DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562310842713", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu Update for linux-lts-utopic USN-2948-1", "description": "The remote host is missing an update for the ", "published": "2016-04-07T00:00:00", "modified": "2019-03-13T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842713", "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "references": ["2948-1", "http://www.ubuntu.com/usn/usn-2948-1/"], "cvelist": ["CVE-2016-2782", "CVE-2016-2847", "CVE-2016-0723", "CVE-2016-2085", "CVE-2015-8812", "CVE-2016-2550", "CVE-2015-7833", "CVE-2015-7566"], "immutableFields": [], "lastseen": "2019-05-29T18:35:35", "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2016-648", "ALAS-2016-669"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-07-01"]}, {"type": "centos", "idList": ["CESA-2016:2574"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:539F990C3DAAC021E491E8629DA539FE", "CFOUNDRY:C4D044657909D168617F0C63F623467E"]}, {"type": "cve", "idList": ["CVE-2015-7566", "CVE-2015-7833", "CVE-2015-8812", "CVE-2016-0723", "CVE-2016-2085", "CVE-2016-2250", "CVE-2016-2550", "CVE-2016-2782", "CVE-2016-2847"]}, {"type": "debian", "idList": ["DEBIAN:DLA-360-1:6C323", "DEBIAN:DLA-412-1:99076", "DEBIAN:DLA-439-1:BED7A", "DEBIAN:DSA-3396-1:605FF", "DEBIAN:DSA-3396-1:D48F1", "DEBIAN:DSA-3426-1:7C23A", "DEBIAN:DSA-3426-1:AC984", "DEBIAN:DSA-3448-1:04492", "DEBIAN:DSA-3448-1:C7742", "DEBIAN:DSA-3503-1:23448", "DEBIAN:DSA-3503-1:9DDFA"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-7566", "DEBIANCVE:CVE-2015-7833", "DEBIANCVE:CVE-2015-8812", "DEBIANCVE:CVE-2016-0723", "DEBIANCVE:CVE-2016-2085", "DEBIANCVE:CVE-2016-2550", "DEBIANCVE:CVE-2016-2782", "DEBIANCVE:CVE-2016-2847"]}, {"type": "exploitdb", "idList": ["EDB-ID:39540"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:AA6ABBE8E5BE3C243DF38A29FC076191", "EXPLOITPACK:C617424ADAF7B063C6D9C6F505360E69"]}, {"type": "f5", "idList": ["F5:K43650115", "F5:K80758444", "SOL80758444"]}, {"type": "fedora", "idList": ["FEDORA:02EB96052912", "FEDORA:07BC260D55CA", "FEDORA:0D267606CFB3", "FEDORA:14809606180F", "FEDORA:1CCEF6087EB7", "FEDORA:453986087A76", "FEDORA:664F260779AC", "FEDORA:67FB6618BD69", "FEDORA:9AEA46074A7D", "FEDORA:A5C89601FC0F", "FEDORA:B9F6A606511F", "FEDORA:C10006137EFA"]}, {"type": "fortinet", "idList": ["FG-IR-16-013"]}, {"type": "ibm", "idList": ["2ABC4CD376C07922A3144CF8116D979F4BDDE16EED9AADA11262FBF58C851DBF", "A0B51C5217767E75AB974BA93584FB1F969514BA8D7EE9EDD025C20F274C1D2F", "A18DD1594298170A7AF630CBFFA73E78138125D119FBC5D156128BBBD99A03EC", "B7EDA2450D13E204B60C3A3E7379E6FCCD587CB32FEB5041ADDA6CB8E3C44FC3", "F092FBBD34304315E258962CA397F72D24D88CD673A181734FDCE39754098484"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2016-0225", "MGASA-2016-0232", "MGASA-2016-0233"]}, {"type": "nessus", "idList": ["ALA_ALAS-2016-648.NASL", "ALA_ALAS-2016-669.NASL", "CENTOS_RHSA-2016-2574.NASL", "DEBIAN_DLA-360.NASL", "DEBIAN_DLA-412.NASL", "DEBIAN_DLA-439.NASL", "DEBIAN_DSA-3396.NASL", "DEBIAN_DSA-3426-1.NASL", "DEBIAN_DSA-3448.NASL", "DEBIAN_DSA-3503.NASL", "EULEROS_SA-2016-1020.NASL", "EULEROS_SA-2019-1488.NASL", "EULEROS_SA-2019-1489.NASL", "EULEROS_SA-2019-1492.NASL", "EULEROS_SA-2019-1519.NASL", "EULEROS_SA-2019-1524.NASL", "EULEROS_SA-2019-1527.NASL", "EULEROS_SA-2019-1528.NASL", "EULEROS_SA-2019-1530.NASL", "EULEROS_SA-2019-1536.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2531.NASL", "EULEROS_SA-2020-1112.NASL", "EULEROS_SA-2021-2857.NASL", "FEDORA_2015-AC9A19888E.NASL", "FEDORA_2015-C4ED00A68F.NASL", "FEDORA_2016-1642A20327.NASL", "FEDORA_2016-26E19F042A.NASL", "FEDORA_2016-2F25D12C51.NASL", "FEDORA_2016-5D43766E33.NASL", "FEDORA_2016-746BB5851D.NASL", "FEDORA_2016-7E12AE5359.NASL", "FEDORA_2016-9FBE2C258B.NASL", "FEDORA_2016-B59FD603BE.NASL", "FEDORA_2016-E6CFAFF4B1.NASL", "FEDORA_2016-E7162262B0.NASL", "OPENSUSE-2016-1015.NASL", "OPENSUSE-2016-1029.NASL", "OPENSUSE-2016-1076.NASL", "OPENSUSE-2016-124.NASL", "OPENSUSE-2016-256.NASL", "OPENSUSE-2016-445.NASL", "OPENSUSE-2016-518.NASL", "OPENSUSE-2016-629.NASL", "OPENSUSE-2016-862.NASL", "ORACLELINUX_ELSA-2016-2574.NASL", "ORACLELINUX_ELSA-2016-3596.NASL", "ORACLELINUX_ELSA-2017-3566.NASL", "ORACLELINUX_ELSA-2017-3567.NASL", "ORACLEVM_OVMSA-2016-0100.NASL", "ORACLEVM_OVMSA-2017-0105.NASL", "ORACLEVM_OVMSA-2017-0106.NASL", "REDHAT-RHSA-2016-2574.NASL", "REDHAT-RHSA-2016-2584.NASL", "REDHAT-RHSA-2017-0217.NASL", "SL_20161103_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2016-0585-1.NASL", "SUSE_SU-2016-0785-1.NASL", "SUSE_SU-2016-0911-1.NASL", "SUSE_SU-2016-1019-1.NASL", "SUSE_SU-2016-1203-1.NASL", "SUSE_SU-2016-1672-1.NASL", "SUSE_SU-2016-1690-1.NASL", "SUSE_SU-2016-1696-1.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2016-2105-1.NASL", "SUSE_SU-2016-2245-1.NASL", "SUSE_SU-2017-0333-1.NASL", "UBUNTU_USN-2929-1.NASL", "UBUNTU_USN-2929-2.NASL", "UBUNTU_USN-2930-1.NASL", "UBUNTU_USN-2930-2.NASL", "UBUNTU_USN-2930-3.NASL", "UBUNTU_USN-2932-1.NASL", "UBUNTU_USN-2946-1.NASL", "UBUNTU_USN-2946-2.NASL", "UBUNTU_USN-2947-1.NASL", "UBUNTU_USN-2947-2.NASL", "UBUNTU_USN-2947-3.NASL", "UBUNTU_USN-2948-1.NASL", "UBUNTU_USN-2948-2.NASL", "UBUNTU_USN-2949-1.NASL", "UBUNTU_USN-2965-2.NASL", "UBUNTU_USN-2967-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120638", "OPENVAS:1361412562310120659", "OPENVAS:1361412562310703396", "OPENVAS:1361412562310703426", "OPENVAS:1361412562310703448", "OPENVAS:1361412562310703503", "OPENVAS:1361412562310806985", "OPENVAS:1361412562310807219", "OPENVAS:1361412562310807225", "OPENVAS:1361412562310807437", "OPENVAS:1361412562310807454", "OPENVAS:1361412562310807465", "OPENVAS:1361412562310807494", "OPENVAS:1361412562310842686", "OPENVAS:1361412562310842690", "OPENVAS:1361412562310842691", "OPENVAS:1361412562310842692", "OPENVAS:1361412562310842693", "OPENVAS:1361412562310842698", "OPENVAS:1361412562310842707", "OPENVAS:1361412562310842708", "OPENVAS:1361412562310842709", "OPENVAS:1361412562310842710", "OPENVAS:1361412562310842711", "OPENVAS:1361412562310842712", "OPENVAS:1361412562310842734", "OPENVAS:1361412562310842735", "OPENVAS:1361412562310842741", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310851215", "OPENVAS:1361412562310851242", "OPENVAS:1361412562310851273", "OPENVAS:1361412562310851320", "OPENVAS:1361412562310851358", "OPENVAS:1361412562310851386", "OPENVAS:1361412562310851388", "OPENVAS:1361412562310851390", "OPENVAS:1361412562310871708", "OPENVAS:1361412562311220161020", "OPENVAS:1361412562311220191488", "OPENVAS:1361412562311220191489", "OPENVAS:1361412562311220191492", "OPENVAS:1361412562311220191519", "OPENVAS:1361412562311220191524", "OPENVAS:1361412562311220191527", "OPENVAS:1361412562311220191528", "OPENVAS:1361412562311220191530", "OPENVAS:1361412562311220191536", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192531", "OPENVAS:1361412562311220201112", "OPENVAS:703396", "OPENVAS:703426", "OPENVAS:703448", "OPENVAS:703503"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2018"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-0855", "ELSA-2016-2574", "ELSA-2016-3596", "ELSA-2017-3566", "ELSA-2017-3567"]}, {"type": "osv", "idList": ["OSV:DLA-360-1", "OSV:DLA-412-1", "OSV:DLA-439-1", "OSV:DSA-3396-1", "OSV:DSA-3426-1", "OSV:DSA-3448-1", "OSV:DSA-3503-1"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:136141", "PACKETSTORM:136142", "PACKETSTORM:136218"]}, {"type": "redhat", "idList": ["RHSA-2016:2574", "RHSA-2016:2584", "RHSA-2017:0217"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:0301-1", "OPENSUSE-SU-2016:0537-1", "OPENSUSE-SU-2016:1008-1", "OPENSUSE-SU-2016:1382-1", "OPENSUSE-SU-2016:2144-1", "OPENSUSE-SU-2016:2184-1", "OPENSUSE-SU-2016:2290-1", "OPENSUSE-SU-2016:2649-1", "SUSE-SU-2016:0585-1", "SUSE-SU-2016:0785-1", "SUSE-SU-2016:0911-1", "SUSE-SU-2016:1019-1", "SUSE-SU-2016:1031-1", "SUSE-SU-2016:1032-1", "SUSE-SU-2016:1033-1", "SUSE-SU-2016:1034-1", "SUSE-SU-2016:1035-1", "SUSE-SU-2016:1037-1", "SUSE-SU-2016:1038-1", "SUSE-SU-2016:1039-1", "SUSE-SU-2016:1040-1", "SUSE-SU-2016:1041-1", "SUSE-SU-2016:1045-1", "SUSE-SU-2016:1046-1", "SUSE-SU-2016:1102-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:1672-1", "SUSE-SU-2016:1690-1", "SUSE-SU-2016:1696-1", "SUSE-SU-2016:1707-1", "SUSE-SU-2016:1764-1", "SUSE-SU-2016:1937-1", "SUSE-SU-2016:1985-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2016:2105-1", "SUSE-SU-2016:2245-1", "SUSE-SU-2017:0333-1"]}, {"type": "ubuntu", "idList": ["USN-2929-1", "USN-2929-2", "USN-2930-1", "USN-2930-2", "USN-2930-3", "USN-2932-1", "USN-2946-1", "USN-2946-2", "USN-2947-1", "USN-2947-2", "USN-2947-3", "USN-2948-1", "USN-2948-2", "USN-2949-1", "USN-2965-2", "USN-2967-1", "USN-2967-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-7566", "UB:CVE-2015-7833", "UB:CVE-2015-8812", "UB:CVE-2016-0723", "UB:CVE-2016-2085", "UB:CVE-2016-2550", "UB:CVE-2016-2782", "UB:CVE-2016-2847"]}, {"type": "zdt", "idList": ["1337DAY-ID-25869", "1337DAY-ID-25870"]}]}, "score": {"value": 0.2, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2016-669"]}, {"type": "centos", "idList": ["CESA-2016:2574"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:539F990C3DAAC021E491E8629DA539FE"]}, {"type": "cve", "idList": ["CVE-2015-7566", "CVE-2015-7833", "CVE-2016-0723"]}, {"type": "debian", "idList": ["DEBIAN:DLA-439-1:BED7A", "DEBIAN:DSA-3426-1:AC984"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2015-7566", "DEBIANCVE:CVE-2015-7833", "DEBIANCVE:CVE-2015-8812", "DEBIANCVE:CVE-2016-0723", "DEBIANCVE:CVE-2016-2085", "DEBIANCVE:CVE-2016-2550", "DEBIANCVE:CVE-2016-2782", "DEBIANCVE:CVE-2016-2847"]}, {"type": "exploitdb", "idList": ["EDB-ID:39539", "EDB-ID:39540"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:C617424ADAF7B063C6D9C6F505360E69"]}, {"type": "fedora", "idList": ["FEDORA:1CCEF6087EB7", "FEDORA:67FB6618BD69"]}, {"type": "fortinet", "idList": ["FG-IR-16-013"]}, {"type": "ibm", "idList": ["2ABC4CD376C07922A3144CF8116D979F4BDDE16EED9AADA11262FBF58C851DBF"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2015-7833/"]}, {"type": "nessus", "idList": ["ALA_ALAS-2016-648.NASL", "ALA_ALAS-2016-669.NASL", "DEBIAN_DLA-412.NASL", "EULEROS_SA-2019-2353.NASL", "FEDORA_2016-1642A20327.NASL", "FEDORA_2016-26E19F042A.NASL", "FEDORA_2016-2F25D12C51.NASL", "FEDORA_2016-746BB5851D.NASL", "FEDORA_2016-7E12AE5359.NASL", "FEDORA_2016-9FBE2C258B.NASL", "FEDORA_2016-E6CFAFF4B1.NASL", "FEDORA_2016-E7162262B0.NASL", "OPENSUSE-2016-256.NASL", "SUSE_SU-2017-0333-1.NASL", "UBUNTU_USN-2930-1.NASL", "UBUNTU_USN-2930-2.NASL", "UBUNTU_USN-2930-3.