:/o:linux:linux_kernel:2.6.16.3", "cpe:/o:linux:linux_kernel:2.6.23.1", "cpe:/o:linux:linux_kernel:2.6.34.4", "cpe:/o:linux:linux_kernel:2.6.21", "cpe:/o:linux:linux_kernel:2.6.35.5", "cpe:/o:linux:linux_kernel:2.6.14.4", "cpe:/o:linux:linux_kernel:2.6.16.20", "cpe:/o:linux:linux_kernel:2.6.23.8", "cpe:/o:linux:linux_kernel:2.6.29.2", "cpe:/o:linux:linux_kernel:2.6.32.7", "cpe:/o:linux:linux_kernel:2.6.26.2", "cpe:/o:linux:linux_kernel:2.6.4", "cpe:/o:linux:linux_kernel:2.6.27.39", "cpe:/o:linux:linux_kernel:2.6.27.54", "cpe:/o:linux:linux_kernel:2.6.22.16", "cpe:/o:linux:linux_kernel:2.6.35.7", "cpe:/o:linux:linux_kernel:2.6.33.5", "cpe:/o:linux:linux_kernel:2.6.30.10", "cpe:/o:linux:linux_kernel:2.6.28.9", "cpe:/o:linux:linux_kernel:2.6.16.9", "cpe:/o:linux:linux_kernel:2.6.29.6", "cpe:/o:linux:linux_kernel:2.6.34.2", "cpe:/o:linux:linux_kernel:2.6.16.10", "cpe:/o:linux:linux_kernel:2.6.11.7", "cpe:/o:linux:linux_kernel:2.6.11.8", "cpe:/o:linux:linux_kernel:2.6.25.3", "cpe:/o:linux:linux_kernel:2.6.32.25", "cpe:/o:linux:linux_kernel:2.6.12.3", "cpe:/o:linux:linux_kernel:2.6.38", "cpe:/o:linux:linux_kernel:2.6.14.1", "cpe:/o:linux:linux_kernel:2.6.32.2", "cpe:/o:linux:linux_kernel:2.6.14.7", "cpe:/o:linux:linux_kernel:2.6.16.50", "cpe:/o:linux:linux_kernel:2.6.16.40", "cpe:/o:linux:linux_kernel:2.6.16.22", "cpe:/o:linux:linux_kernel:2.6.16.5", "cpe:/o:linux:linux_kernel:2.6.25.14", "cpe:/o:linux:linux_kernel:2.6.27.6", "cpe:/o:linux:linux_kernel:2.6.24.1", "cpe:/o:linux:linux_kernel:2.6.23.2", "cpe:/o:linux:linux_kernel:2.6.16.55", "cpe:/o:linux:linux_kernel:2.6.24.2", "cpe:/o:linux:linux_kernel:2.6.26.8", "cpe:/o:linux:linux_kernel:2.6.12", "cpe:/o:linux:linux_kernel:2.6.23.11", "cpe:/o:linux:linux_kernel:2.6.8", "cpe:/o:linux:linux_kernel:2.6.21.1", "cpe:/o:linux:linux_kernel:2.6.1", "cpe:/o:linux:linux_kernel:2.6.23.9", "cpe:/o:linux:linux_kernel:2.6.30.9", "cpe:/o:linux:linux_kernel:2.6.16.44", "cpe:/o:linux:linux_kernel:2.6.26.5", "cpe:/o:linux:linux_kernel:2.6.21.7", "cpe:/o:linux:linux_kernel:2.6.32.26", "cpe:/o:linux:linux_kernel:2.6.27.12", "cpe:/o:linux:linux_kernel:2.6.33.3", "cpe:/o:linux:linux_kernel:2.6.29.5", "cpe:/o:linux:linux_kernel:2.6.23.14", "cpe:/o:linux:linux_kernel:2.6.24.5", "cpe:/o:linux:linux_kernel:2.6.27.8", "cpe:/o:linux:linux_kernel:2.6.27.5", "cpe:/o:linux:linux_kernel:2.6.37", "cpe:/o:linux:linux_kernel:2.6.36.3", "cpe:/o:linux:linux_kernel:2.6.16.18", "cpe:/o:linux:linux_kernel:2.6.32.3", "cpe:/o:linux:linux_kernel:2.6.22.1", "cpe:/o:linux:linux_kernel:2.6.15.7", "cpe:/o:linux:linux_kernel:2.6.17.11", "cpe:/o:linux:linux_kernel:2.6.14", "cpe:/o:linux:linux_kernel:2.6.16.29", "cpe:/o:linux:linux_kernel:2.6.16.27", "cpe:/o:linux:linux_kernel:2.6.32.20", "cpe:/o:linux:linux_kernel:2.6.27.16", "cpe:/o:linux:linux_kernel:2.6.30.5", "cpe:/o:linux:linux_kernel:2.6.22.11", "cpe:/o:linux:linux_kernel:2.6.11.2", "cpe:/o:linux:linux_kernel:2.6.17.2", "cpe:/o:linux:linux_kernel:2.6.27.7", "cpe:/o:linux:linux_kernel:2.6.27.2", "cpe:/o:linux:linux_kernel:2.6.27.18", "cpe:/o:linux:linux_kernel:2.6.11.11", "cpe:/o:linux:linux_kernel:2.6.36.2", "cpe:/o:linux:linux_kernel:2.6.27.15", "cpe:/o:linux:linux_kernel:2.6.16.21", "cpe:/o:linux:linux_kernel:2.6.33.2", "cpe:/o:linux:linux_kernel:2.6.27.53", "cpe:/o:linux:linux_kernel:2.6.27.11", "cpe:/o:linux:linux_kernel:2.6.28.10", "cpe:/o:linux:linux_kernel:2.6.27.33", "cpe:/o:linux:linux_kernel:2.6.32.1", "cpe:/o:linux:linux_kernel:2.6.23", "cpe:/o:linux:linux_kernel:2.6.19", "cpe:/o:linux:linux_kernel:2.6.33.4", "cpe:/o:linux:linux_kernel:2.6.27.32", "cpe:/o:linux:linux_kernel:2.6.34.1", "cpe:/o:linux:linux_kernel:2.6.12.5", "cpe:/o:linux:linux_kernel:2.6.21.6", "cpe:/o:linux:linux_kernel:2.6.19.5", "cpe:/o:linux:linux_kernel:2.6.30.7", "cpe:/o:linux:linux_kernel:2.6.16.51", "cpe:/o:linux:linux_kernel:2.6.17.1", "cpe:/o:linux:linux_kernel:2.6.31.3", "cpe:/o:linux:linux_kernel:2.6.16.30", "cpe:/o:linux:linux_kernel:2.6.20.15", "cpe:/o:linux:linux_kernel:2.6.26.7", "cpe:/o:linux:linux_kernel:2.6.16.53", "cpe:/o:linux:linux_kernel:2.6.19.6", "cpe:/o:linux:linux_kernel:2.6.23.13", "cpe:/o:linux:linux_kernel:2.6.27.38", "cpe:/o:linux:linux_kernel:2.6.23.10", "cpe:/o:linux:linux_kernel:2.6.16.57", "cpe:/o:linux:linux_kernel:2.6.34.6", "cpe:/o:linux:linux_kernel:2.6.26.4", "cpe:/o:linux:linux_kernel:2.6.13", "cpe:/o:linux:linux_kernel:2.6.11.9", "cpe:/o:linux:linux_kernel:2.6.35.3", "cpe:/o:linux:linux_kernel:2.6.14.5", "cpe:/o:linux:linux_kernel:2.6.27.23", "cpe:/o:linux:linux_kernel:2.6.20.11", "cpe:/o:linux:linux_kernel:2.6.31.9", "cpe:/o:linux:linux_kernel:2.6.37.3", "cpe:/o:linux:linux_kernel:2.6.35.6", "cpe:/o:linux:linux_kernel:2.6.27.24", "cpe:/o:linux:linux_kernel:2.6.28.8", "cpe:/o:linux:linux_kernel:2.6.37.6", "cpe:/o:linux:linux_kernel:2.6.31", "cpe:/o:linux:linux_kernel:2.6.23.6", "cpe:/o:linux:linux_kernel:2.6.15.6", "cpe:/o:linux:linux_kernel:2.6.27.4", "cpe:/o:linux:linux_kernel:2.6.27.29", "cpe:/o:linux:linux_kernel:2.6.19.2", "cpe:/o:linux:linux_kernel:2.6.30.2", "cpe:/o:linux:linux_kernel:2.6.17.10", "cpe:/o:linux:linux_kernel:2.6.16.19", "cpe:/o:linux:linux_kernel:2.6.15.1", "cpe:/o:linux:linux_kernel:2.6.23.7", "cpe:/o:linux:linux_kernel:2.6.22.20", "cpe:/o:linux:linux_kernel:2.6.31.8", "cpe:/o:linux:linux_kernel:2.6.27.46", "cpe:/o:linux:linux_kernel:2.6.20", "cpe:/o:linux:linux_kernel:2.6.16.60", "cpe:/o:linux:linux_kernel:2.6.16.34", "cpe:/o:linux:linux_kernel:2.6.22.7", "cpe:/o:linux:linux_kernel:2.6.25.1", "cpe:/o:linux:linux_kernel:2.6.16.14", "cpe:/o:linux:linux_kernel:2.6.27.26", "cpe:/o:linux:linux_kernel:2.6.25.11", "cpe:/o:linux:linux_kernel:2.6.22.4", "cpe:/o:linux:linux_kernel:2.6.32.10", "cpe:/o:linux:linux_kernel:2.6.18", "cpe:/o:linux:linux_kernel:2.6.27.3", "cpe:/o:linux:linux_kernel:2.6.23.16", "cpe:/o:linux:linux_kernel:2.6.34.7", "cpe:/o:linux:linux_kernel:2.6.25.5", "cpe:/o:linux:linux_kernel:2.6.20.8", "cpe:/o:linux:linux_kernel:2.6.16.42", "cpe:/o:linux:linux_kernel:2.6.25.13", "cpe:/o:linux:linux_kernel:2.6.24.7", "cpe:/o:linux:linux_kernel:2.6.26.6", "cpe:/o:linux:linux_kernel:2.6.25.12", "cpe:/o:linux:linux_kernel:2.6.16.56", "cpe:/o:linux:linux_kernel:2.6.3", "cpe:/o:linux:linux_kernel:2.6.14.2", "cpe:/o:linux:linux_kernel:2.6.25.17", "cpe:/o:linux:linux_kernel:2.6.32.21", "cpe:/o:linux:linux_kernel:2.6.34", "cpe:/o:linux:linux_kernel:2.6.16.48", "cpe:/o:linux:linux_kernel:2.6.27.47", "cpe:/o:linux:linux_kernel:2.6.11.10", "cpe:/o:linux:linux_kernel:2.6.29.4", "cpe:/o:linux:linux_kernel:2.6.16.12", "cpe:/o:linux:linux_kernel:2.6.27.42", "cpe:/o:linux:linux_kernel:2.6.28.7", "cpe:/o:linux:linux_kernel:2.6.20.21", "cpe:/o:linux:linux_kernel:2.6.35.4", "cpe:/o:linux:linux_kernel:2.6.23.5", "cpe:/o:linux:linux_kernel:2.6.20.14", "cpe:/o:linux:linux_kernel:2.6.32.22", "cpe:/o:linux:linux_kernel:2.6.20.18", "cpe:/o:linux:linux_kernel:2.6.27.57", "cpe:/o:linux:linux_kernel:2.6.17.13", "cpe:/o:linux:linux_kernel:2.6.26.3", "cpe:/o:linux:linux_kernel:2.6.6", "cpe:/o:linux:linux_kernel:2.6.20.12", "cpe:/o:linux:linux_kernel:2.6.12.1", "cpe:/o:linux:linux_kernel:2.6.16.39", "cpe:/o:linux:linux_kernel:2.6.27.22", "cpe:/o:linux:linux_kernel:2.6.30.1", "cpe:/o:linux:linux_kernel:2.6.20.3", "cpe:/o:linux:linux_kernel:2.6.16.8", "cpe:/o:linux:linux_kernel:2.6.27.1", "cpe:/o:linux:linux_kernel:2.6.16.25", "cpe:/o:linux:linux_kernel:2.6.32.12", "cpe:/o:linux:linux_kernel:2.6.22.9", "cpe:/o:linux:linux_kernel:2.6.29.1", "cpe:/o:linux:linux_kernel:2.6.18.5", "cpe:/o:linux:linux_kernel:2.6.27.19", "cpe:/o:linux:linux_kernel:2.6.35.2", "cpe:/o:linux:linux_kernel:2.6.16.17", "cpe:/o:linux:linux_kernel:2.6.26.1", "cpe:/o:linux:linux_kernel:2.6.32.19", "cpe:/o:linux:linux_kernel:2.6.5", "cpe:/o:linux:linux_kernel:2.6.16.26", "cpe:/o:linux:linux_kernel:2.6.16.32", "cpe:/o:linux:linux_kernel:2.6.27.21", "cpe:/o:linux:linux_kernel:2.6.14.3", "cpe:/o:linux:linux_kernel:2.6.24.6", "cpe:/o:linux:linux_kernel:2.6.32.11", "cpe:/o:linux:linux_kernel:2.6.32.27", "cpe:/o:linux:linux_kernel:2.6.16.1", "cpe:/o:linux:linux_kernel:2.6.17.3", "cpe:/o:linux:linux_kernel:2.6.30", "cpe:/o:linux:linux_kernel:2.6.16.33", "cpe:/o:linux:linux_kernel:2.6.22.12", "cpe:/o:linux:linux_kernel:2.6.21.4", "cpe:/o:linux:linux_kernel:2.6.33", "cpe:/o:linux:linux_kernel:2.6.19.3", "cpe:/o:linux:linux_kernel:2.6.18.3", "cpe:/o:linux:linux_kernel:2.6.36", "cpe:/o:linux:linux_kernel:2.6.31.10", "cpe:/o:linux:linux_kernel:2.6.18.6", "cpe:/o:linux:linux_kernel:2.6.20.16", "cpe:/o:linux:linux_kernel:2.6.0", "cpe:/o:linux:linux_kernel:2.6.27.13", "cpe:/o:linux:linux_kernel:2.6.2", "cpe:/o:linux:linux_kernel:2.6.22", "cpe:/o:linux:linux_kernel:2.6.13.2", "cpe:/o:linux:linux_kernel:2.6.21.5", "cpe:/o:linux:linux_kernel:2.6.22.5", "cpe:/o:linux:linux_kernel:2.6.16.59", "cpe:/o:linux:linux_kernel:2.6.32", "cpe:/o:linux:linux_kernel:2.6.16.36", "cpe:/o:linux:linux_kernel:2.6.16.37", "cpe:/o:linux:linux_kernel:2.6.13.5", "cpe:/o:linux:linux_kernel:2.6.17.9", "cpe:/o:linux:linux_kernel:2.6.28.3", "cpe:/o:linux:linux_kernel:2.6.18.2", "cpe:/o:linux:linux_kernel:2.6.32.4", "cpe:/o:linux:linux_kernel:2.6.20.6", "cpe:/o:linux:linux_kernel:2.6.37.1", "cpe:/o:linux:linux_kernel:2.6.9", "cpe:/o:linux:linux_kernel:2.6.19.7", "cpe:/o:linux:linux_kernel:2.6.20.2", "cpe:/o:linux:linux_kernel:2.6.27.27", "cpe:/o:linux:linux_kernel:2.6.10", "cpe:/o:linux:linux_kernel:2.6.17.8", "cpe:/o:linux:linux_kernel:2.6.11.12", "cpe:/o:linux:linux_kernel:2.6.11", "cpe:/o:linux:linux_kernel:2.6.27.35", "cpe:/o:linux:linux_kernel:2.6.15.5", "cpe:/o:linux:linux_kernel:2.6.32.13", "cpe:/o:linux:linux_kernel:2.6.27.43", "cpe:/o:linux:linux_kernel:2.6.15.3", "cpe:/o:linux:linux_kernel:2.6.27.14", "cpe:/o:linux:linux_kernel:2.6.31.11", "cpe:/o:linux:linux_kernel:2.6.36.4", "cpe:/o:linux:linux_kernel:2.6.17.14", "cpe:/o:linux:linux_kernel:2.6.16.7", "cpe:/o:linux:linux_kernel:2.6.20.19", "cpe:/o:linux:linux_kernel:2.6.23.4", "cpe:/o:linux:linux_kernel:2.6.18.7", "cpe:/o:linux:linux_kernel:2.6.32.14", "cpe:/o:linux:linux_kernel:2.6.22.22", "cpe:/o:linux:linux_kernel:2.6.16.47", "cpe:/o:linux:linux_kernel:2.6.27.25", "cpe:/o:linux:linux_kernel:2.6.15.4", "cpe:/o:linux:linux_kernel:2.6.35.9", "cpe:/o:linux:linux_kernel:2.6.25.20", "cpe:/o:linux:linux_kernel:2.6.31.4", "cpe:/o:linux:linux_kernel:2.6.27.20", "cpe:/o:linux:linux_kernel:2.6.32.5", "cpe:/o:linux:linux_kernel:2.6.20.5", "cpe:/o:linux:linux_kernel:2.6.27.36", "cpe:/o:linux:linux_kernel:2.6.11.6", "cpe:/o:linux:linux_kernel:2.6.31.7", "cpe:/o:linux:linux_kernel:2.6.22.10", "cpe:/o:linux:linux