Ubuntu Update for linux-lts-backport-maverick USN-1387-1
2012-03-07T00:00:00
ID OPENVAS:1361412562310840912 Type openvas Reporter Copyright (c) 2012 Greenbone Networks GmbH Modified 2019-03-13T00:00:00
Description
Ubuntu Update for Linux kernel vulnerabilities USN-1387-1
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_ubuntu_USN_1387_1.nasl 14132 2019-03-13 09:25:59Z cfischer $
#
# Ubuntu Update for linux-lts-backport-maverick USN-1387-1
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_xref(name:"URL", value:"http://www.ubuntu.com/usn/usn-1387-1/");
script_oid("1.3.6.1.4.1.25623.1.0.840912");
script_version("$Revision: 14132 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $");
script_tag(name:"creation_date", value:"2012-03-07 11:19:13 +0530 (Wed, 07 Mar 2012)");
script_cve_id("CVE-2011-1927", "CVE-2011-0716", "CVE-2011-3353", "CVE-2011-3619",
"CVE-2011-4622", "CVE-2012-0038", "CVE-2012-0044");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_xref(name:"USN", value:"1387-1");
script_name("Ubuntu Update for linux-lts-backport-maverick USN-1387-1");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
script_family("Ubuntu Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=UBUNTU10\.04 LTS");
script_tag(name:"summary", value:"Ubuntu Update for Linux kernel vulnerabilities USN-1387-1");
script_tag(name:"affected", value:"linux-lts-backport-maverick on Ubuntu 10.04 LTS");
script_tag(name:"solution", value:"Please Install the Updated Packages.");
script_tag(name:"insight", value:"Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's
handling of IPv4 icmp packets. A remote user could exploit this to cause a
denial of service. (CVE-2011-1927)
A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet
Group Management Protocol) packets. An unprivileged local user could
exploit this flaw to crash the system. (CVE-2011-0716)
Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user
who can mount a FUSE file system could cause a denial of service.
(CVE-2011-3353)
A flaw was discovered in the Linux kernel's AppArmor security interface
when invalid information was written to it. An unprivileged local user
could use this to cause a denial of service on the system. (CVE-2011-3619)
A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual
interrupt control is not available a local user could use this to cause a
denial of service by starting a timer. (CVE-2011-4622)
A flaw was discovered in the XFS filesystem. If a local user mounts a
specially crafted XFS image it could potential execute arbitrary code on
the system. (CVE-2012-0038)
Chen Haogang discovered an integer overflow that could result in memory
corruption. A local unprivileged user could use this to crash the system.
(CVE-2012-0044)");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "UBUNTU10.04 LTS")
{
if ((res = isdpkgvuln(pkg:"linux-image-2.6.35-32-generic", ver:"2.6.35-32.66~lucid1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.35-32-generic-pae", ver:"2.6.35-32.66~lucid1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.35-32-server", ver:"2.6.35-32.66~lucid1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isdpkgvuln(pkg:"linux-image-2.6.35-32-virtual", ver:"2.6.35-32.66~lucid1", rls:"UBUNTU10.04 LTS")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310840912", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for linux-lts-backport-maverick USN-1387-1", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1387-1", "published": "2012-03-07T00:00:00", "modified": "2019-03-13T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840912", "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["1387-1", "http://www.ubuntu.com/usn/usn-1387-1/"], "cvelist": ["CVE-2012-0044", "CVE-2011-3619", "CVE-2011-0716", "CVE-2011-3353", "CVE-2011-1927", "CVE-2011-4622", "CVE-2012-0038"], "lastseen": "2019-05-29T18:39:23", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "ubuntu", "idList": ["USN-1379-1", "USN-1362-1", "USN-1356-1", "USN-1389-1", "USN-1363-1", "USN-1386-1", "USN-1394-1", "USN-1387-1", "USN-1388-1", "USN-1361-1"]}, {"type": "openvas", "idList": ["OPENVAS:840893", "OPENVAS:1361412562310840920", "OPENVAS:1361412562310840904", "OPENVAS:840920", "OPENVAS:840904", "OPENVAS:1361412562310840927", "OPENVAS:1361412562310840893", "OPENVAS:840912", "OPENVAS:840911", "OPENVAS:1361412562310840911"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1362-1.NASL", "UBUNTU_USN-1361-1.NASL", "REDHAT-RHSA-2012-1042.NASL", "UBUNTU_USN-1386-1.NASL", "UBUNTU_USN-1388-1.NASL", "UBUNTU_USN-1379-1.NASL", "UBUNTU_USN-1387-1.NASL", "UBUNTU_USN-1356-1.NASL", "UBUNTU_USN-1394-1.NASL", "UBUNTU_USN-1363-1.NASL"]}, {"type": "cve", "idList": ["CVE-2011-1927", "CVE-2011-3619", "CVE-2011-4622", "CVE-2011-0716", "CVE-2011-3353", "CVE-2012-0038", "CVE-2012-0044"]}, {"type": "seebug", "idList": ["SSV:30016", "SSV:26098", "SSV:23111", "SSV:30158", "SSV:30113", "SSV:20576"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12151", "SECURITYVULNS:VULN:12199"]}, {"type": "redhat", "idList": ["RHSA-2012:0051", "RHSA-2012:1042"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0051", "ELSA-2012-2003"]}, {"type": "centos", "idList": ["CESA-2012:0051"]}, {"type": "suse", "idList": ["SUSE-SU-2011:1100-1", "SUSE-SA:2011:041", "SUSE-SU-2011:1101-1"]}], "modified": "2019-05-29T18:39:23", "rev": 2}, "score": {"value": 8.0, "vector": "NONE", "modified": "2019-05-29T18:39:23", "rev": 2}, "vulnersScore": 8.0}, "pluginID": "1361412562310840912", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1387_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-lts-backport-maverick USN-1387-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1387-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840912\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:13 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-1927\", \"CVE-2011-0716\", \"CVE-2011-3353\", \"CVE-2011-3619\",\n \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1387-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-maverick USN-1387-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1387-1\");\n script_tag(name:\"affected\", value:\"linux-lts-backport-maverick on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's\n handling of IPv4 icmp packets. A remote user could exploit this to cause a\n denial of service. (CVE-2011-1927)\n\n A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet\n Group Management Protocol) packets. An unprivileged local user could\n exploit this flaw to crash the system. (CVE-2011-0716)\n\n Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A flaw was discovered in the Linux kernel's AppArmor security interface\n when invalid information was written to it. An unprivileged local user\n could use this to cause a denial of service on the system. (CVE-2011-3619)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic\", ver:\"2.6.35-32.66~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic-pae\", ver:\"2.6.35-32.66~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-server\", ver:\"2.6.35-32.66~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-virtual\", ver:\"2.6.35-32.66~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}
{"ubuntu": [{"lastseen": "2020-07-08T23:41:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0044", "CVE-2011-3619", "CVE-2011-0716", "CVE-2011-3353", "CVE-2011-1927", "CVE-2011-4622", "CVE-2012-0038"], "description": "Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's \nhandling of IPv4 icmp packets. A remote user could exploit this to cause a \ndenial of service. (CVE-2011-1927)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet \nGroup Management Protocol) packets. An unprivileged local user could \nexploit this flaw to crash the system. (CVE-2011-0716)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user \nwho can mount a FUSE file system could cause a denial of service. \n(CVE-2011-3353)\n\nA flaw was discovered in the Linux kernel's AppArmor security interface \nwhen invalid information was written to it. An unprivileged local user \ncould use this to cause a denial of service on the system. (CVE-2011-3619)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in memory \ncorruption. A local unprivileged user could use this to crash the system. \n(CVE-2012-0044)", "edition": 5, "modified": "2012-03-06T00:00:00", "published": "2012-03-06T00:00:00", "id": "USN-1387-1", "href": "https://ubuntu.com/security/notices/USN-1387-1", "title": "Linux kernel (Maverick backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T01:37:17", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0044", "CVE-2011-3353", "CVE-2011-4622", "CVE-2012-0038"], "description": "Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user \nwho can mount a FUSE file system could cause a denial of service. \n(CVE-2011-3353)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in memory \ncorruption. A local unprivileged user could use this to crash the system. \n(CVE-2012-0044)", "edition": 5, "modified": "2012-02-13T00:00:00", "published": "2012-02-13T00:00:00", "id": "USN-1361-1", "href": "https://ubuntu.com/security/notices/USN-1361-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:24:31", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0044", "CVE-2011-3353", "CVE-2011-4622", "CVE-2012-0038"], "description": "Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user \nwho can mount a FUSE file system could cause a denial of service. \n(CVE-2011-3353)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in memory \ncorruption. A local unprivileged user could use this to crash the system. \n(CVE-2012-0044)", "edition": 5, "modified": "2012-02-13T00:00:00", "published": "2012-02-13T00:00:00", "id": "USN-1362-1", "href": "https://ubuntu.com/security/notices/USN-1362-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:39:06", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3619", "CVE-2011-0716", "CVE-2011-1927"], "description": "Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's \nhandling of IPv4 icmp packets. A remote user could exploit this to cause a \ndenial of service. (CVE-2011-1927)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet \nGroup Management Protocol) packets. An unprivileged local user could \nexploit this flaw to crash the system. (CVE-2011-0716)\n\nA flaw was discovered in the Linux kernel's AppArmor security interface \nwhen invalid information was written to it. An unprivileged local user \ncould use this to cause a denial of service on the system. (CVE-2011-3619)", "edition": 5, "modified": "2012-02-28T00:00:00", "published": "2012-02-28T00:00:00", "id": "USN-1379-1", "href": "https://ubuntu.com/security/notices/USN-1379-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-09T01:31:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0044", "CVE-2012-0207", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "The linux kernel did not properly account for PTE pages when deciding which \ntask to kill in out of memory conditions. A local, unprivileged could \nexploit this flaw to cause a denial of service. (CVE-2011-2498)\n\nA flaw was discovered in the TOMOYO LSM's handling of mount system calls. \nAn unprivileged user could oops the system causing a denial of service. \n(CVE-2011-2518)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user \nwho can mount a FUSE file system could cause a denial of service. \n(CVE-2011-3353)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of \nmemory) scores, that would result in the wrong process being killed. A user \ncould use this to kill the process with the highest OOM score, even if that \nprocess belongs to another user or the system. (CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in memory \ncorruption. A local unprivileged user could use this to crash the system. \n(CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)", "edition": 5, "modified": "2012-03-06T00:00:00", "published": "2012-03-06T00:00:00", "id": "USN-1386-1", "href": "https://ubuntu.com/security/notices/USN-1386-1", "title": "Linux kernel (Natty backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:20:21", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4621", "CVE-2011-1476", "CVE-2012-0044", "CVE-2011-0006", "CVE-2011-1759", "CVE-2011-2182", "CVE-2010-4650", "CVE-2011-3619", "CVE-2011-0716", "CVE-2010-4250", "CVE-2011-1477", "CVE-2011-1927", "CVE-2012-0038"], "description": "Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's \nhandling of IPv4 icmp packets. A remote user could exploit this to cause a \ndenial of service. (CVE-2011-1927)\n\nVegard Nossum discovered a leak in the kernel's inotify_init() system call. \nA local, unprivileged user could exploit this to cause a denial of service. \n(CVE-2010-4250)\n\nAn error was discovered in the kernel's handling of CUSE (Character device \nin Userspace). A local attacker might exploit this flaw to escalate \nprivilege, if access to /dev/cuse has been modified to allow non-root \nusers. (CVE-2010-4650)\n\nA flaw was found in the kernel's Integrity Measurement Architecture (IMA). \nChanges made by an attacker might not be discovered by IMA, if SELinux was \ndisabled, and a new IMA rule was loaded. (CVE-2011-0006)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet \nGroup Management Protocol) packets. An unprivileged local user could \nexploit this flaw to crash the system. (CVE-2011-0716)\n\nDan Rosenberg reported errors in the OSS (Open Sound System) MIDI \ninterface. A local attacker on non-x86 systems might be able to cause a \ndenial of service. (CVE-2011-1476)\n\nDan Rosenberg reported errors in the kernel's OSS (Open Sound System) \ndriver for Yamaha FM synthesizer chips. A local user can exploit this to \ncause memory corruption, causing a denial of service or privilege \nescalation. (CVE-2011-1477)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of ARM \nkernels. A local attacker could exploit this flaw to