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310806985", "OPENVAS:703396", "OPENVAS:703426"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2018"]}, {"type": "oraclelinux", "idList": ["ELSA-2016-2574"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:136218"]}, {"type": "redhat", "idList": ["RHSA-2016:2584"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:0301-1", "SUSE-SU-2016:1031-1"]}, {"type": "ubuntu", "idList": ["USN-2929-1", "USN-2929-2", "USN-2930-1", "USN-2930-2", "USN-2930-3", "USN-2932-1", "USN-2947-1", "USN-2947-2", "USN-2947-3", "USN-2948-1", "USN-2948-2", "USN-2967-1", "USN-2967-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-7833", "UB:CVE-2016-0723"]}, {"type": "zdt", "idList": ["1337DAY-ID-25869"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2016-2782", "epss": "0.003210000", "percentile": "0.659280000", "modified": "2023-03-15"}, {"cve": "CVE-2016-2847", "epss": "0.001000000", "percentile": "0.397550000", "modified": "2023-03-15"}, {"cve": "CVE-2016-0723", "epss": "0.001110000", "percentile": "0.426690000", "modified": "2023-03-15"}, {"cve": "CVE-2016-2085", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8812", "epss": "0.040070000", "percentile": "0.906800000", "modified": "2023-03-15"}, {"cve": "CVE-2016-2550", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-7833", "epss": "0.001950000", "percentile": "0.555780000", "modified": "2023-03-15"}, {"cve": "CVE-2015-7566", "epss": "0.002970000", "percentile": "0.645730000", "modified": "2023-03-15"}], "vulnersScore": 0.2}, "_state": {"dependencies": 1678913968, "score": 1683821708, "epss": 1678928294}, "_internal": {"score_hash": "5372509f84648adc7a94383418cade56"}, "pluginID": "1361412562310842713", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-utopic USN-2948-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842713\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-04-07 05:01:24 +0200 (Thu, 07 Apr 2016)\");\n script_cve_id(\"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-0723\",\n \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2782\", \"CVE-2016-2847\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-utopic USN-2948-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-utopic'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Ralf Spenneberg discovered that the USB\n driver for Clie devices in the Linux kernel did not properly sanity check\n the endpoints reported by the device. An attacker with physical access could\n cause a denial of service (system crash). (CVE-2015-7566)\n\n Ralf Spenneberg discovered that the usbvision driver in the Linux kernel\n did not properly sanity check the interfaces and endpoints reported by the\n device. An attacker with physical access could cause a denial of service\n (system crash). (CVE-2015-7833)\n\n Venkatesh Pottem discovered a use-after-free vulnerability in the Linux\n kernel's CXGB3 driver. A local attacker could use this to cause a denial of\n service (system crash) or possibly execute arbitrary code. (CVE-2015-8812)\n\n It was discovered that a race condition existed in the ioctl handler for\n the TTY driver in the Linux kernel. A local attacker could use this to\n cause a denial of service (system crash) or expose sensitive information.\n (CVE-2016-0723)\n\n Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux\n Extended Verification Module (EVM). An attacker could use this to affect\n system integrity. (CVE-2016-2085)\n\n David Herrmann discovered that the Linux kernel incorrectly accounted file\n descriptors to the original opener for in-flight file descriptors sent over\n a unix domain socket. A local attacker could use this to cause a denial of\n service (resource exhaustion). (CVE-2016-2550)\n\n Ralf Spenneberg discovered that the USB driver for Treo devices in the\n Linux kernel did not properly sanity check the endpoints reported by the\n device. An attacker with physical access could cause a denial of service\n (system crash). (CVE-2016-2782)\n\n It was discovered that the Linux kernel did not enforce limits on the\n amount of data allocated to buffer pipes. A local attacker could use this\n to cause a denial of service (resource exhaustion). (CVE-2016-2847)\");\n script_tag(name:\"affected\", value:\"linux-lts-utopic on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"2948-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2948-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-69-generic\", ver:\"3.16.0-69.89~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-69-generic-lpae\", ver:\"3.16.0-69.89~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-69-lowlatency\", ver:\"3.16.0-69.89~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-69-powerpc-e500mc\", ver:\"3.16.0-69.89~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-69-powerpc-smp\", ver:\"3.16.0-69.89~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-69-powerpc64-emb\", ver:\"3.16.0-69.89~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-69-powerpc64-smp\", ver:\"3.16.0-69.89~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Ubuntu Local Security Checks"}

{"nessus": [{"lastseen": "2023-05-18T14:22:56", "description": "USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect reference counting fix in the radeon driver introduced a regression that could cause a system crash. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2015-8812)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-13T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-utopic regression (USN-2948-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7566", "CVE-2015-7833", "CVE-2015-8812", "CVE-2016-0723", "CVE-2016-2085", "CVE-2016-2550", "CVE-2016-2782", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2948-2.NASL", "href": "https://www.tenable.com/plugins/nessus/90507", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2948-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90507);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-0723\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2782\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2948-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic regression (USN-2948-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-2948-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel\nbackported to Ubuntu 14.04 LTS. An incorrect reference counting fix in\nthe radeon driver introduced a regression that could cause a system\ncrash. This update fixes the problem.\n\nWe apologize for the inconvenience.\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the\nLinux kernel did not properly sanity check the interfaces\nand endpoints reported by the device. An attacker with\nphysical access could cause a denial of service (system\ncrash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability\nin the Linux kernel's CXGB3 driver. A local attacker could\nuse this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2015-8812)\n\nIt was discovered that a race condition existed in the ioctl\nhandler for the TTY driver in the Linux kernel. A local\nattacker could use this to cause a denial of service (system\ncrash) or expose sensitive information. (CVE-2016-0723)\n\nXiaofei Rex Guo discovered a timing side channel\nvulnerability in the Linux Extended Verification Module\n(EVM). An attacker could use this to affect system\nintegrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly\naccounted file descriptors to the original opener for\nin-flight file descriptors sent over a unix domain socket. A\nlocal attacker could use this to cause a denial of service\n(resource exhaustion). (CVE-2016-2550)\n\nRalf Spenneberg discovered that the USB driver for Treo\ndevices in the Linux kernel did not properly sanity check\nthe endpoints reported by the device. An attacker with\nphysical access could cause a denial of service (system\ncrash). (CVE-2016-2782)\n\nIt was discovered that the Linux kernel did not enforce\nlimits on the amount of data allocated to buffer pipes. A\nlocal attacker could use this to cause a denial of service\n(resource