_kernel:2.6.27.40", "cpe:/o:linux:linux_kernel:2.6.32.16", "cpe:/o:linux:linux_kernel:2.6.33.1", "cpe:/o:linux:linux_kernel:2.6.16.38", "cpe:/o:linux:linux_kernel:2.6.27", "cpe:/o:linux:linux_kernel:2.6.25.18", "cpe:/o:linux:linux_kernel:2.6.17.12", "cpe:/o:linux:linux_kernel:2.6.16.16", "cpe:/o:linux:linux_kernel:2.6.28", "cpe:/o:linux:linux_kernel:2.6.16.2", "cpe:/o:linux:linux_kernel:2.6.27.50", "cpe:/o:linux:linux_kernel:2.6.25.19", "cpe:/o:linux:linux_kernel:2.6.20.17", "cpe:/o:linux:linux_kernel:2.6.20.7", "cpe:/o:linux:linux_kernel:2.6.28.5", "cpe:/o:linux:linux_kernel:2.6.27.28", "cpe:/o:linux:linux_kernel:2.6.20.20", "cpe:/o:linux:linux_kernel:2.6.27.44", "cpe:/o:linux:linux_kernel:2.6.17", "cpe:/o:linux:linux_kernel:2.6.16.31", "cpe:/o:linux:linux_kernel:2.6.36.1", "cpe:/o:linux:linux_kernel:2.6.27.17", "cpe:/o:linux:linux_kernel:2.6.20.4", "cpe:/o:linux:linux_kernel:2.6.25.16", "cpe:/o:linux:linux_kernel:2.6.16.52", "cpe:/o:linux:linux_kernel:2.6.27.34", "cpe:/o:linux:linux_kernel:2.6.27.56", "cpe:/o:linux:linux_kernel:2.6.31.14", "cpe:/o:linux:linux_kernel:2.6.24.3", "cpe:/o:linux:linux_kernel:2.6.16.61", "cpe:/o:linux:linux_kernel:2.6.37.4", "cpe:/o:linux:linux_kernel:2.6.29", "cpe:/o:linux:linux_kernel:2.6.25.9", "cpe:/o:linux:linux_kernel:2.6.25", "cpe:/o:linux:linux_kernel:2.6.13.4", "cpe:/o:linux:linux_kernel:2.6.23.15", "cpe:/o:linux:linux_kernel:2.6.11.4", "cpe:/o:linux:linux_kernel:2.6.12.4", "cpe:/o:linux:linux_kernel:2.6.35.8", "cpe:/o:linux:linux_kernel:2.6.7", "cpe:/o:linux:linux_kernel:2.6.16", "cpe:/o:linux:linux_kernel:2.6.22.8", "cpe:/o:linux:linux_kernel:2.6.25.7", "cpe:/o:linux:linux_kernel:2.6.33.6", "cpe:/o:linux:linux_kernel:2.6.16.46", "cpe:/o:linux:linux_kernel:2.6.34.5", "cpe:/o:linux:linux_kernel:2.6.16.41", "cpe:/o:linux:linux_kernel:2.6.34.3", "cpe:/o:linux:linux_kernel:2.6.32.18", "cpe:/o:linux:linux_kernel:2.6.29.3", "cpe:/o:linux:linux_kernel:2.6.33.7", "cpe:/o:linux:linux_kernel:2.6.25.4", "cpe:/o:linux:linux_kernel:2.6.24", "cpe:/o:linux:linux_kernel:2.6.27.31", "cpe:/o:linux:linux_kernel:2.6.16.45", "cpe:/o:linux:linux_kernel:2.6.26", "cpe:/o:linux:linux_kernel:2.6.15", "cpe:/o:linux:linux_kernel:2.6.17.7", "cpe:/o:linux:linux_kernel:2.6.11.1", "cpe:/o:linux:linux_kernel:2.6.22.18", "cpe:/o:linux:linux_kernel:2.6.16.28", "cpe:/o:linux:linux_kernel:2.6.18.4", "cpe:/o:linux:linux_kernel:2.6.21.3", "cpe:/o:linux:linux_kernel:2.6.32.23", "cpe:/o:linux:linux_kernel:2.6.25.6", "cpe:/o:linux:linux_kernel:2.6.8.1", "cpe:/o:linux:linux_kernel:2.6.32.8", "cpe:/o:linux:linux_kernel:2.6.11.5", "cpe:/o:linux:linux_kernel:2.6.12.6", "cpe:/o:linux:linux_kernel:2.6.22.21", "cpe:/o:linux:linux_kernel:2.6.31.6", "cpe:/o:linux:linux_kernel:2.6.16.24", "cpe:/o:linux:linux_kernel:2.6.16.58", "cpe:/o:linux:linux_kernel:2.6.19.4", "cpe:/o:linux:linux_kernel:2.6.25.2", "cpe:/o:linux:linux_kernel:2.6.30.3", "cpe:/o:linux:linux_kernel:2.6.28.2", "cpe:/o:linux:linux_kernel:2.6.32.6", "cpe:/o:linux:linux_kernel:2.6.35", "cpe:/o:linux:linux_kernel:2.6.17.6", "cpe:/o:linux:linux_kernel:2.6.27.52", "cpe:/o:linux:linux_kernel:2.6.37.5", "cpe:/o:linux:linux_kernel:2.6.22.14", "cpe:/o:linux:linux_kernel:2.6.27.45", "cpe:/o:linux:linux_kernel:2.6.22.13", "cpe:/o:linux:linux_kernel:2.6.22.17", "cpe:/o:linux:linux_kernel:2.6.20.1", "cpe:/o:linux:linux_kernel:2.6.16.54", "cpe:/o:linux:linux_kernel:2.6.27.48", "cpe:/o:linux:linux_kernel:2.6.27.37", "cpe:/o:linux:linux_kernel:2.6.31.1", "cpe:/o:linux:linux_kernel:2.6.17.4", "cpe:/o:linux:linux_kernel:2.6.13.1", "cpe:/o:linux:linux_kernel:2.6.30.6", "cpe:/o:linux:linux_kernel:2.6.16.6", "cpe:/o:linux:linux_kernel:2.6.24.4", "cpe:/o:linux:linux_kernel:2.6.25.15", "cpe:/o:linux:linux_kernel:2.6.32.9", "cpe:/o:linux:linux_kernel:2.6.27.9", "cpe:/o:linux:linux_kernel:2.6.28.4", "cpe:/o:linux:linux_kernel:2.6.11.3", "cpe:/o:linux:linux_kernel:2.6.14.6", "cpe:/o:linux:linux_kernel:2.6.18.8", "cpe:/o:linux:linux_kernel:2.6.16.35", "cpe:/o:linux:linux_kernel:2.6.12.2", "cpe:/o:linux:linux_kernel:2.6.20.13", "cpe:/o:linux:linux_kernel:2.6.27.10", "cpe:/o:linux:linux_kernel:2.6.16.11", "cpe:/o:linux:linux_kernel:2.6.32.15", "cpe:/o:linux:linux_kernel:2.6.28.1", "cpe:/o:linux:linux_kernel:2.6.35.1", "cpe:/o:linux:linux_kernel:2.6.27.41", "cpe:/o:linux:linux_kernel:2.6.31.5", "cpe:/o:linux:linux_kernel:2.6.27.49", "cpe:/o:linux:linux_kernel:2.6.20.10", "cpe:/o:linux:linux_kernel:2.6.17.5", "cpe:/o:linux:linux_kernel:2.6.30.8", "cpe:/o:linux:linux_kernel:2.6.16.23", "cpe:/o:linux:linux_kernel:2.6.23.3", "cpe:/o:linux:linux_kernel:2.6.25.10", "cpe:/o:linux:linux_kernel:2.6.13.3", "cpe:/o:linux:linux_kernel:2.6.22.2", "cpe:/o:linux:linux_kernel:2.6.21.2", "cpe:/o:linux:linux_kernel:2.6.27.55", "cpe:/o:linux:linux_kernel:2.6.16.13", "cpe:/o:linux:linux_kernel:2.6.25.8", "cpe:/o:linux:linux_kernel:2.6.22.6", "cpe:/o:linux:linux_kernel:2.6.16.43", "cpe:/o:linux:linux_kernel:2.6.16.62", "cpe:/o:linux:linux_kernel:2.6.31.12", "cpe:/o:linux:linux_kernel:2.6.31.13"], "id": "CVE-2011-1494", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1494", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.16:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.55:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.6:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc9:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.15.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.18:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.35.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.30:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.7:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.22.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.26:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.24:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.23:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.36:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.17.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.29.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.10:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.25:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.13:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.20.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.28.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.31:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.5:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.32.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.27.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.14:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.16.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl call.", "edition": 7, "cvss3": {}, "published": "2011-05-09T19:55:00", "title": "CVE-2011-1745", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1745"], "modified": "2020-08-04T19:01:00", "cpe": ["cpe:/o:redhat:enterprise_linux_eus:5.6", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:redhat:enterprise_linux_aus:5.6", "cpe:/o:redhat:enterprise_linux:5.0", "cpe:/o:redhat:enterprise_linux_server:5.0"], "id": "CVE-2011-1745", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1745", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_aus:5.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:05", "description": "The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.", "edition": 6, "cvss3": {}, "published": "2011-04-10T02:51:00", "title": "CVE-2011-1163", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1163"], "modified": "2020-08-07T19:35:00", "cpe": ["cpe:/o:redhat:enterprise_linux_eus:5.6", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:redhat:enterprise_linux_server_aus:5.6", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:suse:linux_enterprise_server:10", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/o:redhat:enterprise_linux_server:6.0"], "id": "CVE-2011-1163", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1163", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_aus:5.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*"]}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:23", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1598", "CVE-2011-1770", "CVE-2011-1748"], "description": "[2.6.32-100.35.1.el6uek]\n- [net] dccp: handle invalid feature options length {CVE-2011-1770}\n- [net] can: add missing socket check in can/raw release {CVE-2011-1748}\n- [net] can: Add missing socket check in can/bcm release {CVE-2011-1598}", "edition": 4, "modified": "2011-06-02T00:00:00", "published": "2011-06-02T00:00:00", "id": "ELSA-2011-2019", "href": "http://linux.oracle.com/errata/ELSA-2011-2019.html", "title": "Oracle Linux 6 Unbreakable Enterprise kernel security fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:26", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1771", "CVE-2011-1598", "CVE-2011-1770", "CVE-2010-3858", "CVE-2011-1748"], "description": "[2.6.32-131.2.1.el6]\n- [kernel] lib/vsprintf.c: add %pU to print UUID/GUIDs (Frantisek Hrbata) [704280 700299]\n- [scsi] megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [704601 619422]\n[2.6.32-131.1.1.el6]\n- [net] dccp: handle invalid feature options length (Jiri Pirko) [703012 703013] {CVE-2011-1770}\n- [fs] cifs: check for private_data before trying to put it (Jeff Layton) [703017 702642] {CVE-2011-1771}\n- [net] can: add missing socket check in can/raw and can/bcm release (Jiri Pirko) [698482 698483] {CVE-2011-1748 CVE-2011-1598}\n- [netdrv] ixgbe: do not clear FCoE DDP error status for received ABTS (Andy Gospodarek) [704011 695966]\n- [netdrv] ixgbe: DCB remove ixgbe_fcoe_getapp routine (Andy Gospodarek) [704002 694358]\n- [fs] setup_arg_pages: diagnose excessive argument size (Oleg Nesterov) [645228 645229] {CVE-2010-3858}\n- [scsi] bfa: change tech-preview to cover all cases (Rob Evers) [704014 703251]\n- [scsi] bfa: driver version update (Rob Evers) [704282 703265]\n- [scsi] bfa: kdump fix (Rob Evers) [704282 703265]\n- [scsi] bfa: firmware download fix (Rob Evers) [704282 703265]\n- [netdrv] bna: fix memory leak during RX path cleanup (Ivan Vecera) [704000 698625]\n- [netdrv] bna: fix for clean fw re-initialization (Ivan Vecera) [704000 698625]\n- [scsi] ipr: improve interrupt service routine performance (Steve Best) [704009 696754]", "edition": 4, "modified": "2011-06-02T00:00:00", "published": "2011-06-02T00:00:00", "id": "ELSA-2011-0836", "href": "http://linux.oracle.com/errata/ELSA-2011-0836.