cause a denial of \nservice or gain root privileges. (CVE-2011-1759)\n\nBen Hutchings reported a flaw in the kernel's handling of corrupt LDM \npartitions. A local user could exploit this to cause a denial of service or \nescalate privileges. (CVE-2011-2182)\n\nA flaw was discovered in the Linux kernel's AppArmor security interface \nwhen invalid information was written to it. An unprivileged local user \ncould use this to cause a denial of service on the system. (CVE-2011-3619)\n\nIt was discovered that some import kernel threads can be blocked by a user \nlevel process. An unprivileged local user could exploit this flaw to cause \na denial of service. (CVE-2011-4621)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in memory \ncorruption. A local unprivileged user could use this to crash the system. \n(CVE-2012-0044)", "edition": 5, "modified": "2012-03-07T00:00:00", "published": "2012-03-07T00:00:00", "id": "USN-1394-1", "href": "https://ubuntu.com/security/notices/USN-1394-1", "title": "linux-ti-omap4 vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:33:40", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0044", "CVE-2012-0207", "CVE-2012-0038"], "description": "A flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in memory \ncorruption. A local unprivileged user could use this to crash the system. \n(CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)", "edition": 5, "modified": "2012-02-06T00:00:00", "published": "2012-02-06T00:00:00", "id": "USN-1356-1", "href": "https://ubuntu.com/security/notices/USN-1356-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:26:08", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4127", "CVE-2012-2100", "CVE-2011-4622", "CVE-2012-0038"], "description": "Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl \ncommand. A local user, or user in a VM could exploit this flaw to bypass \nrestrictions and gain read/write access to all data on the affected block \ndevice. (CVE-2011-4127)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting a \ncorrupt filesystem. A user-assisted remote attacker could exploit this flaw \nto cause a denial of service. (CVE-2012-2100)", "edition": 5, "modified": "2012-03-06T00:00:00", "published": "2012-03-06T00:00:00", "id": "USN-1389-1", "href": "https://ubuntu.com/security/notices/USN-1389-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-08T23:39:25", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4127", "CVE-2012-2100", "CVE-2011-4622", "CVE-2012-0038"], "description": "Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl \ncommand. A local user, or user in a VM could exploit this flaw to bypass \nrestrictions and gain read/write access to all data on the affected block \ndevice. (CVE-2011-4127)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting a \ncorrupt filesystem. A user-assisted remote attacker could exploit this flaw \nto cause a denial of service. (CVE-2012-2100)", "edition": 5, "modified": "2012-03-06T00:00:00", "published": "2012-03-06T00:00:00", "id": "USN-1388-1", "href": "https://ubuntu.com/security/notices/USN-1388-1", "title": "Linux kernel (EC2) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-08T23:30:27", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "A bug was discovered in the Linux kernel's calculation of OOM (Out of \nmemory) scores, that would result in the wrong process being killed. A user \ncould use this to kill the process with the highest OOM score, even if that \nprocess belongs to another user or the system. (CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not doing the \nextended permission checks needed by cgroups and Linux Security Modules \n(LSMs). A local user could exploit this to by-pass security policy and \naccess files that should not be accessible. (CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)", "edition": 5, "modified": "2012-02-13T00:00:00", "published": "2012-02-13T00:00:00", "id": "USN-1363-1", "href": "https://ubuntu.com/security/notices/USN-1363-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2017-12-04T11:20:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2011-3619", "CVE-2011-0716", "CVE-2011-3353", "CVE-2011-1927", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1387-1", "modified": "2017-12-01T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:840912", "href": "http://plugins.openvas.org/nasl.php?oid=840912", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-maverick USN-1387-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1387_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-lts-backport-maverick USN-1387-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's\n handling of IPv4 icmp packets. A remote user could exploit this to cause a\n denial of service. (CVE-2011-1927)\n\n A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet\n Group Management Protocol) packets. An unprivileged local user could\n exploit this flaw to crash the system. (CVE-2011-0716)\n\n Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A flaw was discovered in the Linux kernel's AppArmor security interface\n when invalid information was written to it. An unprivileged local user\n could use this to cause a denial of service on the system. (CVE-2011-3619)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1387-1\";\ntag_affected = \"linux-lts-backport-maverick on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1387-1/\");\n script_id(840912);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:13 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-1927\", \"CVE-2011-0716\", \"CVE-2011-3353\", \"CVE-2011-3619\",\n \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1387-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-maverick USN-1387-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic\", ver:\"2.6.35-32.66~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic-pae\", ver:\"2.6.35-32.66~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-server\", ver:\"2.6.35-32.66~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-virtual\", ver:\"2.6.35-32.66~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2011-3353", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1361-1", "modified": "2019-03-13T00:00:00", "published": "2012-02-21T00:00:00", "id": "OPENVAS:1361412562310840904", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840904", "type": "openvas", "title": "Ubuntu Update for linux USN-1361-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1361_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1361-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1361-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840904\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 19:00:40 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2011-3353\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1361-1\");\n script_name(\"Ubuntu Update for linux USN-1361-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1361-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic-pae\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-omap\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc-smp\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc64-smp\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-server\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-versatile\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-virtual\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:20:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2011-3353", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1361-1", "modified": "2017-12-01T00:00:00", "published": "2012-02-21T00:00:00", "id": "OPENVAS:840904", "href": "http://plugins.openvas.org/nasl.php?oid=840904", "type": "openvas", "title": "Ubuntu Update for linux USN-1361-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1361_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1361-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1361-1\";\ntag_affected = \"linux on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1361-1/\");\n script_id(840904);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 19:00:40 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2011-3353\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1361-1\");\n script_name(\"Ubuntu Update for linux USN-1361-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic-pae\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-omap\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc-smp\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc64-smp\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-server\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-versatile\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-virtual\", ver:\"2.6.35-32.65\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:19:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2011-3353", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1362-1", "modified": "2017-12-01T00:00:00", "published": "2012-02-21T00:00:00", "id": "OPENVAS:840893", "href": "http://plugins.openvas.org/nasl.php?oid=840893", "type": "openvas", "title": "Ubuntu Update for linux USN-1362-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1362_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1362-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1362-1\";\ntag_affected = \"linux on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1362-1/\");\n script_id(840893);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:58:55 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2011-3353\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"USN\", value: \"1362-1\");\n script_name(\"Ubuntu Update for linux USN-1362-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic-pae\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-omap\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc-smp\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc64-smp\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-server\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-versatile\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-virtual\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2011-3353", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1362-1", "modified": "2019-03-13T00:00:00", "published": "2012-02-21T00:00:00", "id": "OPENVAS:1361412562310840893", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840893", "type": "openvas", "title": "Ubuntu Update for linux USN-1362-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1362_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1362-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1362-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840893\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:58:55 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2011-3353\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"USN\", value:\"1362-1\");\n script_name(\"Ubuntu Update for linux USN-1362-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.04\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1362-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic-pae\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-omap\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc-smp\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc64-smp\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-server\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-versatile\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-virtual\", ver:\"2.6.38-13.55\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-12-04T11:19:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3619", "CVE-2011-0716", "CVE-2011-1927"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1379-1", "modified": "2017-12-01T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:840911", "href": "http://plugins.openvas.org/nasl.php?oid=840911", "type": "openvas", "title": "Ubuntu Update for linux USN-1379-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1379_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1379-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's\n handling of IPv4 icmp packets. A remote user could exploit this to cause a\n denial of service. (CVE-2011-1927)\n\n A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet\n Group Management Protocol) packets. An unprivileged local user could\n exploit this flaw to crash the system. (CVE-2011-0716)\n\n A flaw was discovered in the Linux kernel's AppArmor security interface\n when invalid information was written to it. An unprivileged local user\n could use this to cause a denial of service on the system. (CVE-2011-3619)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1379-1\";\ntag_affected = \"linux on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1379-1/\");\n script_id(840911);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:10 +0530 (Wed, 07 Mar 2012)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1927\", \"CVE-2011-0716\", \"CVE-2011-3619\");\n script_xref(name: \"USN\", value: \"1379-1\");\n script_name(\"Ubuntu Update for linux USN-1379-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic-pae\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-omap\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc-smp\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc64-smp\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-server\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-versatile\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-virtual\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3619", "CVE-2011-0716", "CVE-2011-1927"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1379-1", "modified": "2019-03-13T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:1361412562310840911", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840911", "type": "openvas", "title": "Ubuntu Update for linux USN-1379-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1379_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1379-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1379-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840911\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:10 +0530 (Wed, 07 Mar 2012)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-1927\", \"CVE-2011-0716\", \"CVE-2011-3619\");\n script_xref(name:\"USN\", value:\"1379-1\");\n script_name(\"Ubuntu Update for linux USN-1379-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.10\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1379-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 10.