exhaustion). (CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2948-2/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-0723\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2782\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2948-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-70-generic\", pkgver:\"3.16.0-70.90~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-70-generic-lpae\", pkgver:\"3.16.0-70.90~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-70-lowlatency\", pkgver:\"3.16.0-70.90~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:14", "description": "Ralf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2948-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7566", "CVE-2015-7833", "CVE-2015-8812", "CVE-2016-0723", "CVE-2016-2085", "CVE-2016-2550", "CVE-2016-2782", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2948-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90405", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2948-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90405);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-0723\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2782\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2948-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-utopic vulnerabilities (USN-2948-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ralf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nIt was discovered that a race condition existed in the ioctl handler\nfor the TTY driver in the Linux kernel. A local attacker could use\nthis to cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2016-0723)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2016-2782)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2948-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.16-generic,\nlinux-image-3.16-generic-lpae and / or linux-image-3.16-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.16-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-0723\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2782\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2948-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-69-generic\", pkgver:\"3.16.0-69.89~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-69-generic-lpae\", pkgver:\"3.16.0-69.89~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.16.0-69-lowlatency\", pkgver:\"3.16.0-69.89~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.16-generic / linux-image-3.16-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:10", "description": "Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2946-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2946-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90400", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2946-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90400);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2946-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2946-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Venkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2946-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2946-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-85-generic\", pkgver:\"3.13.0-85.129\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-85-generic-lpae\", pkgver:\"3.13.0-85.129\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-85-lowlatency\", pkgver:\"3.13.0-85.129\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:23", "description": "Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2949-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2949-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90406", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2949-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90406);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2949-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2949-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Venkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2949-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2949-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-58-generic\", pkgver:\"3.19.0-58.64~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-58-generic-lpae\", pkgver:\"3.19.0-58.64~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-58-lowlatency\", pkgver:\"3.19.0-58.64~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:23", "description": "Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2946-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2946-2.NASL", "href": "https://www.tenable.com/plugins/nessus/90401", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2946-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90401);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2946-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2946-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Venkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2946-2/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2946-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-85-generic\", pkgver:\"3.13.0-85.129~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-85-generic-lpae\", pkgver:\"3.13.0-85.129~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:54", "description": "Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not correctly compute branch offsets for backward jumps after ctx expansion. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2947-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7833", "CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2383", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2947-2.NASL", "href": "https://www.tenable.com/plugins/nessus/90403", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2947-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90403);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2947-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2947-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ralf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel did not correctly compute branch\noffsets for backward jumps after ctx expansion. A local attacker could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2947-2/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2947-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-35-generic\", pkgver:\"4.2.0-35.40~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-35-generic-lpae\", pkgver:\"4.2.0-35.40~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-35-lowlatency\", pkgver:\"4.2.0-35.40~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:54", "description": "Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not correctly compute branch offsets for backward jumps after ctx expansion. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux vulnerabilities (USN-2947-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7833", "CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2383", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2947-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90402", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2947-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90402);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2947-1\");\n\n script_name(english:\"Ubuntu 15.10 : linux vulnerabilities (USN-2947-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ralf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel did not correctly compute branch\noffsets for backward jumps after ctx expansion. A local attacker could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2947-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2947-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-35-generic\", pkgver:\"4.2.0-35.40\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-35-generic-lpae\", pkgver:\"4.2.0-35.40\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-35-lowlatency\", pkgver:\"4.2.0-35.40\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:12", "description": "Ralf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the Linux Extended Verification Module (EVM). An attacker could use this to affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel did not correctly compute branch offsets for backward jumps after ctx expansion. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted file descriptors to the original opener for in-flight file descriptors sent over a unix domain socket. A local attacker could use this to cause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-07T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2947-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7833", "CVE-2015-8812", "CVE-2016-2085", "CVE-2016-2383", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2947-3.NASL", "href": "https://www.tenable.com/plugins/nessus/90404", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2947-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(90404);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2947-3\");\n\n script_name(english:\"Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2947-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ralf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nXiaofei Rex Guo discovered a timing side channel vulnerability in the\nLinux Extended Verification Module (EVM). An attacker could use this\nto affect system integrity. (CVE-2016-2085)\n\nIt was discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel did not correctly compute branch\noffsets for backward jumps after ctx expansion. A local attacker could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2016-2383)\n\nDavid Herrmann discovered that the Linux kernel incorrectly accounted\nfile descriptors to the original opener for in-flight file descriptors\nsent over a unix domain socket. A local attacker could use this to\ncause a denial of service (resource exhaustion). (CVE-2016-2550)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2947-3/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected linux-image-4.2-raspi2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7833\", \"CVE-2015-8812\", \"CVE-2016-2085\", \"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2947-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-1028-raspi2\", pkgver:\"4.2.0-1028.36\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-raspi2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:38", "description": "Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134)\n\nBen Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nIt was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2930-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7566", "CVE-2015-8767", "CVE-2016-0723", "CVE-2016-2384", "CVE-2016-2782", "CVE-2016-3134", "CVE-2016-3135"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2930-3.NASL", "href": "https://www.tenable.com/plugins/nessus/89995", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2930-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89995);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3134\", \"CVE-2016-3135\");\n script_xref(name:\"USN\", value:\"2930-3\");\n\n script_name(english:\"Ubuntu 15.10 : linux-raspi2 vulnerabilities (USN-2930-3)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux netfilter implementation did not\ncorrectly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code with\nadministrative privileges. (CVE-2016-3134)\n\nBen Hawkes discovered an integer overflow in the Linux netfilter\nimplementation. On systems running 32 bit kernels, a local\nunprivileged attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code with administrative\nprivileges. (CVE-2016-3135)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nIt was discovered that a race condition existed when handling\nheartbeat- timeout events in the SCTP implementation of the Linux\nkernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nIt was discovered that a race condition existed in the ioctl handler\nfor the TTY driver in the Linux kernel. A local attacker could use\nthis to cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly\nperformed a double-free. A local attacker with physical access could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2930-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-4.2-raspi2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3134\", \"CVE-2016-3135\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2930-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-1027-raspi2\", pkgver:\"4.2.0-1027.35\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-raspi2\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:07", "description": "Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134)\n\nBen Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nIt was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-15T00:00:00", "type": "nessus", "title": "Ubuntu 15.10 : linux vulnerabilities (USN-2930-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7566", "CVE-2015-8767", "CVE-2016-0723", "CVE-2016-2384", "CVE-2016-2782", "CVE-2016-3134", "CVE-2016-3135"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:15.10"], "id": "UBUNTU_USN-2930-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89934", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2930-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89934);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3134\", \"CVE-2016-3135\");\n script_xref(name:\"USN\", value:\"2930-1\");\n\n script_name(english:\"Ubuntu 15.10 : linux vulnerabilities (USN-2930-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux netfilter implementation did not\ncorrectly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code with\nadministrative privileges. (CVE-2016-3134)\n\nBen Hawkes discovered an integer overflow in the Linux netfilter\nimplementation. On systems running 32 bit kernels, a local\nunprivileged attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code with administrative\nprivileges. (CVE-2016-3135)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nIt was discovered that a race condition existed when handling\nheartbeat- timeout events in the SCTP implementation of the Linux\nkernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nIt was discovered that a race condition existed in the ioctl handler\nfor the TTY driver in the Linux kernel. A local attacker could use\nthis to cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly\nperformed a double-free. A local attacker with physical access could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2930-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(15\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 15.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3134\", \"CVE-2016-3135\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2930-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-34-generic\", pkgver:\"4.2.0-34.39\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-34-generic-lpae\", pkgver:\"4.2.0-34.39\")) flag++;\nif (ubuntu_check(osver:\"15.10\", pkgname:\"linux-image-4.2.0-34-lowlatency\", pkgver:\"4.2.0-34.39\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:11", "description": "Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134)\n\nBen Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nIt was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-15T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2930-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7566", "CVE-2015-8767", "CVE-2016-0723", "CVE-2016-2384", "CVE-2016-2782", "CVE-2016-3134", "CVE-2016-3135"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2930-2.NASL", "href": "https://www.tenable.com/plugins/nessus/89935", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2930-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89935);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3134\", \"CVE-2016-3135\");\n script_xref(name:\"USN\", value:\"2930-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-wily vulnerabilities (USN-2930-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux netfilter implementation did not\ncorrectly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code with\nadministrative privileges. (CVE-2016-3134)\n\nBen Hawkes discovered an integer overflow in the Linux netfilter\nimplementation. On systems running 32 bit kernels, a local\nunprivileged attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code with administrative\nprivileges. (CVE-2016-3135)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nIt was discovered that a race condition existed when handling\nheartbeat- timeout events in the SCTP implementation of the Linux\nkernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nIt was discovered that a race condition existed in the ioctl handler\nfor the TTY driver in the Linux kernel. A local attacker could use\nthis to cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly\nperformed a double-free. A local attacker with physical access could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2930-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.2-generic,\nlinux-image-4.2-generic-lpae and / or linux-image-4.2-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.2-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3134\", \"CVE-2016-3135\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2930-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-34-generic\", pkgver:\"4.2.0-34.39~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-34-generic-lpae\", pkgver:\"4.2.0-34.39~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.2.0-34-lowlatency\", pkgver:\"4.2.0-34.39~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.2-generic / linux-image-4.2-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:35", "description": "When running as a Xen 64-bit PV guest, user mode processes not supposed to be able to access I/O ports may be granted such permission, potentially resulting in one or more of in-guest privilege escalation, guest crashes (Denial of Service), or in-guest information leaks. (CVE-2016-3157)\n\nIn some cases, the kernel did not correctly fix backward jumps in a new eBPF program, which could allow arbitrary reads. (CVE-2016-2383)\n\nThe kernel incorrectly accounted for the number of in-flight fds over a unix domain socket to the original opener of the file descriptor.\nAnother process could arbitrarily deplete the original file opener's maximum open files resource limit. (CVE-2016-2550)\n\nA resource-exhaustion vulnerability was found in the kernel, where an unprivileged process could allocate and accumulate far more file descriptors than the process' limit. A local, unauthenticated user could exploit this flaw by sending file descriptors over a Unix socket and then closing them to keep the process' fd count low, thereby creating kernel-memory or file-descriptors exhaustion (denial of service). (CVE-2016-2847)", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2016-669)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2383", "CVE-2016-2550", "CVE-2016-2847", "CVE-2016-3157"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-669.NASL", "href": "https://www.tenable.com/plugins/nessus/89966", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-669.