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:06", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1494", "CVE-2010-4251", "CVE-2011-1023", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1171", "CVE-2011-1082"], "description": "A\n[2.6.32-100.28.17.el6]\n- [net] Extend prot->slab size when add sock extend fields.\n[2.6.32-100.28.16.el6]\n- kernel: Fix unlimited socket backlog DoS {CVE-2010-4251}\n- RDS: Fix congestion issues for loopback\n- rds: prevent BUG_ON triggering on congestion map updates {CVE-2011-1023}\n- epoll: prevent creating circular epoll structures {CVE-2011-1082}\n- fs: fix corrupted OSF partition table parsing {CVE-2011-1163}\n- fs: Increase OSF partition limit from 8 to 18 {CVE-2011-1163}\n- netfilter: arp_tables: fix infoleak to userspace {CVE-2011-1170}\n- netfilter: ip_tables: fix infoleak to userspace {CVE-2011-1171}\n- ipv6: netfilter: ip6_tables: fix infoleak to userspace {CVE-2011-1172}\n- [SCSI] mpt2sas: prevent heap overflows and unchecked reads {CVE-2011-1494, CVE-2011-1495}", "edition": 4, "modified": "2011-05-23T00:00:00", "published": "2011-05-23T00:00:00", "id": "ELSA-2011-2016", "href": "http://linux.oracle.com/errata/ELSA-2011-2016.html", "title": "Unbreakable Enterprise kernel security fix update", "type": "oraclelinux", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:03:49", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-2491", "CVE-2011-2484", "CVE-2011-2182", "CVE-2011-2022", "CVE-2011-1495", "CVE-2011-1093", "CVE-2011-1593", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1585", "CVE-2011-2496"], "description": "This kernel update for the SUSE Linux Enterprise 10 SP4\n kernel fixes several security issues and bugs.\n\n The following security issues were fixed:\n\n *\n\n CVE-2011-1093: The dccp_rcv_state_process function in\n net/dccp/input.c in the Datagram Congestion Control\n Protocol (DCCP) implementation in the Linux kernel did not\n properly handle packets for a CLOSED endpoint, which\n allowed remote attackers to cause a denial of service (NULL\n pointer dereference and OOPS) by sending a DCCP-Close\n packet followed by a DCCP-Reset packet.\n\n *\n\n CVE-2011-2484: The add_del_listener function in\n kernel/taskstats.c in the Linux kernel did not prevent\n multiple registrations of exit handlers, which allowed\n local users to cause a denial of service (memory and CPU\n consumption), and bypass the OOM Killer, via a crafted\n application.\n\n *\n\n CVE-2011-1745: Integer overflow in the\n agp_generic_insert_memory function in\n drivers/char/agp/generic.c in the Linux kernel allowed\n local users to gain privileges or cause a denial of service\n (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl\n call.\n\n *\n\n CVE-2011-1746: Multiple integer overflows in the (1)\n agp_allocate_memory and (2) agp_create_user_memory\n functions in drivers/char/agp/generic.c in the Linux kernel\n allowed local users to trigger buffer overflows, and\n consequently cause a denial of service (system crash) or\n possibly have unspecified other impact, via vectors related\n to calls that specify a large number of memory pages.\n\n *\n\n CVE-2011-2022: The agp_generic_remove_memory function\n in drivers/char/agp/generic.c in the Linux kernel before\n 2.6.38.5 did not validate a certain start parameter, which\n allowed local users to gain privileges or cause a denial of\n service (system crash) via a crafted AGPIOC_UNBIND\n agp_ioctl ioctl call, a different vulnerability than\n CVE-2011-1745.\n\n *\n\n CVE-2011-1585: When using a setuid root mount.cifs,\n local users could hijack password protected mounted CIFS\n shares of other local users.\n\n *\n\n CVE-2011-0726: The do_task_stat function in\n fs/proc/array.c in the Linux kernel did not perform an\n expected uid check, which made it easier for local users to\n defeat the ASLR protection mechanism by reading the\n start_code and end_code fields in the /proc/#####/stat file\n for a process executing a PIE binary.\n\n *\n\n CVE-2011-2496: The normal mmap paths all avoid\n creating a mapping where the pgoff inside the mapping could\n wrap around due to overflow. However, an expanding mremap()\n can take such a non-wrapping mapping and make it bigger and\n cause a wrapping condition.\n\n *\n\n CVE-2011-2491: A local unprivileged user able to\n access a NFS filesystem could use file locking to deadlock\n parts of an nfs server under some circumstance.\n\n *\n\n CVE-2011-1017, CVE-2011-2182: The code for evaluating\n LDM partitions (in fs/partitions/ldm.c) contained bugs that\n could crash the kernel for certain corrupted LDM partitions.\n\n *\n\n CVE-2011-1593: Multiple integer overflows in the\n next_pidmap function in kernel/pid.c in the Linux kernel\n allowed local users to cause a denial of service (system\n crash) via a crafted (1) getdents or (2) readdir system\n call.\n\n *\n\n CVE-2011-1494: Integer overflow in the\n _ctl_do_mpt_command function in\n drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel\n might have allowed local users to gain privileges or cause\n a denial of service (memory corruption) via an ioctl call\n specifying a crafted value that triggers a heap-based\n buffer overflow.\n\n *\n\n CVE-2011-1495: drivers/scsi/mpt2sas/mpt2sas_ctl.c in\n the Linux kernel did not validate (1) length and (2) offset\n values before performing memory copy operations, which\n might have allowed local users to gain privileges, cause a\n denial of service (memory corruption), or obtain sensitive\n information from kernel memory via a crafted ioctl call,\n related to the _ctl_do_mpt_command and\n _ctl_diag_read_buffer functions.\n", "edition": 1, "modified": "2011-08-12T18:08:21", "published": "2011-08-12T18:08:21", "id": "SUSE-SU-2011:0899-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00011.html", "type": "suse", "title": "Security update for Linux kernel (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:55:38", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1494", "CVE-2011-2491", "CVE-2011-2484", "CVE-2011-2182", "CVE-2011-2022", "CVE-2011-1495", "CVE-2011-1093", "CVE-2011-1593", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1585", "CVE-2011-2496"], "description": "This kernel update for the SUSE Linux Enterprise 10 SP4 kernel fixes several security issues and bugs.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2011-08-12T14:12:39", "published": "2011-08-12T14:12:39", "id": "SUSE-SA:2011:034", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-08/msg00010.html", "type": "suse", "title": "remote denial of service, potential local in kernel", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:21:10", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-2491", "CVE-2011-1776", "CVE-2011-2182", "CVE-2011-2022", "CVE-2011-1093", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-3191", "CVE-2011-1585", "CVE-2011-2496"], "description": "This kernel update for the SUSE Linux Enterprise 10 SP3 kernel fixes several security issues and bugs.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2011-09-20T17:41:52", "published": "2011-09-20T17:41:52", "id": "SUSE-SA:2011:040", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00021.html", "type": "suse", "title": "remote denial of service in kernel", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:23:43", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-2491", "CVE-2011-1776", "CVE-2011-2182", "CVE-2011-2022", "CVE-2011-1093", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-3191", "CVE-2011-1585", "CVE-2011-2496"], "description": "This kernel update for the SUSE Linux Enterprise 10 SP3\n kernel fixes several security issues and bugs.\n\n The following security issues have been fixed:\n\n *\n\n CVE-2011-3191: A signedness issue in CIFS could\n possibly have lead to to memory corruption, if a malicious\n server could send crafted replies to the host.\n\n *\n\n CVE-2011-1776: Timo Warns reported an issue in the\n Linux implementation for GUID partitions. Users with\n physical access could gain access to sensitive kernel\n memory by adding a storage device with a specially crafted\n corrupted invalid partition table.\n\n *\n\n CVE-2011-1093: The dccp_rcv_state_process function in\n net/dccp/input.c in the Datagram Congestion Control\n Protocol (DCCP) implementation in the Linux kernel did not\n properly handle packets for a CLOSED endpoint, which\n allowed remote attackers to cause a denial of service (NULL\n pointer dereference and OOPS) by sending a DCCP-Close\n packet followed by a DCCP-Reset packet.\n\n *\n\n CVE-2011-1745: Integer overflow in the\n agp_generic_insert_memory function in\n drivers/char/agp/generic.c in the Linux kernel allowed\n local users to gain privileges or cause a denial of service\n (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl\n call.\n\n *\n\n CVE-2011-1746: Multiple integer overflows in the (1)\n agp_allocate_memory and (2) agp_create_user_memory\n functions in drivers/char/agp/generic.c in the Linux kernel\n allowed local users to trigger buffer overflows, and\n consequently cause a denial of service (system crash) or\n possibly have unspecified other impact, via vectors related\n to calls that specify a large number of memory pages.\n\n *\n\n CVE-2011-2022: The agp_generic_remove_memory function\n in drivers/char/agp/generic.c in the Linux kernel before\n 2.6.38.5 did not validate a certain start parameter, which\n allowed local users to gain privileges or cause a denial of\n service (system crash) via a crafted AGPIOC_UNBIND\n agp_ioctl ioctl call, a different vulnerability than\n CVE-2011-1745.\n\n *\n\n CVE-2011-0726: The do_task_stat function in\n fs/proc/array.c in the Linux kernel did not perform an\n expected uid check, which made it easier for local users to\n defeat the ASLR protection mechanism by reading the\n start_code and end_code fields in the /proc/#####/stat file\n for a process executing a PIE binary.\n\n *\n\n CVE-2011-2496: The normal mmap paths all avoid\n creating a mapping where the pgoff inside the mapping could\n wrap around due to overflow. However, an expanding mremap()\n can take such a non-wrapping mapping and make it bigger and\n cause a wrapping condition.\n\n *\n\n CVE-2011-2491: A local unprivileged user able to\n access a NFS filesystem could use file locking to deadlock\n parts of an nfs server under some circumstance.\n\n *\n\n CVE-2011-1017,CVE-2011-2182: The code for evaluating\n LDM partitions (in fs/partitions/ldm.c) contained bugs that\n could crash the kernel for certain corrupted LDM partitions.