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's\n handling of IPv4 icmp packets. A remote user could exploit this to cause a\n denial of service. (CVE-2011-1927)\n\n A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet\n Group Management Protocol) packets. An unprivileged local user could\n exploit this flaw to crash the system. (CVE-2011-0716)\n\n A flaw was discovered in the Linux kernel's AppArmor security interface\n when invalid information was written to it. An unprivileged local user\n could use this to cause a denial of service on the system. (CVE-2011-3619)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-generic-pae\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-omap\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc-smp\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-powerpc64-smp\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-server\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-versatile\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-32-virtual\", ver:\"2.6.35-32.66\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0044", "CVE-2012-0207", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1386-1", "modified": "2019-03-13T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:1361412562310840920", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840920", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-natty USN-1386-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1386_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-lts-backport-natty USN-1386-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1386-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840920\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:56 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-3353\", \"CVE-2011-4097\",\n \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1386-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-natty USN-1386-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1386-1\");\n script_tag(name:\"affected\", value:\"linux-lts-backport-natty on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The linux kernel did not properly account for PTE pages when deciding which\n task to kill in out of memory conditions. A local, unprivileged could\n exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\n A flaw was discovered in the TOMOYO LSM's handling of mount system calls.\n An unprivileged user could oops the system causing a denial of service.\n (CVE-2011-2518)\n\n Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A bug was discovered in the Linux kernel's calculation of OOM (Out of\n memory) scores, that would result in the wrong process being killed. A user\n could use this to kill the process with the highest OOM score, even if that\n process belongs to another user or the system. (CVE-2011-4097)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\n\n A flaw was found in the linux kernels IPv4 IGMP query processing. A remote\n attacker could exploit this to cause a denial of service. (CVE-2012-0207)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic-pae\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-server\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-virtual\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:20:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0044", "CVE-2012-0207", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1386-1", "modified": "2017-12-01T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:840920", "href": "http://plugins.openvas.org/nasl.php?oid=840920", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-natty USN-1386-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1386_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-lts-backport-natty USN-1386-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The linux kernel did not properly account for PTE pages when deciding which\n task to kill in out of memory conditions. A local, unprivileged could\n exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\n A flaw was discovered in the TOMOYO LSM's handling of mount system calls.\n An unprivileged user could oops the system causing a denial of service.\n (CVE-2011-2518)\n\n Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A bug was discovered in the Linux kernel's calculation of OOM (Out of\n memory) scores, that would result in the wrong process being killed. A user\n could use this to kill the process with the highest OOM score, even if that\n process belongs to another user or the system. (CVE-2011-4097)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\n\n A flaw was found in the linux kernels IPv4 IGMP query processing. A remote\n attacker could exploit this to cause a denial of service. (CVE-2012-0207)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1386-1\";\ntag_affected = \"linux-lts-backport-natty on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1386-1/\");\n script_id(840920);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:56 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-3353\", \"CVE-2011-4097\",\n \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1386-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-natty USN-1386-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic-pae\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-server\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-virtual\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:21:10", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4621", "CVE-2011-1476", "CVE-2012-0044", "CVE-2011-0006", "CVE-2011-1759", "CVE-2011-2182", "CVE-2010-4650", "CVE-2011-3619", "CVE-2011-0716", "CVE-2010-4250", "CVE-2011-1477", "CVE-2011-1927", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1394-1", "modified": "2017-12-01T00:00:00", "published": "2012-03-09T00:00:00", "id": "OPENVAS:840927", "href": "http://plugins.openvas.org/nasl.php?oid=840927", "type": "openvas", "title": "Ubuntu Update for linux-ti-omap4 USN-1394-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1394_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-ti-omap4 USN-1394-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's\n handling of IPv4 icmp packets. A remote user could exploit this to cause a\n denial of service. (CVE-2011-1927)\n\n Vegard Nossum discovered a leak in the kernel's inotify_init() system call.\n A local, unprivileged user could exploit this to cause a denial of service.\n (CVE-2010-4250)\n\n An error was discovered in the kernel's handling of CUSE (Character device\n in Userspace). A local attacker might exploit this flaw to escalate\n privilege, if access to /dev/cuse has been modified to allow non-root\n users. (CVE-2010-4650)\n\n A flaw was found in the kernel's Integrity Measurement Architecture (IMA).\n Changes made by an attacker might not be discovered by IMA, if SELinux was\n disabled, and a new IMA rule was loaded. (CVE-2011-0006)\n\n A flaw was found in the Linux Ethernet bridge's handling of IGMP (Internet\n Group Management Protocol) packets. An unprivileged local user could\n exploit this flaw to crash the system. (CVE-2011-0716)\n\n Dan Rosenberg reported errors in the OSS (Open Sound System) MIDI\n interface. A local attacker on non-x86 systems might be able to cause a\n denial of service. (CVE-2011-1476)\n\n Dan Rosenberg reported errors in the kernel's OSS (Open Sound System)\n driver for Yamaha FM synthesizer chips. A local user can exploit this to\n cause memory corruption, causing a denial of service or privilege\n escalation. (CVE-2011-1477)\n\n Dan Rosenberg reported an error in the old ABI compatibility layer of ARM\n kernels. A local attacker could exploit this flaw to cause a denial of\n service or gain root privileges. (CVE-2011-1759)\n\n Ben Hutchings reported a flaw in the kernel's handling of corrupt LDM\n partitions. A local user could exploit this to cause a denial of service or\n escalate privileges. (CVE-2011-2182)\n\n A flaw was discovered in the Linux kernel's AppArmor security interface\n when invalid information was written to it. An unprivileged local user\n could use this to cause a denial of service on the system. (CVE-2011-3619)\n\n It was discovered that some import kernel threads can be blocked by a user\n level process. An unprivileged local user could exploit this flaw to cause\n a denial of service. (CVE-2011-4621)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1394-1\";\ntag_affected = \"linux-ti-omap4 on Ubuntu 10.10\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1394-1/\");\n script_id(840927);\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-09 10:26:06 +0530 (Fri, 09 Mar 2012)\");\n script_cve_id(\"CVE-2011-1927\", \"CVE-2010-4250\", \"CVE-2010-4650\", \"CVE-2011-0006\",\n \"CVE-2011-0716\", \"CVE-2011-1476\", \"CVE-2011-1477\", \"CVE-2011-1759\",\n \"CVE-2011-2182\", \"CVE-2011-3619\", \"CVE-2011-4621\", \"CVE-2012-0038\",\n \"CVE-2012-0044\");\n script_xref(name: \"USN\", value: \"1394-1\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-1394-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.35-903-omap4\", ver:\"2.6.35-903.32\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-02-01T07:14:52", "description": "Aristide Fattori and Roberto Paleari reported a flaw in the Linux\nkernel's handling of IPv4 icmp packets. A remote user could exploit\nthis to cause a denial of service. (CVE-2011-1927)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP\n(Internet Group Management Protocol) packets. An unprivileged local\nuser could exploit this flaw to crash the system. (CVE-2011-0716)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA flaw was discovered in the Linux kernel's AppArmor security\ninterface when invalid information was written to it. An unprivileged\nlocal user could use this to cause a denial of service on the system.\n(CVE-2011-3619)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2012-03-07T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1387-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2011-3619", "CVE-2011-0716", "CVE-2011-3353", "CVE-2011-1927", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1387-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58268", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1387-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58268);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-0716\", \"CVE-2011-1927\", \"CVE-2011-3353\", \"CVE-2011-3619\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_bugtraq_id(46433, 47872, 49527, 50172, 51371);\n script_xref(name:\"USN\", value:\"1387-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-maverick vulnerabilities (USN-1387-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Aristide Fattori and Roberto Paleari reported a flaw in the Linux\nkernel's handling of IPv4 icmp packets. A remote user could exploit\nthis to cause a denial of service. (CVE-2011-1927)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP\n(Internet Group Management Protocol) packets. An unprivileged local\nuser could exploit this flaw to crash the system. (CVE-2011-0716)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA flaw was discovered in the Linux kernel's AppArmor security\ninterface when invalid information was written to it. An unprivileged\nlocal user could use this to cause a denial of service on the system.\n(CVE-2011-3619)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1387-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-0716\", \"CVE-2011-1927\", \"CVE-2011-3353\", \"CVE-2011-3619\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1387-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.35-32-generic\", pkgver:\"2.6.35-32.66~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.35-32-generic-pae\", pkgver:\"2.6.35-32.66~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.35-32-server\", pkgver:\"2.6.35-32.66~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.35-32-virtual\", pkgver:\"2.6.35-32.66~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T07:14:45", "description": "Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2012-02-14T00:00:00", "title": "Ubuntu 11.04 : linux vulnerabilities (USN-1362-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2011-3353", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:11.