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(89966);\n script_version(\"2.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2016-2383\", \"CVE-2016-2550\", \"CVE-2016-2847\", \"CVE-2016-3157\");\n script_xref(name:\"ALAS\", value:\"2016-669\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2016-669)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When running as a Xen 64-bit PV guest, user mode processes not\nsupposed to be able to access I/O ports may be granted such\npermission, potentially resulting in one or more of in-guest privilege\nescalation, guest crashes (Denial of Service), or in-guest information\nleaks. (CVE-2016-3157)\n\nIn some cases, the kernel did not correctly fix backward jumps in a\nnew eBPF program, which could allow arbitrary reads. (CVE-2016-2383)\n\nThe kernel incorrectly accounted for the number of in-flight fds over\na unix domain socket to the original opener of the file descriptor.\nAnother process could arbitrarily deplete the original file opener's\nmaximum open files resource limit. (CVE-2016-2550)\n\nA resource-exhaustion vulnerability was found in the kernel, where an\nunprivileged process could allocate and accumulate far more file\ndescriptors than the process' limit. A local, unauthenticated user\ncould exploit this flaw by sending file descriptors over a Unix socket\nand then closing them to keep the process' fd count low, thereby\ncreating kernel-memory or file-descriptors exhaustion (denial of\nservice). (CVE-2016-2847)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-669.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.1.19-24.31.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.1.19-24.31.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-30T14:59:07", "description": "It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. (CVE-2013-4312)\n\nRalf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7515)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nIt was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nIt was discovered that the Linux kernel did not keep accurate track of pipe buffer details when error conditions occurred, due to an incomplete fix for CVE-2015-1805. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-0774)\n\nZach Riggle discovered that the Linux kernel's list poison feature did not take into account the mmap_min_addr value. A local attacker could use this to bypass the kernel's poison-pointer protection mechanism while attempting to exploit an existing kernel vulnerability.\n(CVE-2016-0821)\n\nAndy Lutomirski discovered a race condition in the Linux kernel's translation lookaside buffer (TLB) handling of flush events. A local attacker could use this to cause a denial of service or possibly leak sensitive information. (CVE-2016-2069)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework did not verify that a FIFO was attached to a client before attempting to clear it. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2543)\n\nDmitry Vyukov discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) framework between timer setup and closing of the client, resulting in a use-after-free. A local attacker could use this to cause a denial of service. (CVE-2016-2544)\n\nDmitry Vyukov discovered a race condition in the timer handling implementation of the Advanced Linux Sound Architecture (ALSA) framework, resulting in a use-after-free. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2545)\n\nDmitry Vyukov discovered race conditions in the Advanced Linux Sound Architecture (ALSA) framework's timer ioctls leading to a use-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2016-2546)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers did not properly manage its data structures. A local attacker could use this to cause a denial of service (system hang or crash) or possibly execute arbitrary code. (CVE-2016-2547, CVE-2016-2548)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers could lead to a deadlock condition. A local attacker could use this to cause a denial of service (system hang). (CVE-2016-2549)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782)\n\nIt was discovered that the Linux kernel did not enforce limits on the amount of data allocated to buffer pipes. A local attacker could use this to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-05-12T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerabilities (USN-2967-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-1805", "CVE-2015-7515", "CVE-2015-7566", "CVE-2015-7833", "CVE-2015-8767", "CVE-2015-8812", "CVE-2016-0723", "CVE-2016-0774", "CVE-2016-0821", "CVE-2016-2069", "CVE-2016-2543", "CVE-2016-2544", "CVE-2016-2545", "CVE-2016-2546", "CVE-2016-2547", "CVE-2016-2548", "CVE-2016-2549", "CVE-2016-2782", "CVE-2016-2847"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2967-1.NASL", "href": "https://www.tenable.com/plugins/nessus/91087", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2967-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91087);\n script_version(\"2.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-1805\", \"CVE-2015-7515\", \"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8767\", \"CVE-2015-8812\", \"CVE-2016-0723\", \"CVE-2016-0774\", \"CVE-2016-0821\", \"CVE-2016-2069\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2782\", \"CVE-2016-2847\");\n script_xref(name:\"USN\", value:\"2967-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerabilities (USN-2967-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that the Linux kernel did not properly enforce\nrlimits for file descriptors sent over UNIX domain sockets. A local\nattacker could use this to cause a denial of service. (CVE-2013-4312)\n\nRalf Spenneberg discovered that the Aiptek Tablet USB device driver in\nthe Linux kernel did not properly sanity check the endpoints reported\nby the device. An attacker with physical access could cause a denial\nof service (system crash). (CVE-2015-7515)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nIt was discovered that a race condition existed when handling\nheartbeat- timeout events in the SCTP implementation of the Linux\nkernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nVenkatesh Pottem discovered a use-after-free vulnerability in the\nLinux kernel's CXGB3 driver. A local attacker could use this to cause\na denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2015-8812)\n\nIt was discovered that a race condition existed in the ioctl handler\nfor the TTY driver in the Linux kernel. A local attacker could use\nthis to cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2016-0723)\n\nIt was discovered that the Linux kernel did not keep accurate track of\npipe buffer details when error conditions occurred, due to an\nincomplete fix for CVE-2015-1805. A local attacker could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode with administrative privileges. (CVE-2016-0774)\n\nZach Riggle discovered that the Linux kernel's list poison feature did\nnot take into account the mmap_min_addr value. A local attacker could\nuse this to bypass the kernel's poison-pointer protection mechanism\nwhile attempting to exploit an existing kernel vulnerability.\n(CVE-2016-0821)\n\nAndy Lutomirski discovered a race condition in the Linux kernel's\ntranslation lookaside buffer (TLB) handling of flush events. A local\nattacker could use this to cause a denial of service or possibly leak\nsensitive information. (CVE-2016-2069)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework did not verify that a FIFO was attached to a client\nbefore attempting to clear it. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2016-2543)\n\nDmitry Vyukov discovered that a race condition existed in the Advanced\nLinux Sound Architecture (ALSA) framework between timer setup and\nclosing of the client, resulting in a use-after-free. A local attacker\ncould use this to cause a denial of service. (CVE-2016-2544)\n\nDmitry Vyukov discovered a race condition in the timer handling\nimplementation of the Advanced Linux Sound Architecture (ALSA)\nframework, resulting in a use-after-free. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2016-2545)\n\nDmitry Vyukov discovered race conditions in the Advanced Linux Sound\nArchitecture (ALSA) framework's timer ioctls leading to a\nuse-after-free. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2016-2546)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework's handling of high resolution timers did not properly\nmanage its data structures. A local attacker could use this to cause a\ndenial of service (system hang or crash) or possibly execute arbitrary\ncode. (CVE-2016-2547, CVE-2016-2548)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework's handling of high resolution timers could lead to a\ndeadlock condition. A local attacker could use this to cause a denial\nof service (system hang). (CVE-2016-2549)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2016-2782)\n\nIt was discovered that the Linux kernel did not enforce limits on the\namount of data allocated to buffer pipes. A local attacker could use\nthis to cause a denial of service (resource exhaustion).\n(CVE-2016-2847).