\n\n *\n\n CVE-2011-1585: When using a setuid root mount.cifs,\n local users could hijack password protected mounted CIFS\n shares of other local users.\n\n Also following non-security bugs were fixed:\n\n *\n patches.suse/fs-proc-vmcorec-add-hook-to-read_from_oldmem-to\n -check-for-non-ram-pages.patch: fs/proc/vmcore.c: add hook\n to read_from_oldmem() to check for non-ram pages\n (bnc#684297).\n * patches.xen/1062-xenbus-dev-leak.patch: xenbus: Fix\n memory leak on release.\n * patches.xen/1074-xenbus_conn-type.patch: xenbus: fix\n type inconsistency with xenbus_conn().\n * patches.xen/1080-blkfront-xenbus-gather-format.patch:\n blkfront: fix data size for xenbus_gather in connect().\n *\n patches.xen/1081-blkback-resize-transaction-end.patch:\n xenbus: fix xenbus_transaction_start() hang caused by\n double xenbus_transaction_end().\n * patches.xen/1089-blkback-barrier-check.patch:\n blkback: dont fail empty barrier requests.\n * patches.xen/1091-xenbus-dev-no-BUG.patch: xenbus:\n dont BUG() on user mode induced conditions (bnc#696107).\n * patches.xen/1098-blkfront-cdrom-ioctl-check.patch:\n blkfront: avoid NULL de-reference in CDROM ioctl handling\n (bnc#701355).\n * patches.xen/1102-x86-max-contig-order.patch: x86: use\n dynamically adjusted upper bound for contiguous regions\n (bnc#635880).\n *\n patches.xen/xen3-x86-sanitize-user-specified-e820-memmap-val\n ues.patch: x86: sanitize user specified e820 memmap values\n (bnc#665543).\n *\n patches.fixes/libiscsi-dont-run-scsi-eh-if-iscsi-task-is-mak\n ing-progress: Fix typo, which was uncovered in debug mode.\n * patches.fixes/pacct-fix-sighand-siglock-usage.patch:\n Fix sighand->siglock usage in kernel/acct.c (bnc#705463).\n", "edition": 1, "modified": "2011-09-21T00:08:35", "published": "2011-09-21T00:08:35", "id": "SUSE-SU-2011:1058-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00023.html", "type": "suse", "title": "Security update for the Linux kernel (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:25:15", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-2491", "CVE-2011-2517", "CVE-2011-1012", "CVE-2011-1598", "CVE-2011-1173", "CVE-2011-2182", "CVE-2011-1079", "CVE-2011-1020", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-2213", "CVE-2011-1745", "CVE-2011-2183", "CVE-2011-1080", "CVE-2011-1585", "CVE-2011-1577", "CVE-2011-2496"], "description": "The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.43 and fixes various bugs and security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2011-07-25T15:19:26", "published": "2011-07-25T15:19:26", "id": "SUSE-SA:2011:031", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00011.html", "title": "remote denial of service, potential local in kernel", "type": "suse", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:18:43", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1746", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-2491", "CVE-2011-2517", "CVE-2011-1012", "CVE-2011-1598", "CVE-2011-1173", "CVE-2011-2182", "CVE-2011-1079", "CVE-2011-1020", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-2213", "CVE-2011-1745", "CVE-2011-2183", "CVE-2011-1080", "CVE-2011-1585", "CVE-2011-1577", "CVE-2011-2496"], "description": "The SUSE Linux Enterprise 11 Service Pack 1 kernel was\n updated to 2.6.32.43 and fixes various bugs and security\n issues.\n\n The following security issues were fixed:\n\n *\n\n CVE-2011-2496: The normal mmap paths all avoid\n creating a mapping where the pgoff inside the mapping could\n wrap around due to overflow. However, an expanding mremap()\n can take such a non-wrapping mapping and make it bigger and\n cause a wrapping condition.\n\n *\n\n CVE-2011-2491: A local unprivileged user able to\n access a NFS filesystem could use file locking to deadlock\n parts of an nfs server under some circumstance.\n\n *\n\n CVE-2011-2183: Fixed a race between ksmd and other\n memory management code, which could result in a NULL ptr\n dereference and kernel crash.\n\n *\n\n CVE-2011-2517: In both trigger_scan and sched_scan\n operations, we were checking for the SSID length before\n assigning the value correctly. Since the memory was just\n kzalloced, the check was always failing and SSID with over\n 32 characters were allowed to go through. This required\n CAP_NET_ADMIN privileges to be exploited.\n\n *\n\n CVE-2011-2213: A malicious user or buggy application\n could inject diagnosing byte code and trigger an infinite\n loop in inet_diag_bc_audit().\n\n *\n\n CVE-2011-1017,CVE-2011-1012,CVE-2011-2182: The code\n for evaluating LDM partitions (in fs/partitions/ldm.c)\n contained bugs that could crash the kernel for certain\n corrupted LDM partitions.\n\n *\n\n CVE-2011-1593: Multiple integer overflows in the\n next_pidmap function in kernel/pid.c in the Linux kernel\n allowed local users to cause a denial of service (system\n crash) via a crafted (1) getdents or (2) readdir system\n call.\n\n *\n\n CVE-2011-1020: The proc filesystem implementation in\n the Linux kernel did not restrict access to the /proc\n directory tree of a process after this process performs an\n exec of a setuid program, which allowed local users to\n obtain sensitive information or cause a denial of service\n via open, lseek, read, and write system calls.\n\n *\n\n CVE-2011-1585: When using a setuid root mount.cifs,\n local users could hijack password protected mounted CIFS\n shares of other local users.\n\n *\n\n CVE-2011-1160: Kernel information via the TPM devices\n could by used by local attackers to read kernel memory.\n\n *\n\n CVE-2011-1577: The Linux kernel automatically\n evaluated partition tables of storage devices. The code for\n evaluating EFI GUID partitions (in fs/partitions/efi.c)\n contained a bug that causes a kernel oops on certain\n corrupted GUID partition tables, which might be used by\n local attackers to crash the kernel or potentially execute\n code.\n\n *\n\n CVE-2011-1078: In a bluetooth ioctl, struct\n sco_conninfo has one padding byte in the end. Local\n variable cinfo of type sco_conninfo was copied to userspace\n with this uninizialized one byte, leading to an old stack\n contents leak.\n\n *\n\n CVE-2011-1079: In a bluetooth ioctl, struct ca is\n copied from userspace. It was not checked whether the\n "device" field was NULL terminated. This potentially leads\n to BUG() inside of alloc_netdev_mqs() and/or information\n leak by creating a device with a name made of contents of\n kernel stack.\n\n *\n\n CVE-2011-1080: In ebtables rule loading, struct tmp\n is copied from userspace. It was not checked whether the\n "name" field is NULL terminated. This may have lead to\n buffer overflow and passing contents of kernel stack as a\n module name to try_then_request_module() and, consequently,\n to modprobe commandline. It would be seen by all userspace\n processes.\n\n *\n\n CVE-2011-1173: The econet_sendmsg function in\n net/econet/af_econet.c in the Linux kernel on the x86_64\n platform allowed remote attackers to obtain potentially\n sensitive information from kernel stack memory by reading\n uninitialized data in the ah field of an Acorn Universal\n Networking (AUN) packet.\n\n *\n\n CVE-2011-1170: net/ipv4/netfilter/arp_tables.c in the\n IPv4 implementation in the Linux kernel did not place the\n expected '0' character at the end of string data in the\n values of certain structure members, which allowed local\n users to obtain potentially sensitive information from\n kernel memory by leveraging the CAP_NET_ADMIN capability to\n issue a crafted request, and then reading the argument to\n the resulting modprobe process.\n\n *\n\n CVE-2011-1171: net/ipv4/netfilter/ip_tables.c in the\n IPv4 implementation in the Linux kernel did not place the\n expected '0' character at the end of string data in the\n values of certain structure members, which allowed local\n users to obtain potentially sensitive information from\n kernel memory by leveraging the CAP_NET_ADMIN capability to\n issue a crafted request, and then reading the argument to\n the resulting modprobe process.\n\n *\n\n CVE-2011-1172: net/ipv6/netfilter/ip6_tables.c in the\n IPv6 implementation in the Linux kernel did not place the\n expected '0' character at the end of string data in the\n values of certain structure members, which allowed local\n users to obtain potentially sensitive information from\n kernel memory by leveraging the CAP_NET_ADMIN capability to\n issue a crafted request, and then reading the argument to\n the resulting modprobe process.\n\n *\n\n CVE-2011-1746: Multiple integer overflows in the (1)\n agp_allocate_memory and (2) agp_create_user_memory\n functions in drivers/char/agp/generic.c in the Linux kernel\n before allowed local users to trigger buffer overflows, and\n consequently cause a denial of service (system crash) or\n possibly have unspecified other impact, via vectors related\n to calls that specify a large number of memory pages.\n\n *\n\n CVE-2011-1745: Integer overflow in the\n agp_generic_insert_memory function in\n drivers/char/agp/generic.c in the Linux kernel allowed\n local users to gain privileges or cause a denial of service\n (system crash) via a crafted AGPIOC_BIND agp_ioctl ioctl\n call.\n\n *\n\n CVE-2011-1598: The bcm_release function in\n net/can/bcm.c in the Linux kernel did not properly validate\n a socket data structure, which allowed local users to cause\n a denial of service (NULL pointer dereference) or possibly\n have unspecified other impact via a crafted release\n operation.\n\n *\n\n CVE-2011-1748: The raw_release function in\n net/can/raw.c in the Linux kernel did not properly validate\n a socket data structure, which allows local users to cause\n a denial of service (NULL pointer dereference) or possibly\n have unspecified other impact via a crafted release\n operation.