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1362-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57936", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1362-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57936);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-3353\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_bugtraq_id(49527, 51371);\n script_xref(name:\"USN\", value:\"1362-1\");\n\n script_name(english:\"Ubuntu 11.04 : linux vulnerabilities (USN-1362-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1362-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-3353\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1362-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-generic\", pkgver:\"2.6.38-13.55\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-generic-pae\", pkgver:\"2.6.38-13.55\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-server\", pkgver:\"2.6.38-13.55\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-versatile\", pkgver:\"2.6.38-13.55\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-virtual\", pkgver:\"2.6.38-13.55\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T07:14:45", "description": "Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2012-02-14T00:00:00", "title": "Ubuntu 10.10 : linux vulnerabilities (USN-1361-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2011-3353", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1361-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57935", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1361-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57935);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-3353\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_bugtraq_id(49527, 51371);\n script_xref(name:\"USN\", value:\"1361-1\");\n\n script_name(english:\"Ubuntu 10.10 : linux vulnerabilities (USN-1361-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1361-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-3353\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1361-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-generic\", pkgver:\"2.6.35-32.65\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-generic-pae\", pkgver:\"2.6.35-32.65\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-server\", pkgver:\"2.6.35-32.65\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-versatile\", pkgver:\"2.6.35-32.65\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-virtual\", pkgver:\"2.6.35-32.65\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T07:14:50", "description": "Aristide Fattori and Roberto Paleari reported a flaw in the Linux\nkernel's handling of IPv4 icmp packets. A remote user could exploit\nthis to cause a denial of service. (CVE-2011-1927)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP\n(Internet Group Management Protocol) packets. An unprivileged local\nuser could exploit this flaw to crash the system. (CVE-2011-0716)\n\nA flaw was discovered in the Linux kernel's AppArmor security\ninterface when invalid information was written to it. An unprivileged\nlocal user could use this to cause a denial of service on the system.\n(CVE-2011-3619).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2012-02-29T00:00:00", "title": "Ubuntu 10.10 : linux vulnerabilities (USN-1379-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3619", "CVE-2011-0716", "CVE-2011-1927"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1379-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58169", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1379-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58169);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-0716\", \"CVE-2011-1927\", \"CVE-2011-3619\");\n script_bugtraq_id(46433, 47872, 50172);\n script_xref(name:\"USN\", value:\"1379-1\");\n\n script_name(english:\"Ubuntu 10.10 : linux vulnerabilities (USN-1379-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Aristide Fattori and Roberto Paleari reported a flaw in the Linux\nkernel's handling of IPv4 icmp packets. A remote user could exploit\nthis to cause a denial of service. (CVE-2011-1927)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP\n(Internet Group Management Protocol) packets. An unprivileged local\nuser could exploit this flaw to crash the system. (CVE-2011-0716)\n\nA flaw was discovered in the Linux kernel's AppArmor security\ninterface when invalid information was written to it. An unprivileged\nlocal user could use this to cause a denial of service on the system.\n(CVE-2011-3619).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1379-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-0716\", \"CVE-2011-1927\", \"CVE-2011-3619\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1379-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-generic\", pkgver:\"2.6.35-32.66\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-generic-pae\", pkgver:\"2.6.35-32.66\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-server\", pkgver:\"2.6.35-32.66\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-versatile\", pkgver:\"2.6.35-32.66\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-32-virtual\", pkgver:\"2.6.35-32.66\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T19:11:13", "description": "The linux kernel did not properly account for PTE pages when deciding\nwhich task to kill in out of memory conditions. A local, unprivileged\ncould exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\nA flaw was discovered in the TOMOYO LSM's handling of mount system\ncalls. An unprivileged user could oops the system causing a denial of\nservice. (CVE-2011-2518)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2012-03-07T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1386-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0044", "CVE-2012-0207", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2012-03-07T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1386-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58267", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1386-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58267);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/26\");\n\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-3353\", \"CVE-2011-4097\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n script_bugtraq_id(49527, 50459, 51343, 51371, 52202);\n script_xref(name:\"USN\", value:\"1386-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1386-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The linux kernel did not properly account for PTE pages when deciding\nwhich task to kill in out of memory conditions. A local, unprivileged\ncould exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\nA flaw was discovered in the TOMOYO LSM's handling of mount system\ncalls. An unprivileged user could oops the system causing a denial of\nservice. (CVE-2011-2518)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1386-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-3353\", \"CVE-2011-4097\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1386-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-generic\", pkgver:\"2.6.38-13.56~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-generic-pae\", pkgver:\"2.6.38-13.56~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-server\", pkgver:\"2.6.38-13.56~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-virtual\", pkgver:\"2.6.38-13.56~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-02-01T07:14:54", "description": "Aristide Fattori and Roberto Paleari reported a flaw in the Linux\nkernel's handling of IPv4 icmp packets. A remote user could exploit\nthis to cause a denial of service. (CVE-2011-1927)\n\nVegard Nossum discovered a leak in the kernel's inotify_init() system\ncall. A local, unprivileged user could exploit this to cause a denial\nof service. (CVE-2010-4250)\n\nAn error was discovered in the kernel's handling of CUSE (Character\ndevice in Userspace). A local attacker might exploit this flaw to\nescalate privilege, if access to /dev/cuse has been modified to allow\nnon-root users. (CVE-2010-4650)\n\nA flaw was found in the kernel's Integrity Measurement Architecture\n(IMA). Changes made by an attacker might not be discovered by IMA, if\nSELinux was disabled, and a new IMA rule was loaded. (CVE-2011-0006)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP\n(Internet Group Management Protocol) packets. An unprivileged local\nuser could exploit this flaw to crash the system. (CVE-2011-0716)\n\nDan Rosenberg reported errors in the OSS (Open Sound System) MIDI\ninterface. A local attacker on non-x86 systems might be able to cause\na denial of service. (CVE-2011-1476)\n\nDan Rosenberg reported errors in the kernel's OSS (Open Sound System)\ndriver for Yamaha FM synthesizer chips. A local user can exploit this\nto cause memory corruption, causing a denial of service or privilege\nescalation. (CVE-2011-1477)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of\nARM kernels. A local attacker could exploit this flaw to cause a\ndenial of service or gain root privileges. (CVE-2011-1759)\n\nBen Hutchings reported a flaw in the kernel's handling of corrupt LDM\npartitions. A local user could exploit this to cause a denial of\nservice or escalate privileges. (CVE-2011-2182)\n\nA flaw was discovered in the Linux kernel's AppArmor security\ninterface when invalid information was written to it. An unprivileged\nlocal user could use this to cause a denial of service on the system.\n(CVE-2011-3619)\n\nIt was discovered that some import kernel threads can be blocked by a\nuser level process. An unprivileged local user could exploit this\nflaw to cause a denial of service. (CVE-2011-4621)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044)", "edition": 25, "published": "2012-03-08T00:00:00", "title": "USN-1394-1 : Linux kernel (OMAP4) vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4621", "CVE-2011-1476", "CVE-2012-0044", "CVE-2011-0006", "CVE-2011-1759", "CVE-2011-2182", "CVE-2010-4650", "CVE-2011-3619", "CVE-2011-0716", "CVE-2010-4250", "CVE-2011-1477", "CVE-2011-1927", "CVE-2012-0038"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux"], "id": "UBUNTU_USN-1394-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58289", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1394-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58289);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2016/12/01 20:56:51 $\");\n\n script_cve_id(\"CVE-2010-4250\", \"CVE-2010-4650\", \"CVE-2011-0006\", \"CVE-2011-0716\", \"CVE-2011-1476\", \"CVE-2011-1477\", \"CVE-2011-1759\", \"CVE-2011-1927\", \"CVE-2011-2182\", \"CVE-2011-3619\", \"CVE-2011-4621\", \"CVE-2012-0038\", \"CVE-2012-0044\");\n script_xref(name:\"USN\", value:\"1394-1\");\n\n script_name(english:\"USN-1394-1 : Linux kernel (OMAP4) vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"Aristide Fattori and Roberto Paleari reported a flaw in the Linux\nkernel's handling of IPv4 icmp packets. A remote user could exploit\nthis to cause a denial of service. (CVE-2011-1927)\n\nVegard Nossum discovered a leak in the kernel's inotify_init() system\ncall. A local, unprivileged user could exploit this to cause a denial\nof service. (CVE-2010-4250)\n\nAn error was discovered in the kernel's handling of CUSE (Character\ndevice in Userspace). A local attacker might exploit this flaw to\nescalate privilege, if access to /dev/cuse has been modified to allow\nnon-root users. (CVE-2010-4650)\n\nA flaw was found in the kernel's Integrity Measurement Architecture\n(IMA). Changes made by an attacker might not be discovered by IMA, if\nSELinux was disabled, and a new IMA rule was loaded. (CVE-2011-0006)\n\nA flaw was found in the Linux Ethernet bridge's handling of IGMP\n(Internet Group Management Protocol) packets. An unprivileged local\nuser could exploit this flaw to crash the system. (CVE-2011-0716)\n\nDan Rosenberg reported errors in the OSS (Open Sound System) MIDI\ninterface. A local attacker on non-x86 systems might be able to cause\na denial of service. (CVE-2011-1476)\n\nDan Rosenberg reported errors in the kernel's OSS (Open Sound System)\ndriver for Yamaha FM synthesizer chips. A local user can exploit this\nto cause memory corruption, causing a denial of service or privilege\nescalation. (CVE-2011-1477)\n\nDan Rosenberg reported an error in the old ABI compatibility layer of\nARM kernels. A local attacker could exploit this flaw to cause a\ndenial of service or gain root privileges. (CVE-2011-1759)\n\nBen Hutchings reported a flaw in the kernel's handling of corrupt LDM\npartitions. A local user could exploit this to cause a denial of\nservice or escalate privileges. (CVE-2011-2182)\n\nA flaw was discovered in the Linux kernel's AppArmor security\ninterface when invalid information was written to it. An unprivileged\nlocal user could use this to cause a denial of service on the system.\n(CVE-2011-3619)\n\nIt was discovered that some import kernel threads can be blocked by a\nuser level process. An unprivileged local user could exploit this\nflaw to cause a denial of service. (CVE-2011-4621)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1394-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/07\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/08\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012-2016 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.10\", pkgname:\"linux-image-2.6.35-903-omap4\", pkgver:\"2.6.35-903.32\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:ubuntu_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T07:14:43", "description": "A flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207)", "edition": 23, "published": "2012-02-07T00:00:00", "title": "USN-1356-1 : linux-ti-omap4 vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0044", "CVE-2012-0207", "CVE-2012-0038"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux"], "id": "UBUNTU_USN-1356-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57856", "sourceData": "# This script was automatically generated from Ubuntu Security\n# Notice USN-1356-1. It is released under the Nessus Script \n# Licence.\n#\n# Ubuntu Security Notices are (C) Canonical, Inc.\n# See http://www.ubuntu.com/usn/\n# Ubuntu(R) is a registered trademark of Canonical, Inc.\n\nif (!defined_func(\"bn_random\")) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57856);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2012/09/06 20:42:52 $\");\n\n script_cve_id(\"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n script_xref(name:\"USN\", value:\"1356-1\");\n\n script_name(english:\"USN-1356-1 : linux-ti-omap4 vulnerabilities\");\n script_summary(english:\"Checks dpkg output for updated package(s)\");\n\n script_set_attribute(attribute:\"synopsis\", value: \n\"The remote Ubuntu host is missing one or more security-related\npatches.