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2967-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/08/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/05/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2023 Canonical, Inc. / NASL script (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4312\", \"CVE-2015-1805\", \"CVE-2015-7515\", \"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8767\", \"CVE-2015-8812\", \"CVE-2016-0723\", \"CVE-2016-0774\", \"CVE-2016-0821\", \"CVE-2016-2069\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2782\", \"CVE-2016-2847\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2967-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-102-generic\", pkgver:\"3.2.0-102.142\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-102-generic-pae\", pkgver:\"3.2.0-102.142\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-102-highbank\", pkgver:\"3.2.0-102.142\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-102-virtual\", pkgver:\"3.2.0-102.142\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:03", "description": "The 4.4.3 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.4.3-300.fc23 (2016-1642a20327)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2550"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-1642A20327.NASL", "href": "https://www.tenable.com/plugins/nessus/89482", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-1642a20327.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89482);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2550\");\n script_xref(name:\"FEDORA\", value:\"2016-1642a20327\");\n\n script_name(english:\"Fedora 23 : kernel-4.4.3-300.fc23 (2016-1642a20327)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.4.3 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1311517\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178240.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e49a5d1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.4.3-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:15:49", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation or denial-of-service.\n\n - CVE-2013-4312 Tetsuo Handa discovered that it is possible for a process to open far more files than the process' limit leading to denial-of-service conditions.\n\n - CVE-2015-7566 Ralf Spenneberg of OpenSource Security reported that the visor driver crashes when a specially crafted USB device without bulk-out endpoint is detected.\n\n - CVE-2015-8767 An SCTP denial-of-service was discovered which can be triggered by a local attacker during a heartbeat timeout event after the 4-way handshake.\n\n - CVE-2016-0723 A use-after-free vulnerability was discovered in the TIOCGETD ioctl. A local attacker could use this flaw for denial-of-service.\n\n - CVE-2016-0728 The Perception Point research team discovered a use-after-free vulnerability in the keyring facility, possibly leading to local privilege escalation.", "cvss3": {}, "published": "2016-01-20T00:00:00", "type": "nessus", "title": "Debian DSA-3448-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-7566", "CVE-2015-8767", "CVE-2016-0723", "CVE-2016-0728"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3448.NASL", "href": "https://www.tenable.com/plugins/nessus/87995", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3448. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(87995);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-0728\");\n script_xref(name:\"DSA\", value:\"3448\");\n\n script_name(english:\"Debian DSA-3448-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation or denial-of-service.\n\n - CVE-2013-4312\n Tetsuo Handa discovered that it is possible for a\n process to open far more files than the process' limit\n leading to denial-of-service conditions.\n\n - CVE-2015-7566\n Ralf Spenneberg of OpenSource Security reported that the\n visor driver crashes when a specially crafted USB device\n without bulk-out endpoint is detected.\n\n - CVE-2015-8767\n An SCTP denial-of-service was discovered which can be\n triggered by a local attacker during a heartbeat timeout\n event after the 4-way handshake.\n\n - CVE-2016-0723\n A use-after-free vulnerability was discovered in the\n TIOCGETD ioctl. A local attacker could use this flaw for\n denial-of-service.\n\n - CVE-2016-0728\n The Perception Point research team discovered a\n use-after-free vulnerability in the keyring facility,\n possibly leading to local privilege escalation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3448\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.16.7-ckt20-1+deb8u3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-x86\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-586\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-686-pae\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-amd64\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armel\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armhf\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-i386\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-common\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-orion5x\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-versatile\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-586\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae-dbg\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64-dbg\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-orion5x\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-versatile\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-9\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:43", "description": "This update fixes the CVEs described below.\n\nCVE-2015-7566\n\nRalf Spenneberg of OpenSource Security reported that the visor driver crashes when a specially crafted USB device without bulk-out endpoint is detected.\n\nCVE-2015-8767\n\nAn SCTP denial of service was discovered which can be triggered by a local attacker during a heartbeat timeout event after the 4-way handshake.\n\nCVE-2015-8785\n\nIt was discovered that local users permitted to write to a file on a FUSE filesystem could cause a denial of service (unkillable loop in the kernel).\n\nCVE-2016-0723\n\nA use-after-free vulnerability was discovered in the TIOCGETD ioctl. A local attacker could use this flaw for denial of service.\n\nCVE-2016-2069\n\nAndy Lutomirski discovered a race condition in flushing of the TLB when switching tasks. On an SMP system this could possibly lead to a crash, information leak or privilege escalation.\n\nFor the oldoldstable distribution (squeeze), these problems have been fixed in version 2.6.32-48squeeze19. Additionally, this version includes upstream stable update 2.6.32.70. This is the final update to the linux-2.6 package for squeeze.\n\nFor the oldstable distribution (wheezy), these problems will be fixed soon.\n\nFor the stable distribution (jessie), CVE-2015-7566, CVE-2015-8767 and CVE-2016-0723 were fixed in linux version 3.16.7-ckt20-1+deb8u3 and the remaining problems will be fixed soon.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-02-08T00:00:00", "type": "nessus", "title": "Debian DLA-412-1 : linux-2.6 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7566", "CVE-2015-8767", "CVE-2015-8785", "CVE-2016-0723", "CVE-2016-2069"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firmware-linux-free", "p-cpe:/a:debian:debian_linux:linux-base", "p-cpe:/a:debian:debian_linux:linux-doc-2.6.32", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-2.6.32", "p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32", "p-cpe:/a:debian:debian_linux:linux-source-2.6.32", "p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5", "p-cpe:/a:debian:debian_linux:linux-tools-2.6.32", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-412.NASL", "href": "https://www.tenable.com/plugins/nessus/88600", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-412-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88600);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2015-8785\", \"CVE-2016-0723\", \"CVE-2016-2069\");\n\n script_name(english:\"Debian DLA-412-1 : linux-2.6 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the CVEs described below.\n\nCVE-2015-7566\n\nRalf Spenneberg of OpenSource Security reported that the visor driver\ncrashes when a specially crafted USB device without bulk-out endpoint\nis detected.\n\nCVE-2015-8767\n\nAn SCTP denial of service was discovered which can be triggered by a\nlocal attacker during a heartbeat timeout event after the 4-way\nhandshake.\n\nCVE-2015-8785\n\nIt was discovered that local users permitted to write to a file on a\nFUSE filesystem could cause a denial of service (unkillable loop in\nthe kernel).\n\nCVE-2016-0723\n\nA use-after-free vulnerability was discovered in the TIOCGETD ioctl. A\nlocal attacker could use this flaw for denial of service.\n\nCVE-2016-2069\n\nAndy Lutomirski discovered a race condition in flushing of the TLB\nwhen switching tasks. On an SMP system this could possibly lead to a\ncrash, information leak or privilege escalation.\n\nFor the oldoldstable distribution (squeeze), these problems have been\nfixed in version 2.6.32-48squeeze19. Additionally, this version\nincludes upstream stable update 2.6.32.70. This is the final update to\nthe linux-2.6 package for squeeze.\n\nFor the oldstable distribution (wheezy), these problems will be fixed\nsoon.