\n", "edition": 1, "modified": "2011-07-25T17:08:29", "published": "2011-07-25T17:08:29", "id": "SUSE-SU-2011:0832-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00012.html", "type": "suse", "title": "Security update for Linux kernel (important)", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:42", "bulletinFamily": "software", "cvelist": ["CVE-2011-1017", "CVE-2011-1476", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-1478", "CVE-2011-1767", "CVE-2011-1598", "CVE-2011-1173", "CVE-2011-1759", "CVE-2011-2182", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-1079", "CVE-2011-1770", "CVE-2011-1747", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-1493", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2011-1080", "CVE-2011-1585"], "description": "DoS via InfiniBand, DoS via InfinyBand disks, multiple DoS conditions, memory corruptions and information leaks, buffer overflow in IrDA, DoS via VLANs, CIFS authentication bypass, DoS via GRE.", "edition": 1, "modified": "2011-05-26T00:00:00", "published": "2011-05-26T00:00:00", "id": "SECURITYVULNS:VULN:11656", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11656", "title": "Linux kernel security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:40", "bulletinFamily": "software", "cvelist": ["CVE-2011-1476", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-1478", "CVE-2011-1776", "CVE-2011-1767", "CVE-2011-1598", "CVE-2010-3875", "CVE-2011-1173", "CVE-2011-1759", "CVE-2011-0711", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-1079", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-1493", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2011-1080", "CVE-2011-1585"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-2240-1 security@debian.org\r\nhttp://www.debian.org/security/ dann frazier\r\nMay 24, 2011 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : privilege escalation/denial of service/information leak\r\nProblem type : local/remote\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2010-3875 CVE-2011-0695 CVE-2011-0711 CVE-2011-0726\r\n CVE-2011-1016 CVE-2011-1078 CVE-2011-1079 CVE-2011-1080\r\n CVE-2011-1090 CVE-2011-1160 CVE-2011-1163 CVE-2011-1170\r\n CVE-2011-1171 CVE-2011-1172 CVE-2011-1173 CVE-2011-1180\r\n CVE-2011-1182 CVE-2011-1476 CVE-2011-1477 CVE-2011-1478\r\n CVE-2011-1493 CVE-2011-1494 CVE-2011-1495 CVE-2011-1585\r\n CVE-2011-1593 CVE-2011-1598 CVE-2011-1745 CVE-2011-1746\r\n CVE-2011-1748 CVE-2011-1759 CVE-2011-1767 CVE-2011-1770\r\n CVE-2011-1776 CVE-2011-2022\r\nDebian Bug(s) : \r\n \r\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\r\nto a denial of service or privilege escalation. The Common Vulnerabilities and\r\nExposures project identifies the following problems:\r\n\r\nCVE-2010-3875\r\n\r\n Vasiliy Kulikov discovered an issue in the Linux implementation of the\r\n Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to\r\n sensitive kernel memory.\r\n\r\nCVE-2011-0695\r\n\r\n Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can\r\n exploit a race condition to cause a denial of service (kernel panic).\r\n\r\nCVE-2011-0711\r\n\r\n Dan Rosenberg reported an issue in the XFS filesystem. Local users may\r\n obtain access to sensitive kernel memory.\r\n\r\nCVE-2011-0726\r\n\r\n Kees Cook reported an issue in the /proc/pid/stat implementation. Local\r\n users could learn the text location of a process, defeating protections\r\n provided by address space layout randomization (ASLR).\r\n\r\nCVE-2011-1016\r\n\r\n Marek Olsak discovered an issue in the driver for ATI/AMD Radeon video\r\n chips. Local users could pass arbitrary values to video memory and the\r\n graphics translation table, resulting in denial of service or escalated\r\n privileges. On default Debian installations, this is exploitable only by\r\n members of the 'video' group.\r\n\r\nCVE-2011-1078\r\n\r\n Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users\r\n can obtain access to sensitive kernel memory.\r\n\r\nCVE-2011-1079\r\n\r\n Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users\r\n with the CAP_NET_ADMIN capability can cause a denial of service (kernel\r\n Oops).\r\n \r\nCVE-2011-1080\r\n\r\n Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users\r\n can obtain access to sensitive kernel memory.\r\n\r\nCVE-2011-1090\r\n\r\n Neil Horman discovered a memory leak in the setacl() call on NFSv4\r\n filesystems. Local users can explot this to cause a denial of service\r\n (Oops).\r\n\r\nCVE-2011-1160\r\n\r\n Peter Huewe reported an issue in the Linux kernel's support for TPM security\r\n chips. Local users with permission to open the device can gain access to\r\n sensitive kernel memory.\r\n\r\nCVE-2011-1163\r\n\r\n Timo Warns reported an issue in the kernel support for Alpha OSF format disk\r\n partitions. Users with physical access can gain access to sensitive kernel\r\n memory by adding a storage device with a specially crafted OSF partition.\r\n\r\nCVE-2011-1170\r\n\r\n Vasiliy Kulikov reported an issue in the Netfilter arp table\r\n implementation. Local users with the CAP_NET_ADMIN capability can gain\r\n access to sensitive kernel memory.\r\n\r\nCVE-2011-1171\r\n\r\n Vasiliy Kulikov reported an issue in the Netfilter IP table\r\n implementation. Local users with the CAP_NET_ADMIN capability can gain\r\n access to sensitive kernel memory.\r\n \r\nCVE-2011-1172\r\n\r\n Vasiliy Kulikov reported an issue in the Netfilter IP6 table\r\n implementation. Local users with the CAP_NET_ADMIN capability can gain\r\n access to sensitive kernel memory.\r\n \r\nCVE-2011-1173\r\n\r\n Vasiliy Kulikov reported an issue in the Acorn Econet protocol\r\n implementation. Local users can obtain access to sensitive kernel memory on\r\n systems that use this rare hardware.\r\n\r\nCVE-2011-1180\r\n\r\n Dan Rosenberg reported a buffer overflow in the Information Access Service\r\n of the IrDA protocol, used for Infrared devices. Remote attackers within IR\r\n device range can cause a denial of service or possibly gain elevated\r\n privileges.\r\n\r\nCVE-2011-1182\r\n\r\n Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local\r\n users can generate signals with falsified source pid and uid information.\r\n\r\nCVE-2011-1476\r\n\r\n Dan Rosenberg reported issues in the Open Sound System MIDI interface that\r\n allow local users to cause a denial of service. This issue does not affect\r\n official Debian Linux image packages as they no longer provide support for\r\n OSS. However, custom kernels built from Debians linux-source-2.6.32 may\r\n have enabled this configuration and would therefore be vulnerable.\r\n\r\nCVE-2011-1477\r\n\r\n Dan Rosenberg reported issues in the Open Sound System driver for cards that\r\n include a Yamaha FM synthesizer chip. Local users can cause memory\r\n corruption resulting in a denial of service. This issue does not affect\r\n official Debian Linux image packages as they no longer provide support for\r\n OSS. However, custom kernels built from Debians linux-source-2.6.32 may\r\n have enabled this configuration and would therefore be vulnerable.\r\n\r\nCVE-2011-1478\r\n\r\n Ryan Sweat reported an issue in the Generic Receive Offload (GRO) support in\r\n the Linux networking subsystem. If an interface has GRO enabled and is\r\n running in promiscuous mode, remote users can cause a denial of service\r\n (NULL pointer dereference) by sending packets on an unknown VLAN.\r\n\r\nCVE-2011-1493\r\n\r\n Dan Rosenburg reported two issues in the Linux implementation of the Amateur\r\n Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of service\r\n by providing specially crafted facilities fields.\r\n\r\nCVE-2011-1494\r\n\r\n Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided by\r\n the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain\r\n elevated privileges by specially crafted ioctl calls. On default Debian\r\n installations this is not exploitable as this interface is only accessible\r\n to root.\r\n\r\nCVE-2011-1495\r\n\r\n Dan Rosenberg reported two additional issues in the /dev/mpt2ctl interface\r\n provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users\r\n can obtain elevated privileges and ready arbitrary kernel memory by using\r\n specially crafted ioctl calls. On default Debian installations this is not\r\n exploitable as this interface is only accessible to root.\r\n\r\nCVE-2011-1585\r\n\r\n Jeff Layton reported an issue in the Common Internet File System (CIFS).\r\n Local users can bypass authentication requirements for shares that are\r\n already mounted by another user.\r\n\r\nCVE-2011-1593\r\n\r\n Robert Swiecki reported a signednes issue in the next_pidmap() function,\r\n which can be exploited my local users to cause a denial of service.\r\n\r\nCVE-2011-1598\r\n\r\n Dave Jones reported an issue in the Broadcast Manager Controller Area\r\n Network (CAN/BCM) protocol that may allow local users to cause a NULL\r\n pointer dereference, resulting in a denial of service.\r\n\r\nCVE-2011-1745\r\n\r\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\r\n Local users can obtain elevated privileges or cause a denial of service due\r\n to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian\r\n installations, this is exploitable only by users in the video group.\r\n\r\nCVE-2011-1746\r\n\r\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\r\n Local users can obtain elevated privileges or cause a denial of service due\r\n to missing bounds checking in the agp_allocate_memory and\r\n agp_create_user_memory. On default Debian installations, this is exploitable\r\n only by users in the video group.\r\n\r\nCVE-2011-1748\r\n\r\n Oliver Kartkopp reported an issue in the Controller Area Network (CAN) raw\r\n socket implementation which permits ocal users to cause a NULL pointer\r\n dereference, resulting in a denial of service.\r\n \r\nCVE-2011-1759\r\n\r\n Dan Rosenberg reported an issue in the support for executing "old ABI"\r\n binaries on ARM processors. Local users can obtain elevated privileges due\r\n to insufficient bounds checking in the semtimedop system call.\r\n\r\nCVE-2011-1767\r\n\r\n Alexecy Dobriyan reported an issue in the GRE over IP implementation.\r\n Remote users can cause a denial of service by sending a packet during module\r\n initialization.\r\n\r\nCVE-2011-1770\r\n\r\n Dan Rosenberg reported an issue in the Datagram Congestion Control Protocol\r\n (DCCP). Remote users can cause a denial of service or potentially obtain\r\n access to sensitive kernel memory.\r\n\r\nCVE-2011-1776\r\n\r\n Timo Warns reported an issue in the Linux implementation for GUID\r\n partitions. Users with physical access can gain access to sensitive kernel\r\n memory by adding a storage device with a specially crafted corrupted invalid\r\n partition table.\r\n\r\nCVE-2011-2022\r\n\r\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\r\n Local users can obtain elevated privileges or cause a denial of service due\r\n to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian\r\n installations, this is exploitable only by users in the video group.