\");\n script_set_attribute(attribute:\"description\", value:\n\"A flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.ubuntu.com/usn/usn-1356-1/\");\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package(s).\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/06\");\n\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/07\");\n script_end_attributes();\n \n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(\"Ubuntu Security Notice (C) 2012 Canonical, Inc. / NASL script (C) 2012 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"ubuntu.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/Ubuntu/release\")) exit(0, \"The host is not running Ubuntu.\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) exit(1, \"Could not obtain the list of installed packages.\");\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-1209-omap4\", pkgver:\"2.6.38-1209.21\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:ubuntu_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-02-01T07:14:52", "description": "Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl\ncommand. A local user, or user in a VM could exploit this flaw to\nbypass restrictions and gain read/write access to all data on the\naffected block device. (CVE-2011-4127)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting\na corrupt filesystem. A user-assisted remote attacker could exploit\nthis flaw to cause a denial of service. (CVE-2012-2100).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2012-03-07T00:00:00", "title": "Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1388-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4127", "CVE-2012-2100", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2"], "id": "UBUNTU_USN-1388-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58269", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1388-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58269);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-4127\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-2100\");\n script_xref(name:\"USN\", value:\"1388-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-ec2 vulnerabilities (USN-1388-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl\ncommand. A local user, or user in a VM could exploit this flaw to\nbypass restrictions and gain read/write access to all data on the\naffected block device. (CVE-2011-4127)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting\na corrupt filesystem. A user-assisted remote attacker could exploit\nthis flaw to cause a denial of service. (CVE-2012-2100).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1388-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-2.6-ec2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4127\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-2100\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1388-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.32-343-ec2\", pkgver:\"2.6.32-343.45\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-ec2\");\n}\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:10:56", "description": "Updated kernel packages that fix various security issues and three\nbugs are now available for Red Hat Enterprise Linux 6.1 Extended\nUpdate Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A local, unprivileged user could use an integer overflow flaw in\ndrm_mode_dirtyfb_ioctl() to cause a denial of service or escalate\ntheir privileges. (CVE-2012-0044, Important)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the\nKVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038, Moderate)\n\n* It was found that the Linux kernel's register set (regset) common\ninfrastructure implementation did not check if the required get and\nset handlers were initialized. A local, unprivileged user could use\nthis flaw to cause a denial of service by performing a register set\noperation with a ptrace() PTRACE_SETREGSET or PTRACE_GETREGSET\nrequest. (CVE-2012-1097, Moderate)\n\n* A race condition was found in the Linux kernel's memory management\nsubsystem in the way pmd_none_or_clear_bad(), when called with\nmmap_sem in read mode, and Transparent Huge Pages (THP) page faults\ninteracted. A privileged user in a KVM guest with the ballooning\nfunctionality enabled could potentially use this flaw to crash the\nhost. A local, unprivileged user could use this flaw to crash the\nsystem. (CVE-2012-1179, Moderate)\n\nRed Hat would like to thank Chen Haogang for reporting CVE-2012-0044;\nSasha Levin for reporting CVE-2011-4347; Wang Xi for reporting\nCVE-2012-0038; and H. Peter Anvin for reporting CVE-2012-1097.\n\nThis update also fixes the following bugs :\n\n* When a RoCE (RDMA over Converged Ethernet) adapter with active RoCE\ncommunications was taken down suddenly (either by adapter failure or\nthe intentional shutdown of the interface), the ongoing RoCE\ncommunications could cause the kernel to panic and render the machine\nunusable. A patch has been provided to protect the kernel in this\nsituation and to pass an error up to the application still using the\ninterface after it has been taken down instead. (BZ#799944)\n\n* The fix for Red Hat Bugzilla bug 713494, released via\nRHSA-2011:0928, introduced a regression. Attempting to change the\nstate of certain features, such as GRO (Generic Receive Offload) or\nTSO (TCP segment offloading), for a 10 Gigabit Ethernet card that is\nbeing used in a virtual LAN (VLAN) resulted in a kernel panic.\n(BZ#816974)\n\n* If a new file was created on a Network File System version 4 (NFSv4)\nshare, the ownership was set to nfsnobody (-2) until it was possible\nto upcall to the idmapper. As a consequence, subsequent file system\noperations could incorrectly use '-2' for the user and group IDs for\nthe given file, causing certain operations to fail. In reported cases,\nthis issue also caused 'Viminfo file is not writable' errors for users\nrunning Vim with files on an NFSv4 share. (BZ#820960)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.", "edition": 25, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2013-01-24T00:00:00", "title": "RHEL 6 : kernel (RHSA-2012:1042)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-1097", "CVE-2012-0044", "CVE-2011-4347", "CVE-2012-1179", "CVE-2012-0038"], "modified": "2013-01-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "cpe:/o:redhat:enterprise_linux:6.1", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2012-1042.NASL", "href": "https://www.tenable.com/plugins/nessus/64044", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:1042. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64044);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4347\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-1097\", \"CVE-2012-1179\");\n script_bugtraq_id(50811, 51371, 51380, 52274, 52533);\n script_xref(name:\"RHSA\", value:\"2012:1042\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2012:1042)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated kernel packages that fix various security issues and three\nbugs are now available for Red Hat Enterprise Linux 6.1 Extended\nUpdate Support.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A local, unprivileged user could use an integer overflow flaw in\ndrm_mode_dirtyfb_ioctl() to cause a denial of service or escalate\ntheir privileges. (CVE-2012-0044, Important)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the\nKVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038, Moderate)\n\n* It was found that the Linux kernel's register set (regset) common\ninfrastructure implementation did not check if the required get and\nset handlers were initialized. A local, unprivileged user could use\nthis flaw to cause a denial of service by performing a register set\noperation with a ptrace() PTRACE_SETREGSET or PTRACE_GETREGSET\nrequest. (CVE-2012-1097, Moderate)\n\n* A race condition was found in the Linux kernel's memory management\nsubsystem in the way pmd_none_or_clear_bad(), when called with\nmmap_sem in read mode, and Transparent Huge Pages (THP) page faults\ninteracted. A privileged user in a KVM guest with the ballooning\nfunctionality enabled could potentially use this flaw to crash the\nhost. A local, unprivileged user could use this flaw to crash the\nsystem. (CVE-2012-1179, Moderate)\n\nRed Hat would like to thank Chen Haogang for reporting CVE-2012-0044;\nSasha Levin for reporting CVE-2011-4347; Wang Xi for reporting\nCVE-2012-0038; and H. Peter Anvin for reporting CVE-2012-1097.\n\nThis update also fixes the following bugs :\n\n* When a RoCE (RDMA over Converged Ethernet) adapter with active RoCE\ncommunications was taken down suddenly (either by adapter failure or\nthe intentional shutdown of the interface), the ongoing RoCE\ncommunications could cause the kernel to panic and render the machine\nunusable. A patch has been provided to protect the kernel in this\nsituation and to pass an error up to the application still using the\ninterface after it has been taken down instead. (BZ#799944)\n\n* The fix for Red Hat Bugzilla bug 713494, released via\nRHSA-2011:0928, introduced a regression. Attempting to change the\nstate of certain features, such as GRO (Generic Receive Offload) or\nTSO (TCP segment offloading), for a 10 Gigabit Ethernet card that is\nbeing used in a virtual LAN (VLAN) resulted in a kernel panic.\n(BZ#816974)\n\n* If a new file was created on a Network File System version 4 (NFSv4)\nshare, the ownership was set to nfsnobody (-2) until it was possible\nto upcall to the idmapper. As a consequence, subsequent file system\noperations could incorrectly use '-2' for the user and group IDs for\nthe given file, causing certain operations to fail. In reported cases,\nthis issue also caused 'Viminfo file is not writable' errors for users\nrunning Vim with files on an NFSv4 share. (BZ#820960)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://rhn.redhat.com/errata/RHSA-2011-0928.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0928\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:1042\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-1179\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6\\.1([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.1\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4347\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-1097\", \"CVE-2012-1179\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2012:1042\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:1042\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"kernel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", reference:\"kernel-doc-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", reference:\"kernel-firmware-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"perf-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"perf-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"perf-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", sp:\"1\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-131.29.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T19:11:08", "description": "A bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not\ndoing the extended permission checks needed by cgroups and Linux\nSecurity Modules (LSMs). A local user could exploit this to by-pass\nsecurity policy and access files that should not be accessible.\n(CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2012-02-14T00:00:00", "title": "Ubuntu 11.10 : linux vulnerabilities (USN-1363-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2012-02-14T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server"], "id": "UBUNTU_USN-1363-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57937", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1363-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57937);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/02\");\n\n script_cve_id(\"CVE-2011-4097\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0055\", \"CVE-2012-0207\");\n script_bugtraq_id(51343, 51529);\n script_xref(name:\"USN\", value:\"1363-1\");\n\n script_name(english:\"Ubuntu 11.10 : linux vulnerabilities (USN-1363-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not\ndoing the extended permission checks needed by cgroups and Linux\nSecurity Modules (LSMs). A local user could exploit this to by-pass\nsecurity policy and access files that should not be accessible.\n(CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1363-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4097\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0055\", \"CVE-2012-0207\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1363-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-16-generic\", pkgver:\"3.0.0-16.28\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-16-generic-pae\", pkgver:\"3.0.0-16.28\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-16-server\", pkgver:\"3.0.0-16.28\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-16-virtual\", pkgver:\"3.0.0-16.28\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2021-02-02T05:51:08", "description": "The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer.", "edition": 4, "cvss3": {}, "published": "2012-01-27T15:55:00", "title": "CVE-2011-4622", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4622"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:redhat:kvm:83"], "id": "CVE-2011-4622", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4622", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:51:06", "description": "Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the ability to mount a FUSE filesystem.