\r\n\r\nThis update also includes changes queued for the next point release of\r\nDebian 6.0, which also fix various non-security issues. These additional\r\nchanges are described in the package changelog which can be viewed at:\r\n\r\n http://packages.debian.org/changelogs/pool/main/l/linux-2.6/linux-2.6_26.32-34/changelog\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in version\r\n2.6.32-34squeeze1. Updates for issues impacting the oldstable distribution\r\n(lenny) will be available soon.\r\n\r\nThe following matrix lists additional source packages that were rebuilt for\r\ncompatibility with or to take advantage of this update:\r\n\r\n Debian 6.0 (squeeze)\r\n user-mode-linux 2.6.32-1um-4+34squeeze1\r\n\r\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niQIcBAEBAgAGBQJN3I4aAAoJEBv4PF5U/IZAaa4P/j+l40Mp6naHByZt3jpwNWSA\r\nRN/jkkrYnYNDyT7crB+/DOdu84zalYa2KqfffOd/faV9+NSCBayjJ5c+FvVgeTay\r\nIl8elfcWP/uK0BXJn2xVb7YAsLpIe0HRlhxe72ZqcT4Yxo1/IBnEpUS56JRd2tlA\r\nk7x7dbj+smlzlM4qiXQy1F6LNyDqoGDUKNohQHUoyQ5dGq/gdi3C7EnUs4Nx9vjK\r\nRU1HUWLXB4qm7JpoK6o3u6Hpe0ynZm74tYvTi0XhayGXGevaBvIQuEWqhY6gZF1P\r\nv6a5gvBQC2pRIQXAVUbAhjoXpuF5jahTgicLdJanDqLfhefQ3qV11Ahvui2lzZuT\r\niKbMVGzO/azPLzskH8YNBq6drFPX2ZqRsxGmrTdzEtLWnJCN6nBBe4kF6C3z5T1A\r\n1ez4/F+OhNl2wnimq3CxiyfXun9WWs6IlULpqsKgJjE4bItg5a8+zTYGjkhQxX+X\r\nfPzO1xZCtQK4i+59Ejs5FwIfps0fA0m8c1Z5bnIaj4Q+0X5sJt2kwws8yrQKoOH1\r\neKGOgRqM70rOnyW/TQtXDGnTC4+vCCv89UjZUpG+sxZtWUxeh8CL2scUyceTeSNC\r\nIS2+EgvilN+a3hQlYJH4YNshmQCtJDp7qMTLaXLHM9hoV1L383nbJV4AtrFlcsCO\r\nKRI5f0ds95H6TsEoTSmO\r\n=gx2x\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2011-05-26T00:00:00", "published": "2011-05-26T00:00:00", "id": "SECURITYVULNS:DOC:26416", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26416", "title": "[SECURITY] [DSA 2240-1] linux-2.6 security update", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:17", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3858", "CVE-2011-1598", "CVE-2011-1748", "CVE-2011-1770", "CVE-2011-1771"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* An integer underflow flaw, leading to a buffer overflow, was found in the\nLinux kernel's Datagram Congestion Control Protocol (DCCP) implementation.\nThis could allow a remote attacker to cause a denial of service.\n(CVE-2011-1770, Important)\n\n* Missing sanity checks were found in setup_arg_pages() in the Linux\nkernel. When making the size of the argument and environment area on the\nstack very large, it could trigger a BUG_ON(), resulting in a local denial\nof service. (CVE-2010-3858, Moderate)\n\n* A missing validation check was found in the bcm_release() and\nraw_release() functions in the Linux kernel's Controller Area Network (CAN)\nimplementation. This could allow a local, unprivileged user to cause a\ndenial of service. (CVE-2011-1598, CVE-2011-1748, Moderate)\n\n* The fix for Red Hat Bugzilla bug 656461, as provided in RHSA-2011:0542,\nintroduced a regression in the cifs_close() function in the Linux kernel's\nCommon Internet File System (CIFS) implementation. A local, unprivileged\nuser with write access to a CIFS file system could use this flaw to cause a\ndenial of service. (CVE-2011-1771, Moderate)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770; Brad\nSpengler for reporting CVE-2010-3858; and Oliver Hartkopp for reporting\nCVE-2011-1748.\n\nThis update also fixes various bugs. Documentation for these bug fixes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to resolve these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:23", "published": "2011-06-01T04:00:00", "id": "RHSA-2011:0836", "href": "https://access.redhat.com/errata/RHSA-2011:0836", "type": "redhat", "title": "(RHSA-2011:0836) Important: kernel security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:15", "bulletinFamily": "unix", "cvelist": ["CVE-2010-4243", "CVE-2010-4250", "CVE-2010-4526", "CVE-2011-1020", "CVE-2011-1021", "CVE-2011-1090", "CVE-2011-1160", "CVE-2011-1478", "CVE-2011-1479", "CVE-2011-1494", "CVE-2011-1495", "CVE-2011-1576", "CVE-2011-1577", "CVE-2011-1585", "CVE-2011-1593", "CVE-2011-1598", "CVE-2011-1745", "CVE-2011-1746", "CVE-2011-1748", "CVE-2011-1767", "CVE-2011-1768", "CVE-2011-1770", "CVE-2011-1776", "CVE-2011-2022", "CVE-2011-2183", "CVE-2011-2213", "CVE-2011-2484", "CVE-2011-2491", "CVE-2011-2492", "CVE-2011-2495", "CVE-2011-2496", "CVE-2011-2497", "CVE-2011-2517", "CVE-2011-2695"], "description": "Security fixes:\n\n* A flaw in the SCTP and DCCP implementations could allow a remote attacker\nto cause a denial of service. (CVE-2010-4526, CVE-2011-1770, Important)\n\n* Flaws in the Management Module Support for Message Passing Technology\n(MPT) based controllers could allow a local, unprivileged user to cause a\ndenial of service, an information leak, or escalate their privileges.\n(CVE-2011-1494, CVE-2011-1495, Important)\n\n* Flaws in the AGPGART driver, and a flaw in agp_allocate_memory(), could\nallow a local user to cause a denial of service or escalate their\nprivileges. (CVE-2011-1745, CVE-2011-2022, CVE-2011-1746, Important)\n\n* A flaw in the client-side NLM implementation could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-2491, Important)\n\n* A flaw in the Bluetooth implementation could allow a remote attacker to\ncause a denial of service or escalate their privileges. (CVE-2011-2497,\nImportant)\n\n* Flaws in the netlink-based wireless configuration interface could allow a\nlocal user, who has the CAP_NET_ADMIN capability, to cause a denial of\nservice or escalate their privileges on systems that have an active\nwireless interface. (CVE-2011-2517, Important)\n\n* The maximum file offset handling for ext4 file systems could allow a\nlocal, unprivileged user to cause a denial of service. (CVE-2011-2695,\nImportant)\n\n* A local, unprivileged user could allocate large amounts of memory not\nvisible to the OOM killer, causing a denial of service. (CVE-2010-4243,\nModerate)\n\n* The proc file system could allow a local, unprivileged user to obtain\nsensitive information or possibly cause integrity issues. (CVE-2011-1020,\nModerate)\n\n* A local, privileged user could possibly write arbitrary kernel memory via\n/sys/kernel/debug/acpi/custom_method. (CVE-2011-1021, Moderate)\n\n* Inconsistency in the methods for allocating and freeing NFSv4 ACL data;\nCVE-2010-4250 fix caused a regression; a flaw in next_pidmap() and\ninet_diag_bc_audit(); flaws in the CAN implementation; a race condition in\nthe memory merging support; a flaw in the taskstats subsystem; and the way\nmapping expansions were handled could allow a local, unprivileged user to\ncause a denial of service. (CVE-2011-1090, CVE-2011-1479, CVE-2011-1593,\nCVE-2011-2213, CVE-2011-1598, CVE-2011-1748, CVE-2011-2183, CVE-2011-2484,\nCVE-2011-2496, Moderate)\n\n* A flaw in GRO could result in a denial of service when a malformed VLAN\nframe is received. (CVE-2011-1478, Moderate)\n\n* napi_reuse_skb() could be called on VLAN packets allowing an attacker on\nthe local network to possibly trigger a denial of service. (CVE-2011-1576,\nModerate)\n\n* A denial of service could occur if packets were received while the ipip\nor ip_gre module was being loaded. (CVE-2011-1767, CVE-2011-1768, Moderate)\n\n* Information leaks. (CVE-2011-1160, CVE-2011-2492, CVE-2011-2495, Low)\n\n* Flaws in the EFI GUID Partition Table implementation could allow a local\nattacker to cause a denial of service. (CVE-2011-1577, CVE-2011-1776, Low)\n\n* While a user has a CIFS share mounted that required successful\nauthentication, a local, unprivileged user could mount that share without\nknowing the correct password if mount.cifs was setuid root. (CVE-2011-1585,\nLow)\n\nRed Hat would like to thank Dan Rosenberg for reporting CVE-2011-1770,\nCVE-2011-1494, CVE-2011-1495, CVE-2011-2497, and CVE-2011-2213; Vasiliy\nKulikov of Openwall for reporting CVE-2011-1745, CVE-2011-2022,\nCVE-2011-1746, CVE-2011-2484, and CVE-2011-2495; Vasily Averin for\nreporting CVE-2011-2491; Brad Spengler for reporting CVE-2010-4243; Kees\nCook for reporting CVE-2011-1020; Robert Swiecki for reporting\nCVE-2011-1593 and CVE-2011-2496; Oliver Hartkopp for reporting\nCVE-2011-1748; Andrea Righi for reporting CVE-2011-2183; Ryan Sweat for\nreporting CVE-2011-1478 and CVE-2011-1576; Peter Huewe for reporting\nCVE-2011-1160; Marek Kroemeke and Filip Palian for reporting CVE-2011-2492;\nand Timo Warns for reporting CVE-2011-1577 and CVE-2011-1776.\n", "modified": "2018-06-07T08:58:23", "published": "2011-09-12T04:00:00", "id": "RHSA-2011:1253", "href": "https://access.redhat.com/errata/RHSA-2011:1253", "type": "redhat", "title": "(RHSA-2011:1253) Important: kernel-rt security and bug fix update", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:25:33", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1476", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-1494", "CVE-2011-1478", "CVE-2011-1776", "CVE-2011-1767", "CVE-2011-1598", "CVE-2010-3875", "CVE-2011-1173", "CVE-2011-1759", "CVE-2011-0711", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-1079", "CVE-2011-1770", "CVE-2011-1495", "CVE-2011-1163", "CVE-2011-1016", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-1493", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2011-1080", "CVE-2011-1585"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-2240-1 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nMay 24, 2011 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : privilege escalation/denial of service/information leak\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-3875 CVE-2011-0695 CVE-2011-0711 CVE-2011-0726\n CVE-2011-1016 CVE-2011-1078 CVE-2011-1079 CVE-2011-1080\n CVE-2011-1090 CVE-2011-1160 CVE-2011-1163 CVE-2011-1170\n CVE-2011-1171 CVE-2011-1172 CVE-2011-1173 CVE-2011-1180\n CVE-2011-1182 CVE-2011-1476 CVE-2011-1477 CVE-2011-1478\n CVE-2011-1493 CVE-2011-1494 CVE-2011-1495 CVE-2011-1585\n CVE-2011-1593 CVE-2011-1598 CVE-2011-1745 CVE-2011-1746\n CVE-2011-1748 CVE-2011-1759 CVE-2011-1767 CVE-2011-1770\n CVE-2011-1776 CVE-2011-2022\nDebian Bug(s) : \n \nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service or privilege escalation. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2010-3875\n\n Vasiliy Kulikov discovered an issue in the Linux implementation of the\n Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to\n sensitive kernel memory.\n\nCVE-2011-0695\n\n Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can\n exploit a race condition to cause a denial of service (kernel panic).\n\nCVE-2011-0711\n\n Dan Rosenberg reported an issue in the XFS filesystem. Local users may\n obtain access to sensitive kernel memory.\n\nCVE-2011-0726\n\n Kees Cook reported an issue in the /proc/pid/stat implementation. Local\n users could learn the text location of a process, defeating protections\n provided by address space layout randomization (ASLR).\n\nCVE-2011-1016\n\n Marek Ol\u0161\u00e1k discovered an issue in the driver for ATI/AMD Radeon video\n chips. Local users could pass arbitrary values to video memory and the\n graphics translation table, resulting in denial of service or escalated\n privileges. On default Debian installations, this is exploitable only by\n members of the 'video' group.\n\nCVE-2011-1078\n\n Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users\n can obtain access to sensitive kernel memory.\n\nCVE-2011-1079\n\n Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users\n with the CAP_NET_ADMIN capability can cause a denial of service (kernel\n Oops).\n \nCVE-2011-1080\n\n Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users\n can obtain access to sensitive kernel memory.\n\nCVE-2011-1090\n\n Neil Horman discovered a memory leak in the setacl() call on NFSv4\n filesystems. Local users can explot this to cause a denial of service\n (Oops).\n\nCVE-2011-1160\n\n Peter Huewe reported an issue in the Linux kernel's support for TPM security\n chips. Local users with permission to open the device can gain access to\n sensitive kernel memory.\n\nCVE-2011-1163\n\n Timo Warns reported an issue in the kernel support for Alpha OSF format disk\n partitions. Users with physical access can gain access to sensitive kernel\n memory by adding a storage device with a specially crafted OSF partition.\n\nCVE-2011-1170\n\n Vasiliy Kulikov reported an issue in the Netfilter arp table\n implementation. Local users with the CAP_NET_ADMIN capability can gain\n access to sensitive kernel memory.\n\nCVE-2011-1171\n\n Vasiliy Kulikov reported an issue in the Netfilter IP table\n implementation. Local users with the CAP_NET_ADMIN capability can gain\n access to sensitive kernel memory.\n \nCVE-2011-1172\n\n Vasiliy Kulikov reported an issue in the Netfilter IP6 table\n implementation. Local users with the CAP_NET_ADMIN capability can gain\n access to sensitive kernel memory.\n \nCVE-2011-1173\n\n Vasiliy Kulikov reported an issue in the Acorn Econet protocol\n implementation. Local users can obtain access to sensitive kernel memory on\n systems that use this rare hardware.\n\nCVE-2011-1180\n\n Dan Rosenberg reported a buffer overflow in the Information Access Service\n of the IrDA protocol, used for Infrared devices. Remote attackers within IR\n device range can cause a denial of service or possibly gain elevated\n privileges.\n\nCVE-2011-1182\n\n Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local\n users can generate signals with falsified source pid and uid information.\n\nCVE-2011-1476\n\n Dan Rosenberg reported issues in the Open Sound System MIDI interface that\n allow local users to cause a denial of service. This issue does not affect\n official Debian Linux image packages as they no longer provide support for\n OSS. However, custom kernels built from Debians linux-source-2.6.32 may\n have enabled this configuration and would therefore be vulnerable.\n\nCVE-2011-1477\n\n Dan Rosenberg reported issues in the Open Sound System driver for cards that\n include a Yamaha FM synthesizer chip. Local users can cause memory\n corruption resulting in a denial of service. This issue does not affect\n official Debian Linux image packages as they no longer provide support for\n OSS. However, custom kernels built from Debians linux-source-2.6.32 may\n have enabled this configuration and would therefore be vulnerable.\n\nCVE-2011-1478\n\n Ryan Sweat reported an issue in the Generic Receive Offload (GRO) support in\n the Linux networking subsystem. If an interface has GRO enabled and is\n running in promiscuous mode, remote users can cause a denial of service\n (NULL pointer dereference) by sending packets on an unknown VLAN.\n\nCVE-2011-1493\n\n Dan Rosenburg reported two issues in the Linux implementation of the Amateur\n Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of service\n by providing specially crafted facilities fields.\n\nCVE-2011-1494\n\n Dan Rosenberg reported an issue in the /dev/mpt2ctl interface provided by\n the driver for LSI MPT Fusion SAS 2.0 controllers. Local users can obtain\n elevated privileges by specially crafted ioctl calls. On default Debian\n installations this is not exploitable as this interface is only accessible\n to root.\n\nCVE-2011-1495\n\n Dan Rosenberg reported two additional issues in the /dev/mpt2ctl interface\n provided by the driver for LSI MPT Fusion SAS 2.0 controllers. Local users\n can obtain elevated privileges and ready arbitrary kernel memory by using\n specially crafted ioctl calls. On default Debian installations this is not\n exploitable as this interface is only accessible to root.\n\nCVE-2011-1585\n\n Jeff Layton reported an issue in the Common Internet File System (CIFS).\n Local users can bypass authentication requirements for shares that are\n already mounted by another user.\n\nCVE-2011-1593\n\n Robert Swiecki reported a signednes issue in the next_pidmap() function,\n which can be exploited my local users to cause a denial of service.\n\nCVE-2011-1598\n\n Dave Jones reported an issue in the Broadcast Manager Controller Area\n Network (CAN/BCM) protocol that may allow local users to cause a NULL\n pointer dereference, resulting in a denial of service.\n\nCVE-2011-1745\n\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\n Local users can obtain elevated privileges or cause a denial of service due\n to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian\n installations, this is exploitable only by users in the video group.\n\nCVE-2011-1746\n\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\n Local users can obtain elevated privileges or cause a denial of service due\n to missing bounds checking in the agp_allocate_memory and\n agp_create_user_memory. On default Debian installations, this is exploitable\n only by users in the video group.\n\nCVE-2011-1748\n\n Oliver Kartkopp reported an issue in the Controller Area Network (CAN) raw\n socket implementation which permits ocal users to cause a NULL pointer\n dereference, resulting in a denial of service.\n \nCVE-2011-1759\n\n Dan Rosenberg reported an issue in the support for executing "old ABI"\n binaries on ARM processors. Local users can obtain elevated privileges due\n to insufficient bounds checking in the semtimedop system call.\n\nCVE-2011-1767\n\n Alexecy Dobriyan reported an issue in the GRE over IP implementation.\n Remote users can cause a denial of service by sending a packet during module\n initialization.\n\nCVE-2011-1770\n\n Dan Rosenberg reported an issue in the Datagram Congestion Control Protocol\n (DCCP). Remote users can cause a denial of service or potentially obtain\n access to sensitive kernel memory.\n\nCVE-2011-1776\n\n Timo Warns reported an issue in the Linux implementation for GUID\n partitions. Users with physical access can gain access to sensitive kernel\n memory by adding a storage device with a specially crafted corrupted invalid\n partition table.\n\nCVE-2011-2022\n\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\n Local users can obtain elevated privileges or cause a denial of service due\n to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian\n installations, this is exploitable only by users in the video group.\n\nThis update also includes changes queued for the next point release of\nDebian 6.0, which also fix various non-security issues. These additional\nchanges are described in the package changelog which can be viewed at:\n\n http://packages.debian.org/changelogs/pool/main/l/linux-2.6/linux-2.6_2.6.32-34/changelog\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n2.6.32-34squeeze1. Updates for issues impacting the oldstable distribution\n(lenny) will be available soon.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 6.0 (squeeze)\n user-mode-linux 2.6.32-1um-4+34squeeze1\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2011-05-25T05:47:50", "published": "2011-05-25T05:47:50", "id": "DEBIAN:DSA-2240-1:38C7A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00111.html", "title": "[SECURITY] [DSA 2240-1] linux-2.6 security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-11T13:11:56", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1017", "CVE-2011-1768", "CVE-2011-1746", "CVE-2011-0695", "CVE-2011-1160", "CVE-2011-1078", "CVE-2011-1776", "CVE-2011-1767", "CVE-2011-1012", "CVE-2011-1598", "CVE-2010-3875", "CVE-2011-1173", "CVE-2010-2524", "CVE-2011-1759", "CVE-2011-2182", "CVE-2011-0711", "CVE-2011-0710", "CVE-2011-2022", "CVE-2011-1180", "CVE-2011-1079", "CVE-2011-1163", "CVE-2011-1093", "CVE-2011-1010", "CVE-2011-1593", "CVE-2011-1170", "CVE-2011-1172", "CVE-2011-1748", "CVE-2011-1171", "CVE-2011-1477", "CVE-2011-1493", "CVE-2011-0726", "CVE-2011-1745", "CVE-2011-1182", "CVE-2011-1090", "CVE-2011-1080", "CVE-2010-4075", "CVE-2010-4655", "CVE-2011-1577"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2264-1 security@debian.org\nhttp://www.debian.org/security/ dann frazier\nJune 18, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : privilege escalation/denial of service/information leak\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2010-2524 CVE-2010-3875 CVE-2010-4075 CVE-2010-4655 \n CVE-2011-0695 CVE-2011-0710 CVE-2011-0711 CVE-2011-0726\n CVE-2011-1010 CVE-2011-1012 CVE-2011-1017 CVE-2011-1078 \n CVE-2011-1079 CVE-2011-1080 CVE-2011-1090 CVE-2011-1093 \n CVE-2011-1160 CVE-2011-1163 CVE-2011-1170 CVE-2011-1171\n CVE-2011-1172 CVE-2011-1173 CVE-2011-1180 CVE-2011-1182\n CVE-2011-1477 CVE-2011-1493 CVE-2011-1577 CVE-2011-1593\n CVE-2011-1598 CVE-2011-1745 CVE-2011-1746 CVE-2011-1748\n CVE-2011-1759 CVE-2011-1767 CVE-2011-1768 CVE-2011-1776\n CVE-2011-2022 CVE-2011-2182\nDebian Bug : 618485\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\nto a privilege escalation, denial of service or information leak. The Common\nVulnerabilities and Exposures project identifies the following problems:\n\nCVE-2010-2524\n\n David Howells reported an issue in the Common Internet File System (CIFS).\n Local users could cause arbitrary CIFS shares to be mounted by introducing\n malicious redirects.\n\nCVE-2010-3875\n\n Vasiliy Kulikov discovered an issue in the Linux implementation of the\n Amateur Radio AX.25 Level 2 protocol. Local users may obtain access to\n sensitive kernel memory.\n\nCVE-2010-4075\n\n Dan Rosenberg reported an issue in the tty layer that may allow local\n users to obtain access to sensitive kernel memory.