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2012-05-24T23:55:00", "title": "CVE-2011-3353", "type": "cve", "cwe": ["CWE-120"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3353"], "modified": "2020-07-29T17:33:00", "cpe": [], "id": "CVE-2011-3353", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3353", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2021-02-02T05:51:06", "description": "The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/attr/current file.", "edition": 6, "cvss3": {}, "published": "2013-06-08T13:05:00", "title": "CVE-2011-3619", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3619"], "modified": "2013-06-10T04:00:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0"], "id": "CVE-2011-3619", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3619", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:50:59", "description": "The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of service (memory corruption and system crash) by sending IGMP packets to a local interface.", "edition": 6, "cvss3": {}, "published": "2012-06-21T23:55:00", "title": "CVE-2011-0716", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0716"], "modified": "2016-12-07T18:13:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.37.2", "cpe:/o:linux:linux_kernel:2.6.37", "cpe:/o:linux:linux_kernel:2.6.37.3", "cpe:/o:linux:linux_kernel:2.6.37.6", "cpe:/o:linux:linux_kernel:2.6.37.1", "cpe:/o:linux:linux_kernel:2.6.37.4", "cpe:/o:linux:linux_kernel:2.6.37.5"], "id": "CVE-2011-0716", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0716", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.37:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.37:rc3:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:51:02", "description": "The ip_expire function in net/ipv4/ip_fragment.c in the Linux kernel before 2.6.39 does not properly construct ICMP_TIME_EXCEEDED packets after a timeout, which allows remote attackers to cause a denial of service (invalid pointer dereference) via crafted fragmented packets.", "edition": 6, "cvss3": {}, "published": "2012-06-13T10:24:00", "title": "CVE-2011-1927", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1927"], "modified": "2012-06-13T10:24:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.38.8", "cpe:/o:linux:linux_kernel:2.6.38", "cpe:/o:linux:linux_kernel:2.6.38.3", "cpe:/o:linux:linux_kernel:2.6.38.1", "cpe:/o:linux:linux_kernel:2.6.38.5", "cpe:/o:linux:linux_kernel:2.6.38.2", "cpe:/o:linux:linux_kernel:2.6.38.6", "cpe:/o:linux:linux_kernel:2.6.38.4", "cpe:/o:linux:linux_kernel:2.6.38.7"], "id": "CVE-2011-1927", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1927", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.38.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc8:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6.38:rc5:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:59:43", "description": "Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call.", "edition": 9, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2012-05-17T11:00:00", "title": "CVE-2012-0044", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0044"], "modified": "2020-07-29T15:27:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:10.04"], "id": "CVE-2012-0044", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0044", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"]}, {"lastseen": "2021-02-02T05:59:43", "description": "Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.", "edition": 9, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2012-05-17T11:00:00", "title": "CVE-2012-0038", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0038"], "modified": "2020-07-29T15:24:00", "cpe": [], "id": "CVE-2012-0038", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0038", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": []}], "seebug": [{"lastseen": "2017-11-19T17:54:43", "description": "BUGTRAQ ID: 46433\r\nCVE ID: CVE-2011-0716\r\n\r\nLinux Kernel\u662fLinux\u64cd\u4f5c\u7cfb\u7edf\u7684\u5185\u6838\u3002\r\n\r\nLinux Kernel\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u9020\u6210\u5185\u6838\u5d29\u6e83\u3001\u62d2\u7edd\u670d\u52a1\u5408\u6cd5\u7528\u6237\r\n0\r\nLinux kernel 2.6.x\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.kernel.org/", "published": "2012-03-02T00:00:00", "type": "seebug", "title": "Linux kernel 2.6.x 'net/bridge/br_multicast.c'\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e(CVE-2011-0716)", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-0716"], "modified": "2012-03-02T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-30158", "id": "SSV:30158", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.7, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T17:58:41", "description": "Bugtraq ID: 50172\r\nCVE ID\uff1aCVE-2011-3619\r\n\r\nLinux\u662f\u4e00\u6b3e\u5f00\u6e90\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n"apparmor_setprocattr()"\u51fd\u6570(security/apparmor/lsm.c)\u5b58\u5728\u4e00\u4e2a\u9519\u8bef\uff0c\u5982\u679c\u8fdb\u7a0b\u5411\u5b83\u7684"/attr/current" proc\u6587\u4ef6\u5199\u7578\u5f62\u6570\u636e\u53ef\u89e6\u53d1"BUG_ON()"\uff0c\u672c\u5730\u7528\u6237\u53ef\u5229\u7528\u6f0f\u6d1e\u8fdb\u884c\u672c\u5730\u62d2\u7edd\u670d\u52a1\u653b\u51fb\u3002\n\nLinux Kernel 2.6.x\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a5b2c5b2ad5853591a6cac6134cd0f599a720865", "published": "2011-10-18T00:00:00", "title": "Linux Kernel 'apparmor_setprocattr()'\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-3619"], "modified": "2011-10-18T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-23111", "id": "SSV:23111", "sourceData": "", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T17:56:23", "description": "Bugtraq ID: 51172\r\nCVE ID\uff1aCVE-2011-4622\r\n\r\nLinux\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\u7528\u6237\u7a7a\u95f4\u53ef\u521b\u5efaPIT\u4f46\u5fd8\u8bb0\u4e86\u8bbe\u7f6eirqchips\uff0c\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7PIT IRQs\u4f7f\u4e3b\u673a\u5d29\u6e83\uff1a\r\n<code>BUG: unable to handle kernel NULL pointer dereference at 0000000000000128\r\nIP: [<ffffffffa10f6280>] kvm_set_irq+0x30/0x170 [kvm]\r\n...\r\nCall Trace:\r\n[<ffffffffa11228c1>] pit_do_work+0x51/0xd0 [kvm]\r\n[<ffffffff81071431>] process_one_work+0x111/0x4d0\r\n[<ffffffff81071bb2>] worker_thread+0x152/0x340\r\n[<ffffffff81075c8e>] kthread+0x7e/0x90\r\n[<ffffffff815a4474>] kernel_thread_helper+0x4/0x10</code>\r\n\u6f0f\u6d1e\u662f\u5f53\u914d\u7f6e\u4e86\u53ef\u7f16\u7a0b\u95f4\u9694\u5b9a\u65f6\u5668(PIT)\u65f6"create_pit_timer()"\u51fd\u6570(arch/x86/kvm/i8254.c)\u7684\u9519\u8bef\uff0c\u53ef\u88ab\u5229\u7528\u5f15\u7528\u7a7a\u6307\u9488\u800c\u4f7f\u4e3b\u673a\u5d29\u6e83\u3002\nBugtraq ID: 51172\r\nCVE ID\uff1aCVE-2011-4622\r\n\r\nLinux\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\u7528\u6237\u7a7a\u95f4\u53ef\u521b\u5efaPIT\u4f46\u5fd8\u8bb0\u4e86\u8bbe\u7f6eirqchips\uff0c\u5728\u8fd9\u79cd\u60c5\u51b5\u4e0b\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u901a\u8fc7PIT IRQs\u4f7f\u4e3b\u673a\u5d29\u6e83\uff1a\r\n<pre class=\"prettyprint linenums\">BUG: unable to handle kernel NULL pointer dereference at 0000000000000128\r\nIP: [<ffffffffa10f6280>] kvm_set_irq+0x30/0x170 [kvm]\r\n...\r\nCall Trace:\r\n[<ffffffffa11228c1>] pit_do_work+0x51/0xd0 [kvm]\r\n[<ffffffff81071431>] process_one_work+0x111/0x4d0\r\n[<ffffffff81071bb2>] worker_thread+0x152/0x340\r\n[<ffffffff81075c8e>] kthread+0x7e/0x90\r\n[<ffffffff815a4474>] kernel_thread_helper+0x4/0x10</pre>\r\n\u6f0f\u6d1e\u662f\u5f53\u914d\u7f6e\u4e86\u53ef\u7f16\u7a0b\u95f4\u9694\u5b9a\u65f6\u5668(PIT)\u65f6"create_pit_timer()"\u51fd\u6570(arch/x86/kvm/i8254.c)\u7684\u9519\u8bef\uff0c\u53ef\u88ab\u5229\u7528\u5f15\u7528\u7a7a\u6307\u9488\u800c\u4f7f\u4e3b\u673a\u5d29\u6e83\u3002\nLinux kernel 2.6.x\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://permalink.gmane.org/gmane.comp.emulators.kvm.devel/83564", "published": "2011-12-24T00:00:00", "type": "seebug", "title": "Linux kernel 2.6.x KVM 'create_pit_timer()'\u51fd\u6570\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-4622"], "modified": "2011-12-24T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-26098", "id": "SSV:26098", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T17:57:53", "description": "BUGTRAQ ID: 51172\r\nCVE ID: CVE-2011-4622\r\n\r\nLinux\u662f\u81ea\u7531\u7535\u8111\u64cd\u4f5c\u7cfb\u7edf\u5185\u6838\u3002\r\n\r\nLinux Kernel\u5728create_pit_timer()\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0cKVM 83\u7684arch/x86/kvm/i8254.c\u4e2d\u7684create_pit_timer\u51fd\u6570\u5728irqchip\u4e0d\u53ef\u7528\u65f6\u6ca1\u6709\u6b63\u786e\u5904\u7406PIT IRQ\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u5b9a\u65f6\u5668\u901a\u8fc7\u6b64\u6f0f\u6d1e\u9020\u6210\u5185\u6838\u5d29\u6e83\uff0c\u62d2\u7edd\u670d\u52a1\u5408\u6cd5\u7528\u6237\u3002\n0\nLinux kernel 2.6.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nLinux\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.kernel.org/", "published": "2012-02-14T00:00:00", "title": "Linux kernel 2.6.x KVM create_pit_timer()\u51fd\u6570\u672c\u5730\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-4622"], "modified": "2012-02-14T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-30113", "id": "SSV:30113", "sourceData": "", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}, {"lastseen": "2017-11-19T18:45:20", "description": "CVE ID\uff1aCVE-2011-1927\r\n\r\nLinux\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\nnet/ipv4/ip_fragment.c\u63d0\u4f9b\u7684"ip_expire()"\u51fd\u6570\u5b58\u5728\u9519\u8bef\uff0c\u4f20\u9012\u7ed9dev_net()\u51fd\u6570\u7684\u53c2\u6570\u7f3a\u5c11\u6821\u9a8c\uff0c\u5411\u7cfb\u7edf\u53d1\u9001\u5206\u7247\u62a5\u6587\u53ef\u5bfc\u81f4\u7531\u7a7a\u6307\u9488\u5f15\u7528\u7684\u5185\u6838\u5d29\u6e83\u3002\n\nLinux Kernel 2.6.x\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\nLinux Kernel 2.6.39\u5df2\u7ecf\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\nhttp://www.kernel.org/", "published": "2011-05-20T00:00:00", "type": "seebug", "title": "Linux Kernel "ip_expire()"\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-1927"], "modified": "2011-05-20T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-20576", "id": "SSV:20576", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:55:35", "description": "Bugtraq ID: 51380\r\nCVE ID\uff1aCVE-2012-0038\r\n\r\nLinux\u662f\u4e00\u6b3e\u5f00\u6e90\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\nLinux\u5185\u6838XFS\u6587\u4ef6\u7cfb\u7edf\u5b58\u5728\u6574\u6570\u6ea2\u51fa\uff0c\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u4f7f\u7cfb\u7edf\u5d29\u6e83\u3002\r\n"xfs_acl_from_disk()"\u51fd\u6570(fs/xfs/xfs_acl.c)\u5b58\u5728\u6574\u6570\u6ea2\u51fa\uff0c\u53ef\u88ab\u5229\u7528\u7834\u574f\u5185\u6838\u5185\u5b58\u3002\r\n\r\n\u8981\u6210\u529f\u5229\u7528\u6f0f\u6d1e\u9700\u8981\u7269\u7406\u8bbf\u95ee\u80fd\u81ea\u52a8\u5b89\u88c5\u63d2\u5165\u5a92\u4f53\u8bbe\u5907\u7684\u7cfb\u7edf\u6216\u8bf1\u4f7f\u7528\u6237\u5b89\u88c5\u6076\u610f\u6587\u4ef6\u7cfb\u7edf(\u5982\u901a\u8fc7USB\u8bbe\u5907)\u3002\n0\nLinux Kernel 2.6.x\nhttp://kqueue.org/blog/2012/01/10/cve-2012-0038-xfs-acl-count-integer-overflow/", "published": "2012-01-13T00:00:00", "type": "seebug", "title": "Linux Kernel XFS Filesystem 'fs/xfs/xfs_acl.c'\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2012-0038"], "modified": "2012-01-13T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-30016", "id": "SSV:30016", "sourceData": "", "sourceHref": "", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-0056", "CVE-2012-0044", "CVE-2012-0055", "CVE-2012-0207", "CVE-2012-0038"], "description": "File systems privilege escalation, /proc privilege escalation, IGMP DoS.", "edition": 1, "modified": "2012-02-15T00:00:00", "published": "2012-02-15T00:00:00", "id": "SECURITYVULNS:VULN:12199", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12199", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:45", "bulletinFamily": "software", "cvelist": ["CVE-2011-4110", "CVE-2011-4127", "CVE-2011-4611", "CVE-2011-4914", "CVE-2011-3353", "CVE-2011-2898", "CVE-2011-4077", "CVE-2011-2213", "CVE-2011-4622"], "description": "DoS conditions, information leaks, privilege escalation.", "edition": 1, "modified": "2012-01-21T00:00:00", "published": "2012-01-21T00:00:00", "id": "SECURITYVULNS:VULN:12151", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12151", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:43", "bulletinFamily": "software", "cvelist": ["CVE-2011-4110", "CVE-2011-4127", "CVE-2011-4611", "CVE-2011-4914", "CVE-2011-3353", "CVE-2011-2898", "CVE-2011-4077", "CVE-2011-2213", "CVE-2011-4622", "CVE-2011-2183"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ----------------------------------------------------------------------\r\nDebian Security Advisory DSA-2389-1 security@debian.org\r\nhttp://www.debian.org/security/ Dann Frazier\r\nJanuary 15, 2012 http://www.debian.org/security/faq\r\n- ----------------------------------------------------------------------\r\n\r\nPackage : linux-2.6\r\nVulnerability : privilege escalation/denial of service/information leak\r\nProblem type : local/remote\r\nDebian-specific: no\r\nCVE Id(s) : CVE-2011-2183 CVE-2011-2213 CVE-2011-2898 CVE-2011-3353\r\n CVE-2011-4077 CVE-2011-4110 CVE-2011-4127 CVE-2011-4611\r\n CVE-2011-4622 CVE-2011-4914\r\n\r\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\r\nto a denial of service or privilege escalation. The Common Vulnerabilities and\r\nExposures project identifies the following problems:\r\n\r\nCVE-2011-2183\r\n\r\n Andrea Righi reported an issue in KSM, a memory-saving de-duplication\r\n feature. By exploiting a race with exiting tasks, local users can cause\r\n a kernel oops, resulting in a denial of service.\r\n \r\nCVE-2011-2213\r\n\r\n Dan Rosenberg discovered an issue in the INET socket monitoring interface.\r\n Local users could cause a denial of service by injecting code and causing\r\n the kernel to execute an infinite loop.\r\n\r\nCVE-2011-2898\r\n\r\n Eric Dumazet reported an information leak in the raw packet socket\r\n implementation.