\n\nCVE-2010-4655\n\n Kees Cook discovered several issues in the ethtool interface which may\n allow local users with the CAP_NET_ADMIN capability to obtain access to\n sensitive kernel memory.\n \nCVE-2011-0695\n\n Jens Kuehnel reported an issue in the InfiniBand stack. Remote attackers can\n exploit a race condition to cause a denial of service (kernel panic).\n\nCVE-2011-0710\n\n Al Viro reported an issue in the /proc/<pid>/status interface on the\n s390 architecture. Local users could gain access to sensitive memory\n in processes they do not own via the task_show_regs entry.\n\nCVE-2011-0711\n\n Dan Rosenberg reported an issue in the XFS filesystem. Local users may\n obtain access to sensitive kernel memory.\n\nCVE-2011-0726\n\n Kees Cook reported an issue in the /proc/pid/stat implementation. Local\n users could learn the text location of a process, defeating protections\n provided by address space layout randomization (ASLR).\n\nCVE-2011-1010\n\n Timo Warns reported an issue in the Linux support for Mac partition tables.\n Local users with physical access could cause a denial of service (panic)\n by adding a storage device with a malicious map_count value.\n \nCVE-2011-1012\n\n Timo Warns reported an issue in the Linux support for Mac partition tables.\n Local users with physical access could cause a denial of service (panic)\n by adding a storage device with a malicious map_count value.\n \nCVE-2011-1017\n \n Timo Warns reported an issue in the Linux support for LDM partition tables.\n Users with physical access can gain access to sensitive kernel memory or\n gain elevated privileges by adding a storage device with a specially\n crafted LDM partition.\n\nCVE-2011-1078\n\n Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users\n can obtain access to sensitive kernel memory.\n\nCVE-2011-1079\n\n Vasiliy Kulikov discovered an issue in the Bluetooth subsystem. Local users\n with the CAP_NET_ADMIN capability can cause a denial of service (kernel\n Oops).\n \nCVE-2011-1080\n\n Vasiliy Kulikov discovered an issue in the Netfilter subsystem. Local users\n can obtain access to sensitive kernel memory.\n\nCVE-2011-1090\n\n Neil Horman discovered a memory leak in the setacl() call on NFSv4\n filesystems. Local users can exploit this to cause a denial of service\n (Oops).\n\nCVE-2011-1093\n\n Johan Hovold reported an issue in the Datagram Congestion Control Protocol\n (DCCP) implementation. Remote users could cause a denial of service by\n sending data after closing a socket.\n\nCVE-2011-1160\n\n Peter Huewe reported an issue in the Linux kernel's support for TPM security\n chips. Local users with permission to open the device can gain access to\n sensitive kernel memory.\n\nCVE-2011-1163\n\n Timo Warns reported an issue in the kernel support for Alpha OSF format disk\n partitions. Users with physical access can gain access to sensitive kernel\n memory by adding a storage device with a specially crafted OSF partition.\n\nCVE-2011-1170\n\n Vasiliy Kulikov reported an issue in the Netfilter arp table\n implementation. Local users with the CAP_NET_ADMIN capability can gain\n access to sensitive kernel memory.\n\nCVE-2011-1171\n\n Vasiliy Kulikov reported an issue in the Netfilter IP table\n implementation. Local users with the CAP_NET_ADMIN capability can gain\n access to sensitive kernel memory.\n \nCVE-2011-1172\n\n Vasiliy Kulikov reported an issue in the Netfilter IP6 table\n implementation. Local users with the CAP_NET_ADMIN capability can gain\n access to sensitive kernel memory.\n \nCVE-2011-1173\n\n Vasiliy Kulikov reported an issue in the Acorn Econet protocol\n implementation. Local users can obtain access to sensitive kernel memory on\n systems that use this rare hardware.\n\nCVE-2011-1180\n\n Dan Rosenberg reported a buffer overflow in the Information Access Service\n of the IrDA protocol, used for Infrared devices. Remote attackers within IR\n device range can cause a denial of service or possibly gain elevated\n privileges.\n\nCVE-2011-1182\n\n Julien Tinnes reported an issue in the rt_sigqueueinfo interface. Local\n users can generate signals with falsified source pid and uid information.\n\nCVE-2011-1477\n\n Dan Rosenberg reported issues in the Open Sound System driver for cards that\n include a Yamaha FM synthesizer chip. Local users can cause memory\n corruption resulting in a denial of service. This issue does not affect\n official Debian Linux image packages as they no longer provide support for\n OSS. However, custom kernels built from Debians linux-source-2.6.32 may\n have enabled this configuration and would therefore be vulnerable.\n\nCVE-2011-1493\n\n Dan Rosenburg reported two issues in the Linux implementation of the\n Amateur Radio X.25 PLP (Rose) protocol. A remote user can cause a denial of\n service by providing specially crafted facilities fields.\n\nCVE-2011-1577\n\n Timo Warns reported an issue in the Linux support for GPT partition tables.\n Local users with physical access could cause a denial of service (Oops)\n by adding a storage device with a malicious partition table header.\n\nCVE-2011-1593\n\n Robert Swiecki reported a signednes issue in the next_pidmap() function,\n which can be exploited my local users to cause a denial of service.\n\nCVE-2011-1598\n\n Dave Jones reported an issue in the Broadcast Manager Controller Area\n Network (CAN/BCM) protocol that may allow local users to cause a NULL\n pointer dereference, resulting in a denial of service.\n\nCVE-2011-1745\n\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\n Local users can obtain elevated privileges or cause a denial of service due\n to missing bounds checking in the AGPIOC_BIND ioctl. On default Debian\n installations, this is exploitable only by users in the video group.\n\nCVE-2011-1746\n\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\n Local users can obtain elevated privileges or cause a denial of service\n due to missing bounds checking in the agp_allocate_memory and\n agp_create_user_memory. On default Debian installations, this is\n exploitable only by users in the video group.\n\nCVE-2011-1748\n\n Oliver Kartkopp reported an issue in the Controller Area Network (CAN) raw\n socket implementation which permits ocal users to cause a NULL pointer\n dereference, resulting in a denial of service.\n \nCVE-2011-1759\n\n Dan Rosenberg reported an issue in the support for executing "old ABI"\n binaries on ARM processors. Local users can obtain elevated privileges due\n to insufficient bounds checking in the semtimedop system call.\n\nCVE-2011-1767\n\n Alexecy Dobriyan reported an issue in the GRE over IP implementation.\n Remote users can cause a denial of service by sending a packet during\n module initialization.\n\nCVE-2011-1768\n\n Alexecy Dobriyan reported an issue in the IP tunnels implementation.\n Remote users can cause a denial of service by sending a packet during\n module initialization.\n\nCVE-2011-1776\n\n Timo Warns reported an issue in the Linux implementation for GUID\n partitions. Users with physical access can gain access to sensitive kernel\n memory by adding a storage device with a specially crafted corrupted\n invalid partition table.\n\nCVE-2011-2022\n\n Vasiliy Kulikov reported an issue in the Linux support for AGP devices.\n Local users can obtain elevated privileges or cause a denial of service due\n to missing bounds checking in the AGPIOC_UNBIND ioctl. On default Debian\n installations, this is exploitable only by users in the video group.\n\nCVE-2011-2182\n\n Ben Hutchings reported an issue with the fix for CVE-2011-1017 (see above)\n that made it insufficient to resolve the issue.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 2.6.26-26lenny3. Updates for arm and hppa are not yet available,\nbut will be released as soon as possible.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 5.0 (lenny)\n user-mode-linux 2.6.26-1um-2+26lenny3\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\nThese updates will not become active until after your system is rebooted.\n\nNote: Debian carefully tracks all known security issues across every\nlinux kernel package in all releases under active security support.\nHowever, given the high frequency at which low-severity security\nissues are discovered in the kernel and the resource requirements of\ndoing an update, updates for lower priority issues will normally not\nbe released for all kernels at the same time. Rather, they will be\nreleased in a staggered or "leap-frog" fashion.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2011-06-19T01:11:59", "published": "2011-06-19T01:11:59", "id": "DEBIAN:DSA-2264-1:87A7B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00134.html", "title": "[SECURITY] [DSA 2264-1] linux-2.6 security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2962", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-3880", "CVE-2010-3904", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4668", "CVE-2011-1494", "CVE-2011-1495", "CVE-2011-1745", "CVE-2011-1746", "CVE-2011-1770"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2011-06-11T04:22:38", "published": "2011-06-11T04:22:38", "id": "FEDORA:13309110B4E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: kernel-2.6.35.13-92.fc14", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2962", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-3880", "CVE-2010-3904", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4668", "CVE-2011-1494", "CVE-2011-1495", "CVE-2011-1598", "CVE-2011-1745", "CVE-2011-1746", "CVE-2011-1748", "CVE-2011-1770", "CVE-2011-2183", "CVE-2011-2213", "CVE-2011-2484", "CVE-2011-2497", "CVE-2011-2517", "CVE-2011-2695", "CVE-2011-2699", "CVE-2011-2905"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2011-08-23T04:37:17", "published": "2011-08-23T04:37:17", "id": "FEDORA:8785411086D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: kernel-2.6.35.14-95.fc14", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-2962", "CVE-2010-2963", "CVE-2010-3698", "CVE-2010-3880", "CVE-2010-3904", "CVE-2010-4072", "CVE-2010-4073", "CVE-2010-4668", "CVE-2011-1079", "CVE-2011-1478", "CVE-2011-1494", "CVE-2011-1495", "CVE-2011-1745", "CVE-2011-1746"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2011-05-09T20:58:33", "published": "2011-05-09T20:58:33", "id": "FEDORA:7AE2C1106A7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: kernel-2.6.35.13-91.fc14", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