\r\n\r\nCVE-2011-3353\r\n\r\n Han-Wen Nienhuys reported a local denial of service issue issue in the FUSE\r\n (Filesystem in Userspace) support in the linux kernel. Local users could\r\n cause a buffer overflow, leading to a kernel oops and resulting in a denial\r\n of service.\r\n\r\nCVE-2011-4077\r\n\r\n Carlos Maiolino reported an issue in the XFS filesystem. A local user\r\n with the ability to mount a filesystem could corrupt memory resulting\r\n in a denial of service or possibly gain elevated privileges.\r\n\r\nCVE-2011-4110\r\n\r\n David Howells reported an issue in the kernel's access key retention\r\n system which allow local users to cause a kernel oops leading to a denial\r\n of service.\r\n\r\nCVE-2011-4127\r\n\r\n Paolo Bonzini of Red Hat reported an issue in the ioctl passthrough\r\n support for SCSI devices. Users with permission to access restricted\r\n portions of a device (e.g. a partition or a logical volume) can obtain\r\n access to the entire device by way of the SG_IO ioctl. This could be\r\n exploited by a local user or privileged VM guest to achieve a privilege\r\n escalation.\r\n\r\nCVE-2011-4611\r\n\r\n Maynard Johnson reported an issue with the perf support on POWER7 systems\r\n that allows local users to cause a denial of service.\r\n\r\nCVE-2011-4622\r\n\r\n Jan Kiszka reported an issue in the KVM PIT timer support. Local users\r\n with the permission to use KVM can cause a denial of service by starting\r\n a PIT timer without first setting up the irqchip.\r\n\r\nCVE-2011-4914\r\n\r\n Ben Hutchings reported various bounds checking issues within the ROSE\r\n protocol support in the kernel. Remote users could possibly use this\r\n to gain access to sensitive memory or cause a denial of service.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in version\r\n2.6.32-39squeeze1. Updates for issues impacting the oldstable distribution\r\n(lenny) will be available soon.\r\n\r\nThe following matrix lists additional source packages that were rebuilt for\r\ncompatibility with or to take advantage of this update:\r\n\r\n Debian 6.0 (squeeze)\r\n user-mode-linux 2.6.32-1um-4+39squeeze1\r\n\r\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niQIcBAEBAgAGBQJPEz16AAoJEBv4PF5U/IZAgUYP/0vzIc/bZJ1WTirzoElrzXpL\r\nVSN+apE3WHyjHyVzEEncKgXM3HglNjhs+HXlaiWFQsa6bDuzHB3R4GMaj+uUt6jC\r\njLIVWiuPn3EWGUTRKA2wNtqMYl+nKAU2uYCo0aXV5WXii9rr3GBqxjShsgkE8Ak3\r\nX4s25KePGwNF0dU9gg6ylhv97gtyilp1rDhiIOgJcSkY2Mi93E4+p030cwZlxnKB\r\nMm5Pr94K6JASyIbBEILLZDEc6qJilkoem81b8Pds2O9FagGbTd9QfwwaEwwUUqZp\r\nfXbEHtd+9tvz3db5VFrp48UmV7Oi9lx30kW5h3tdV0R0P15W8QFaIxvwwuLNtcnL\r\nrYK0mF4pqJS9x5aA+vzZSxsETcFCa7NzE468mt8RF4d5kXjd1hGZ/8w3QYlYp95c\r\nwg1fIbNe3ChdypT3XxmkUDKyzMHPzjyxCoyEg3SQBDn8wJqrQ1SvUB3aBfv/7ju6\r\n6gNEqoyrcMXrnChWDzz8Fc2fXLHMv1w3wNFchl2GSCkP2SpapvqPF/N55FhM/eZd\r\nTI1iOnHUFMgAyLcWFDav3yePQSh+SmMF4jftjFuc+XBgZvalTIbiPdUsQ7/AJmdg\r\nPnQwFULq8kV7zrsBYaK97hjgH83k73IGa40WrIfs1dX+2bCccnIFYFqMrCYQUNVW\r\n2FCy34dWqbQlEpgRK0Az\r\n=rgcP\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-01-21T00:00:00", "published": "2012-01-21T00:00:00", "id": "SECURITYVULNS:DOC:27566", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27566", "title": "[SECURITY] [DSA 2389-1] linux-2.6 security update", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:45:13", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4347", "CVE-2012-0038", "CVE-2012-0044", "CVE-2012-1097", "CVE-2012-1179"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A local, unprivileged user could use an integer overflow flaw in\ndrm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their\nprivileges. (CVE-2012-0044, Important)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the KVM\n(Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if\nthe user requesting device assignment was privileged or not. A local,\nunprivileged user on the host could assign unused PCI devices, or even\ndevices that were in use and whose resources were not properly claimed by\nthe respective drivers, which could result in the host crashing.\n(CVE-2011-4347, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially-crafted disk.\n(CVE-2012-0038, Moderate)\n\n* It was found that the Linux kernel's register set (regset) common\ninfrastructure implementation did not check if the required get and set\nhandlers were initialized. A local, unprivileged user could use this flaw\nto cause a denial of service by performing a register set operation with a\nptrace() PTRACE_SETREGSET or PTRACE_GETREGSET request. (CVE-2012-1097,\nModerate)\n\n* A race condition was found in the Linux kernel's memory management\nsubsystem in the way pmd_none_or_clear_bad(), when called with mmap_sem in\nread mode, and Transparent Huge Pages (THP) page faults interacted. A\nprivileged user in a KVM guest with the ballooning functionality enabled\ncould potentially use this flaw to crash the host. A local, unprivileged\nuser could use this flaw to crash the system. (CVE-2012-1179, Moderate)\n\nRed Hat would like to thank Chen Haogang for reporting CVE-2012-0044; Sasha\nLevin for reporting CVE-2011-4347; Wang Xi for reporting CVE-2012-0038; and\nH. Peter Anvin for reporting CVE-2012-1097.\n\nThis update also fixes the following bugs:\n\n* When a RoCE (RDMA over Converged Ethernet) adapter with active RoCE\ncommunications was taken down suddenly (either by adapter failure or the\nintentional shutdown of the interface), the ongoing RoCE communications\ncould cause the kernel to panic and render the machine unusable. A patch\nhas been provided to protect the kernel in this situation and to pass an\nerror up to the application still using the interface after it has been\ntaken down instead. (BZ#799944)\n\n* The fix for Red Hat Bugzilla bug 713494, released via RHSA-2011:0928,\nintroduced a regression. Attempting to change the state of certain\nfeatures, such as GRO (Generic Receive Offload) or TSO (TCP segment\noffloading), for a 10 Gigabit Ethernet card that is being used in a\nvirtual LAN (VLAN) resulted in a kernel panic. (BZ#816974)\n\n* If a new file was created on a Network File System version 4 (NFSv4)\nshare, the ownership was set to nfsnobody (-2) until it was possible to\nupcall to the idmapper. As a consequence, subsequent file system operations\ncould incorrectly use \"-2\" for the user and group IDs for the given file,\ncausing certain operations to fail. In reported cases, this issue also\ncaused \"Viminfo file is not writable\" errors for users running Vim with\nfiles on an NFSv4 share. (BZ#820960)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues. The system must be rebooted for this\nupdate to take effect.\n", "modified": "2016-05-19T22:09:28", "published": "2012-06-26T04:00:00", "id": "RHSA-2012:1042", "href": "https://access.redhat.com/errata/RHSA-2012:1042", "type": "redhat", "title": "(RHSA-2012:1042) Important: kernel security and bug fix update", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-08-13T18:44:34", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4622", "CVE-2012-0029"], "description": "KVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for\nthe standard Red Hat Enterprise Linux kernel.\n\nA heap overflow flaw was found in the way QEMU-KVM emulated the e1000\nnetwork interface card. A privileged guest user in a virtual machine whose\nnetwork interface is configured to use the e1000 emulated driver could use\nthis flaw to crash the host or, possibly, escalate their privileges on the\nhost. (CVE-2012-0029)\n\nA flaw was found in the way the KVM subsystem of a Linux kernel handled PIT\n(Programmable Interval Timer) IRQs (interrupt requests) when there was no\nvirtual interrupt controller set up. A malicious user in the kvm group on\nthe host could force this situation to occur, resulting in the host\ncrashing. (CVE-2011-4622)\n\nRed Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029.\n\nAll KVM users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Note: The procedure in the\nSolution section must be performed before this update will take effect.\n", "modified": "2017-09-08T12:16:47", "published": "2012-01-23T05:00:00", "id": "RHSA-2012:0051", "href": "https://access.redhat.com/errata/RHSA-2012:0051", "type": "redhat", "title": "(RHSA-2012:0051) Important: kvm security update", "cvss": {"score": 7.4, "vector": "AV:A/AC:M/Au:S/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:28:03", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0029", "CVE-2011-4622"], "description": "**CentOS Errata and Security Advisory** CESA-2012:0051\n\n\nKVM (Kernel-based Virtual Machine) is a full virtualization solution for\nLinux on AMD64 and Intel 64 systems. KVM is a Linux kernel module built for\nthe standard Red Hat Enterprise Linux kernel.\n\nA heap overflow flaw was found in the way QEMU-KVM emulated the e1000\nnetwork interface card. A privileged guest user in a virtual machine whose\nnetwork interface is configured to use the e1000 emulated driver could use\nthis flaw to crash the host or, possibly, escalate their privileges on the\nhost. (CVE-2012-0029)\n\nA flaw was found in the way the KVM subsystem of a Linux kernel handled PIT\n(Programmable Interval Timer) IRQs (interrupt requests) when there was no\nvirtual interrupt controller set up. A malicious user in the kvm group on\nthe host could force this situation to occur, resulting in the host\ncrashing. (CVE-2011-4622)\n\nRed Hat would like to thank Nicolae Mogoreanu for reporting CVE-2012-0029.\n\nAll KVM users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. Note: The procedure in the\nSolution section must be performed before this update will take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-January/030427.html\n\n**Affected packages:**\nkmod-kvm\nkmod-kvm-debug\nkvm\nkvm-qemu-img\nkvm-tools\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0051.html", "edition": 3, "modified": "2012-01-24T20:53:03", "published": "2012-01-24T20:53:03", "href": "http://lists.centos.org/pipermail/centos-announce/2012-January/030427.html", "id": "CESA-2012:0051", "title": "kmod, kvm security update", "type": "centos", "cvss": {"score": 7.4, "vector": "AV:A/AC:M/Au:S/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:42", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0029", "CVE-2011-4622"], "description": "[kvm-83-239.0.1.el5_7.1]\n- Added kvm-add-oracle-workaround-for-libvirt-bug.patch\n- Added kvm-Introduce-oel-machine-type.patch\n[kvm-83-239.el5_7.1]\n- kvm-e1000-prevent-buffer-overflow-when-processing-legacy.patch [bz#772079]\n- Resolves: bz#772079\n (EMBARGOED CVE-2012-0029 qemu-kvm: e1000: process_tx_desc legacy mode packets heap overflow [rhel-5.7.z])\n- kvm-Fix-external-module-compat.c-not-to-use-unsupported-.patch [bz#753860]\n (build fix)\n- kvm-kernel-KVM-x86-Prevent-starting-PIT-timers-in-the-absence-o.patch [bz#770100]\n- Resolves: bz#770100\n (CVE-2011-4622 kernel: kvm: pit timer with no irqchip crashes the system [rhel-5.7.z])\n[kvm-83-239.el5_7.1]\n- Updated kversion to 2.6.18-274.17.1.el5 to match build root", "edition": 4, "modified": "2012-01-23T00:00:00", "published": "2012-01-23T00:00:00", "id": "ELSA-2012-0051", "href": "http://linux.oracle.com/errata/ELSA-2012-0051.html", "title": "kvm security update", "type": "oraclelinux", "cvss": {"score": 7.4, "vector": "AV:A/AC:M/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:01", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4132", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "[2.6.32-300.11.1.el6uek]\n- [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos Maiolino) {CVE-2011-4077}\n- [scsi] increase qla2xxx firmware ready time-out (Joe Jin)\n- [scsi] qla2xxx: Module parameter to control use of async or sync port login (Joe Jin)\n- [net] tg3: Fix single-vector MSI-X code (Joe Jin)\n- [net] qlge: fix size of external list for TX address descriptors (Joe Jin)\n- [net] e1000e: Avoid wrong check on TX hang (Joe Jin)\n- crypto: ghash - Avoid null pointer dereference if no key is set (Nick Bowler) {CVE-2011-4081}\n- jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) {CVE-2011-4132}\n- KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347}\n- KVM: x86: Prevent starting PIT timers in the absence of irqchip support (Jan Kiszka) {CVE-2011-4622}\n- xfs: validate acl count (Joe Jin) {CVE-2012-0038}\n- KVM: x86: fix missing checks in syscall emulation (Joe Jin) {CVE-2012-0045}\n- KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) {CVE-2012-0045}\n- igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben Hutchings) {CVE-2012-0207}\n- ipv4: correct IGMP behavior on v3 query during v2-compatibility mode (David Stevens)\n- fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349]\n[2.6.32-300.10.1.el6uek]\n- net: remove extra register in ip_gre (Guru Anbalagane) [Orabug: 13633287]\n[2.6.32-300.9.1.el6uek]\n- [netdrv] fnic: return zero on fnic_reset() success (Joe Jin)\n- [e1000e] Add entropy generation back for network interrupts (John Sobecki)\n- [nfs4] LINUX CLIENT TREATS NFS4ERR_GRACE AS A PERMANENT ERROR [orabug 13476821] (John Sobecki)\n- [nfs] NFS CLIENT CONNECTS TO SERVER THEN DISCONNECTS [orabug 13516759] (John Sobecki)\n- [sunrpc] Add patch for a mount crash in __rpc_create_common [orabug 13322773] (John Sobecki)\n[2.6.32-300.8.1.el6uek]\n- SPEC: fix dependency on firmware/mkinitrd (Guru Anbalagane) [orabug 13637902]\n- xfs: fix acl count validation in xfs_acl_from_disk() (Dan Carpenter)\n- [SCSI] scsi_dh: check queuedata pointer before proceeding further (Moger Babu)\n [orabug 13615419]", "edition": 4, "modified": "2012-03-07T00:00:00", "published": "2012-03-07T00:00:00", "id": "ELSA-2012-2003", "href": "http://linux.oracle.com/errata/ELSA-2012-2003.html", "title": "Unbreakable Enterprise kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-09-04T12:03:49", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2928", "CVE-2011-3353", "CVE-2011-3191"], "description": "The SUSE Linux Enterprise 11 Service Pack 1 kernel was\n updated to 2.6.32.46 and fixes various bugs and security\n issues.\n\n Following security issues were fixed: CVE-2011-3191: A\n signedness issue in CIFS could possibly have lead to to\n memory corruption, if a malicious server could send\n crafted replies to the host.\n\n CVE-2011-3353: In the fuse filesystem,\n FUSE_NOTIFY_INVAL_ENTRY did not check the length of the\n write so the message processing could overrun and result\n in a BUG_ON() in fuse_copy_fill(). This flaw could be used\n by local users able to mount FUSE filesystems to crash the\n system.\n\n CVE-2011-2928: The befs_follow_link function in\n fs/befs/linuxvfs.c in the Linux kernel did not validate\n the length attribute of long symlinks, which allowed local\n users to cause a denial of service (incorrect pointer\n dereference and OOPS) by accessing a long symlink on a\n malformed Be filesystem.\n\n Also the following non security bugs were fixed: -\n CONFIG_CGROUP_MEM_RES_CTLR_SWAP enabled -\n CONFIG_CGROUP_MEM_RES_CTLR_SWAP_ENABLED disabled by\n default. Swap accounting can be turned on by swapaccount=1\n kernel command line parameter (bnc#719450) - Make swap\n accounting default behavior configurable (bnc#719450,\n bnc#650309, fate#310471).\n\n *\n\n Added a missing reset for ioc_reset_in_progress in\n SoftReset in the mtpsas driver (bnc#711969).\n\n *\n\n Add support for the Digi/IBM PCIe 2-port Adapter\n (bnc#708675).\n\n *\n\n Always enable MSI-X on 5709 (bnc#707737).\n\n *\n\n sched: fix broken SCHED_RESET_ON_FORK handling\n (bnc#708877).\n\n *\n\n sched: Fix rt_rq runtime leakage bug (bnc#707096).\n\n *\n\n ACPI: allow passing down C1 information if no other\n C-states exist.\n\n *\n\n KDB: turn off kdb usb support by default (bnc#694670\n bnc#603804).\n\n *\n\n xfs: Added event tracing support.\n\n *\n\n xfs: fix xfs_fsblock_t tracing.\n\n *\n\n igb: extend maximum frame size to receive VLAN tagged\n frames (bnc#688859).\n\n *\n\n cfq: Do not allow queue merges for queues that have\n no process references (bnc#712929).\n\n * cfq: break apart merged cfqqs if they stop\n cooperating (bnc#712929).\n * cfq: calculate the seek_mean per cfq_queue not per\n cfq_io_context (bnc#712929).\n * cfq: change the meaning of the cfqq_coop flag\n (bnc#712929).\n * cfq-iosched: get rid of the coop_preempt flag\n (bnc#712929).\n *\n\n cfq: merge cooperating cfq_queues (bnc#712929).\n\n *\n\n Fix FDDI and TR config checks in ipv4 arp and LLC\n (bnc#715235).\n\n *\n\n writeback: do uninterruptible sleep in\n balance_dirty_pages() (bnc#699354 bnc#699357).\n\n * xfs: fix memory reclaim recursion deadlock on locked\n inode buffer (bnc#699355 bnc#699354).\n *\n\n xfs: use GFP_NOFS for page cache allocation\n (bnc#699355 bnc#699354).\n\n *\n\n virtio-net: init link state correctly (bnc#714966).\n\n *\n\n cpufreq: pcc-cpufreq: sanity check to prevent a NULL\n pointer dereference (bnc#709412).\n\n *\n\n x86: ucode-amd: Do not warn when no ucode is\n available for a CPU\n\n *\n\n patches.arch/x86_64-unwind-annotations: Refresh\n (bnc#588458).\n\n *\n\n patches.suse/stack-unwind: Refresh (bnc#588458).\n\n *\n\n splice: direct_splice_actor() should not use pos in\n sd (bnc#715763).\n\n *\n\n qdio: 2nd stage retry on SIGA-W busy conditions\n (bnc#713138,LTC#74402).\n\n *\n\n TTY: pty, fix pty counting (bnc#711203).\n\n *\n\n Avoid deadlock in GFP_IO/GFP_FS allocation\n (bnc#632870).\n\n *\n\n novfs: fix some DirCache locking issues (bnc#669378).\n\n * novfs: fix some kmalloc/kfree issues (bnc#669378).\n * novfs: fix off-by-one allocation error (bnc#669378).\n * novfs: unlink directory after unmap (bnc#649625).\n *\n\n novfs: last modification time not reliable\n (bnc#642896).\n\n *\n\n x86 / IO APIC: Reset IRR in clear_IO_APIC_pin()\n (bnc#701686, bnc#667386).\n\n *\n\n mptfusion : Added check for SILI bit in READ_6 CDB\n for DATA UNDERRUN ERRATA (bnc #712456).\n\n *\n\n xfs: serialise unaligned direct IOs (bnc#707125).\n\n *\n\n NFS: Ensure that we handle NFS4ERR_STALE_STATEID\n correctly (bnc#701443).\n\n * NFSv4: Do not call nfs4_state_mark_reclaim_reboot()\n from error handlers (bnc#701443).\n * NFSv4: Fix open recovery (bnc#701443).\n * NFSv4.1: Do not call nfs4_schedule_state_recovery()\n unnecessarily (bnc#701443).\n\n Security Issues:\n\n * CVE-2011-3191\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3191\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3191</a>\n >\n * CVE-2011-3353\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3353\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3353</a>\n >\n * CVE-2011-2928\n <<a rel=\"nofollow\" href=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2928\">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2928</a>\n >\n", "edition": 1, "modified": "2011-10-08T01:08:22", "published": "2011-10-08T01:08:22", "id": "SUSE-SU-2011:1100-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00002.html", "type": "suse", "title": "Security update for Linux kernel (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:31:56", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2928", "CVE-2011-3353", "CVE-2011-3191"], "description": "The SUSE Linux Enterprise 11 Service Pack 1 kernel was updated to 2.6.32.46 and fixes various bugs and security issues.\n#### Solution\nThere is no known workaround, please install the update packages.", "edition": 1, "modified": "2011-10-17T17:58:35", "published": "2011-10-17T17:58:35", "id": "SUSE-SA:2011:041", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00005.html", "title": "denial of service in kernel", "type": "suse", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:27:16", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2928", "CVE-2011-3353", "CVE-2011-3191"], "description": "The SUSE Linux Enterprise 11 Service Pack 1 kernel was\n updated to 2.6.32.46 and fixes various bugs and security\n issues.\n\n Following security issues were fixed: CVE-2011-3191: A\n signedness issue in CIFS could possibly have lead to to\n memory corruption, if a malicious server could send crafted\n replies to the host.\n\n CVE-2011-3353: In the fuse filesystem,\n FUSE_NOTIFY_INVAL_ENTRY did not check the length of the\n write so the message processing could overrun and result in\n a BUG_ON() in fuse_copy_fill(). This flaw could be used by\n local users able to mount FUSE filesystems to crash the\n system.\n\n CVE-2011-2928: The befs_follow_link function in\n fs/befs/linuxvfs.c in the Linux kernel did not validate the\n length attribute of long symlinks, which allowed local\n users to cause a denial of service (incorrect pointer\n dereference and OOPS) by accessing a long symlink on a\n malformed Be filesystem.\n\n\n Also the following non security bugs were fixed:\n - Added a missing reset for ioc_reset_in_progress in\n SoftReset in the mtpsas driver (bnc#711969).\n\n - Add support for the Digi/IBM PCIe 2-port Adapter\n (bnc#708675).\n\n - Always enable MSI-X on 5709 (bnc#707737).\n\n - sched: fix broken SCHED_RESET_ON_FORK handling\n (bnc#708877).\n\n - sched: Fix rt_rq runtime leakage bug (bnc#707096).\n\n - ACPI: allow passing down C1 information if no other\n C-states exist.\n\n - KDB: turn off kdb usb support by default (bnc#694670\n bnc#603804).\n\n - xfs: Added event tracing support.\n - xfs: fix xfs_fsblock_t tracing.\n\n - igb: extend maximum frame size to receive VLAN tagged\n frames (bnc#688859).\n\n - cfq: Do not allow queue merges for queues that have no\n process references (bnc#712929).\n - cfq: break apart merged cfqqs if they stop cooperating\n (bnc#712929).\n - cfq: calculate the seek_mean per cfq_queue not per\n cfq_io_context (bnc#712929).\n - cfq: change the meaning of the cfqq_coop flag\n (bnc#712929).\n - cfq-iosched: get rid of the coop_preempt flag\n (bnc#712929).\n - cfq: merge cooperating cfq_queues (bnc#712929).\n\n - Fix FDDI and TR config checks in ipv4 arp and LLC\n (bnc#715235).\n\n - writeback: do uninterruptible sleep in\n balance_dirty_pages() (bnc#699354 bnc#699357).\n - xfs: fix memory reclaim recursion deadlock on locked\n inode buffer (bnc#699355 bnc#699354).\n - xfs: use GFP_NOFS for page cache allocation (bnc#699355\n bnc#699354).\n\n - virtio-net: init link state correctly (bnc#714966).\n\n - cpufreq: pcc-cpufreq: sanity check to prevent a NULL\n pointer dereference (bnc#709412).\n\n - x86: ucode-amd: Do not warn when no ucode is available\n for a CPU\n\n - patches.arch/x86_64-unwind-annotations: Refresh\n (bnc#588458).\n - patches.suse/stack-unwind: Refresh (bnc#588458).\n\n - splice: direct_splice_actor() should not use pos in sd\n (bnc#715763).\n\n - qdio: 2nd stage retry on SIGA-W busy conditions\n (bnc#713138,LTC#74402).\n\n - TTY: pty, fix pty counting (bnc#711203).\n\n - Avoid deadlock in GFP_IO/GFP_FS allocation (bnc#632870).\n\n - novfs: fix some DirCache locking issues (bnc#669378).\n - novfs: fix some kmalloc/kfree issues (bnc#669378).\n - novfs: fix off-by-one allocation error (bnc#669378).\n - novfs: unlink directory after unmap (bnc#649625).\n - novfs: last modification time not reliable (bnc#642896).\n\n - x86 / IO APIC: Reset IRR in clear_IO_APIC_pin()\n (bnc#701686, bnc#667386).\n\n - mptfusion : Added check for SILI bit in READ_6 CDB for\n DATA UNDERRUN ERRATA (bnc #712456).\n\n - xfs: serialise unaligned direct IOs (bnc#707125).\n\n - NFS: Ensure that we handle NFS4ERR_STALE_STATEID\n correctly (bnc#701443).\n - NFSv4: Do not call nfs4_state_mark_reclaim_reboot() from\n error handlers (bnc#701443).\n - NFSv4: Fix open recovery (bnc#701443).\n - NFSv4.1: Do not call nfs4_schedule_state_recovery()\n unnecessarily (bnc#701443).\n\n", "edition": 1, "modified": "2011-10-08T01:08:26", "published": "2011-10-08T01:08:26", "id": "SUSE-SU-2011:1101-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00003.html", "type": "suse", "title": "kernel update for SLE11 SP1 (important)", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2020-11-11T13:23:56", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4110", "CVE-2011-4127", "CVE-2011-4611", "CVE-2011-4914", "CVE-2011-3353", "CVE-2011-2898", "CVE-2011-4077", "CVE-2011-2213", "CVE-2011-4622", "CVE-2011-2183"], "description": "- ----------------------------------------------------------------------\nDebian Security Advisory DSA-2389-1 security@debian.org\nhttp://www.debian.org/security/ Dann Frazier\nJanuary 15, 2012 http://www.debian.org/security/faq\n- ----------------------------------------------------------------------\n\nPackage : linux-2.6\nVulnerability : privilege escalation/denial of service/information leak\nProblem type : local/remote\nDebian-specific: no\nCVE Id(s) : CVE-2011-2183 CVE-2011-2213 CVE-2011-2898 CVE-2011-3353\n CVE-2011-4077 CVE-2011-4110 CVE-2011-4127 CVE-2011-4611\n CVE-2011-4622 CVE-2011-4914\n\nSeveral vulnerabilities have been discovered in the Linux kernel that may lead\nto a denial of service or privilege escalation. The Common Vulnerabilities and\nExposures project identifies the following problems:\n\nCVE-2011-2183\n\n Andrea Righi reported an issue in KSM, a memory-saving de-duplication\n feature. By exploiting a race with exiting tasks, local users can cause\n a kernel oops, resulting in a denial of service.\n \nCVE-2011-2213\n\n Dan Rosenberg discovered an issue in the INET socket monitoring interface.\n Local users could cause a denial of service by injecting code and causing\n the kernel to execute an infinite loop.\n\nCVE-2011-2898\n\n Eric Dumazet reported an information leak in the raw packet socket\n implementation.\n\nCVE-2011-3353\n\n Han-Wen Nienhuys reported a local denial of service issue issue in the FUSE\n (Filesystem in Userspace) support in the linux kernel. Local users could\n cause a buffer overflow, leading to a kernel oops and resulting in a denial\n of service.\n\nCVE-2011-4077\n\n Carlos Maiolino reported an issue in the XFS filesystem. A local user\n with the ability to mount a filesystem could corrupt memory resulting\n in a denial of service or possibly gain elevated privileges.\n\nCVE-2011-4110\n\n David Howells reported an issue in the kernel's access key retention\n system which allow local users to cause a kernel oops leading to a denial\n of service.\n\nCVE-2011-4127\n\n Paolo Bonzini of Red Hat reported an issue in the ioctl passthrough\n support for SCSI devices. Users with permission to access restricted\n portions of a device (e.g. a partition or a logical volume) can obtain\n access to the entire device by way of the SG_IO ioctl. This could be\n exploited by a local user or privileged VM guest to achieve a privilege\n escalation.\n\nCVE-2011-4611\n\n Maynard Johnson reported an issue with the perf support on POWER7 systems\n that allows local users to cause a denial of service.\n\nCVE-2011-4622\n\n Jan Kiszka reported an issue in the KVM PIT timer support. Local users\n with the permission to use KVM can cause a denial of service by starting\n a PIT timer without first setting up the irqchip.\n\nCVE-2011-4914\n\n Ben Hutchings reported various bounds checking issues within the ROSE\n protocol support in the kernel. Remote users could possibly use this\n to gain access to sensitive memory or cause a denial of service.\n\nFor the stable distribution (squeeze), this problem has been fixed in version\n2.6.32-39squeeze1. Updates for issues impacting the oldstable distribution\n(lenny) will be available soon.\n\nThe following matrix lists additional source packages that were rebuilt for\ncompatibility with or to take advantage of this update:\n\n Debian 6.0 (squeeze)\n user-mode-linux 2.6.32-1um-4+39squeeze1\n\nWe recommend that you upgrade your linux-2.6 and user-mode-linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2012-01-16T04:10:33", "published": "2012-01-16T04:10:33", "id": "DEBIAN:DSA-2389-1:215DA", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00013.html", "title": "[SECURITY] [DSA 2389-1] linux-2.6 security update", "type": "debian", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}]}