\n\nFor the stable distribution (jessie), CVE-2015-7566, CVE-2015-8767 and\nCVE-2016-0723 were fixed in linux version 3.16.7-ckt20-1+deb8u3 and\nthe remaining problems will be fixed soon.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/02/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/linux-2.6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firmware-linux-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-tools-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"firmware-linux-free\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-base\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-doc-2.6.32\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-486\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-i386\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-openvz\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-vserver\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-xen\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-486\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem-dbg\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64-dbg\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686-dbg\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64-dbg\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64-dbg\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686-dbg\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64-dbg\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-libc-dev\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-manual-2.6.32\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-patch-debian-2.6.32\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-source-2.6.32\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-support-2.6.32-5\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-tools-2.6.32\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze19\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze19\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:04:34", "description": "The 4.4.4 update contains a number of important fixes across the tree.\nThis also contains an important update for XFS utilities\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-14T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.4.4-200.fc22 (2016-746bb5851d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2847"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-746BB5851D.NASL", "href": "https://www.tenable.com/plugins/nessus/89884", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-746bb5851d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89884);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2847\");\n script_xref(name:\"FEDORA\", value:\"2016-746bb5851d\");\n\n script_name(english:\"Fedora 22 : kernel-4.4.4-200.fc22 (2016-746bb5851d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.4.4 update contains a number of important fixes across the tree.\nThis also contains an important update for XFS utilities\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1313428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1314253\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178711.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e69051e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.4.4-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:34", "description": "The 4.4.4 update contains a number of important fixes across the tree.\nThis also includes an important update for XFS utils.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-14T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.4.4-301.fc23 (2016-e6cfaff4b1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2847"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-E6CFAFF4B1.NASL", "href": "https://www.tenable.com/plugins/nessus/89893", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-e6cfaff4b1.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89893);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-2847\");\n script_xref(name:\"FEDORA\", value:\"2016-e6cfaff4b1\");\n\n script_name(english:\"Fedora 23 : kernel-4.4.4-301.fc23 (2016-e6cfaff4b1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.4.4 update contains a number of important fixes across the tree.\nThis also includes an important update for XFS utils.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1313428\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1314253\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178663.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?aeefc342\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.4.4-301.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:05:29", "description": "Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134)\n\nIt was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. (CVE-2013-4312)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework did not verify that a FIFO was attached to a client before attempting to clear it. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2543)\n\nDmitry Vyukov discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) framework between timer setup and closing of the client, resulting in a use-after-free. A local attacker could use this to cause a denial of service. (CVE-2016-2544)\n\nDmitry Vyukov discovered a race condition in the timer handling implementation of the Advanced Linux Sound Architecture (ALSA) framework, resulting in a use-after-free. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2545)\n\nDmitry Vyukov discovered race conditions in the Advanced Linux Sound Architecture (ALSA) framework's timer ioctls leading to a use-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2016-2546)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers did not properly manage its data structures. A local attacker could use this to cause a denial of service (system hang or crash) or possibly execute arbitrary code. (CVE-2016-2547, CVE-2016-2548)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers could lead to a deadlock condition. A local attacker could use this to cause a denial of service (system hang). (CVE-2016-2549)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-15T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2929-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-7566", "CVE-2015-7833", "CVE-2016-0723", "CVE-2016-2384", "CVE-2016-2543", "CVE-2016-2544", "CVE-2016-2545", "CVE-2016-2546", "CVE-2016-2547", "CVE-2016-2548", "CVE-2016-2549", "CVE-2016-2782", "CVE-2016-3134"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2929-2.NASL", "href": "https://www.tenable.com/plugins/nessus/89933", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2929-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89933);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2782\", \"CVE-2016-3134\");\n script_xref(name:\"USN\", value:\"2929-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2929-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux netfilter implementation did not\ncorrectly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code with\nadministrative privileges. (CVE-2016-3134)\n\nIt was discovered that the Linux kernel did not properly enforce\nrlimits for file descriptors sent over UNIX domain sockets. A local\nattacker could use this to cause a denial of service. (CVE-2013-4312)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nIt was discovered that a race condition existed in the ioctl handler\nfor the TTY driver in the Linux kernel. A local attacker could use\nthis to cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly\nperformed a double-free. A local attacker with physical access could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework did not verify that a FIFO was attached to a client\nbefore attempting to clear it. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2016-2543)\n\nDmitry Vyukov discovered that a race condition existed in the Advanced\nLinux Sound Architecture (ALSA) framework between timer setup and\nclosing of the client, resulting in a use-after-free. A local attacker\ncould use this to cause a denial of service. (CVE-2016-2544)\n\nDmitry Vyukov discovered a race condition in the timer handling\nimplementation of the Advanced Linux Sound Architecture (ALSA)\nframework, resulting in a use-after-free. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2016-2545)\n\nDmitry Vyukov discovered race conditions in the Advanced Linux Sound\nArchitecture (ALSA) framework's timer ioctls leading to a\nuse-after-free. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2016-2546)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework's handling of high resolution timers did not properly\nmanage its data structures. A local attacker could use this to cause a\ndenial of service (system hang or crash) or possibly execute arbitrary\ncode. (CVE-2016-2547, CVE-2016-2548)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework's handling of high resolution timers could lead to a\ndeadlock condition. A local attacker could use this to cause a denial\nof service (system hang). (CVE-2016-2549)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2929-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic and / or\nlinux-image-3.13-generic-lpae packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2782\", \"CVE-2016-3134\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2929-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-83-generic\", pkgver:\"3.13.0-83.127~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-83-generic-lpae\", pkgver:\"3.13.0-83.127~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:08", "description": "Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134)\n\nIt was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. (CVE-2013-4312)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework did not verify that a FIFO was attached to a client before attempting to clear it. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2543)\n\nDmitry Vyukov discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) framework between timer setup and closing of the client, resulting in a use-after-free. A local attacker could use this to cause a denial of service. (CVE-2016-2544)\n\nDmitry Vyukov discovered a race condition in the timer handling implementation of the Advanced Linux Sound Architecture (ALSA) framework, resulting in a use-after-free. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2545)\n\nDmitry Vyukov discovered race conditions in the Advanced Linux Sound Architecture (ALSA) framework's timer ioctls leading to a use-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2016-2546)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers did not properly manage its data structures. A local attacker could use this to cause a denial of service (system hang or crash) or possibly execute arbitrary code. (CVE-2016-2547, CVE-2016-2548)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers could lead to a deadlock condition. A local attacker could use this to cause a denial of service (system hang). (CVE-2016-2549)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-15T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-2929-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-7566", "CVE-2015-7833", "CVE-2016-0723", "CVE-2016-2384", "CVE-2016-2543", "CVE-2016-2544", "CVE-2016-2545", "CVE-2016-2546", "CVE-2016-2547", "CVE-2016-2548", "CVE-2016-2549", "CVE-2016-2782", "CVE-2016-3134"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2929-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89932", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2929-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89932);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2782\", \"CVE-2016-3134\");\n script_xref(name:\"USN\", value:\"2929-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-2929-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux netfilter implementation did not\ncorrectly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code with\nadministrative privileges. (CVE-2016-3134)\n\nIt was discovered that the Linux kernel did not properly enforce\nrlimits for file descriptors sent over UNIX domain sockets. A local\nattacker could use this to cause a denial of service. (CVE-2013-4312)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nIt was discovered that a race condition existed in the ioctl handler\nfor the TTY driver in the Linux kernel. A local attacker could use\nthis to cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2016-0723)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly\nperformed a double-free. A local attacker with physical access could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework did not verify that a FIFO was attached to a client\nbefore attempting to clear it. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2016-2543)\n\nDmitry Vyukov discovered that a race condition existed in the Advanced\nLinux Sound Architecture (ALSA) framework between timer setup and\nclosing of the client, resulting in a use-after-free. A local attacker\ncould use this to cause a denial of service. (CVE-2016-2544)\n\nDmitry Vyukov discovered a race condition in the timer handling\nimplementation of the Advanced Linux Sound Architecture (ALSA)\nframework, resulting in a use-after-free. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2016-2545)\n\nDmitry Vyukov discovered race conditions in the Advanced Linux Sound\nArchitecture (ALSA) framework's timer ioctls leading to a\nuse-after-free. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2016-2546)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework's handling of high resolution timers did not properly\nmanage its data structures. A local attacker could use this to cause a\ndenial of service (system hang or crash) or possibly execute arbitrary\ncode. (CVE-2016-2547, CVE-2016-2548)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework's handling of high resolution timers could lead to a\ndeadlock condition. A local attacker could use this to cause a denial\nof service (system hang). (CVE-2016-2549)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2929-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.13-generic,\nlinux-image-3.13-generic-lpae and / or linux-image-3.13-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2016-0723\", \"CVE-2016-2384\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2782\", \"CVE-2016-3134\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2929-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-83-generic\", pkgver:\"3.13.0-83.127\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-83-generic-lpae\", pkgver:\"3.13.0-83.127\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-83-lowlatency\", pkgver:\"3.13.0-83.127\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:04:16", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service, information leak or data loss.\n\n - CVE-2013-4312, CVE-2016-2847 Tetsuo Handa discovered that users can use pipes queued on local (Unix) sockets to allocate an unfair share of kernel memory, leading to denial-of-service (resource exhaustion).\n\n This issue was previously mitigated for the stable suite by limiting the total number of files queued by each user on local sockets. The new kernel version in both suites includes that mitigation plus limits on the total size of pipe buffers allocated for each user.\n\n - CVE-2015-7566 Ralf Spenneberg of OpenSource Security reported that the visor driver crashes when a specially crafted USB device without bulk-out endpoint is detected.\n\n - CVE-2015-8767 An SCTP denial-of-service was discovered which can be triggered by a local attacker during a heartbeat timeout event after the 4-way handshake.\n\n - CVE-2015-8785 It was discovered that local users permitted to write to a file on a FUSE filesystem could cause a denial of service (unkillable loop in the kernel).\n\n - CVE-2015-8812 A flaw was found in the iw_cxgb3 Infiniband driver.\n Whenever it could not send a packet because the network was congested, it would free the packet buffer but later attempt to send the packet again. This use-after-free could result in a denial of service (crash or hang), data loss or privilege escalation.\n\n - CVE-2015-8816 A use-after-free vulnerability was discovered in the USB hub driver. This may be used by a physically present user for privilege escalation.\n\n - CVE-2015-8830 Ben Hawkes of Google Project Zero reported that the AIO interface permitted reading or writing 2 GiB of data or more in a single chunk, which could lead to an integer overflow when applied to certain filesystems, socket or device types. The full security impact has not been evaluated.\n\n - CVE-2016-0723 A use-after-free vulnerability was discovered in the TIOCGETD ioctl. A local attacker could use this flaw for denial-of-service.\n\n - CVE-2016-0774 It was found that the fix for CVE-2015-1805 in kernel versions older than Linux 3.16 did not correctly handle the case of a partially failed atomic read. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space.\n\n - CVE-2016-2069 Andy Lutomirski discovered a race condition in flushing of the TLB when switching tasks on an x86 system. On an SMP system this could possibly lead to a crash, information leak or privilege escalation.\n\n - CVE-2016-2384 Andrey Konovalov found that a crafted USB MIDI device with an invalid USB descriptor could trigger a double-free. This may be used by a physically present user for privilege escalation.\n\n - CVE-2016-2543 Dmitry Vyukov found that the core sound sequencer driver (snd-seq) lacked a necessary check for a NULL pointer, allowing a user with access to a sound sequencer device to cause a denial-of service (crash).\n\n - CVE-2016-2544, CVE-2016-2546, CVE-2016-2547, CVE-2016-2548\n\n Dmitry Vyukov found various race conditions in the sound subsystem (ALSA)'s management of timers. A user with access to sound devices could use these to cause a denial-of-service (crash or hang) or possibly for privilege escalation.\n\n - CVE-2016-2545 Dmitry Vyukov found a flaw in list manipulation in the sound subsystem (ALSA)'s management of timers. A user with access to sound devices could use this to cause a denial-of-service (crash or hang) or possibly for privilege escalation.\n\n - CVE-2016-2549 Dmitry Vyukov found a potential deadlock in the sound subsystem (ALSA)'s use of high resolution timers. A user with access to sound devices could use this to cause a denial-of-service (hang).\n\n - CVE-2016-2550 The original mitigation of CVE-2013-4312, limiting the total number of files a user could queue on local sockets, was flawed. A user given a local socket opened by another user, for example through the systemd socket activation mechanism, could make use of the other user's quota, again leading to a denial-of-service (resource exhaustion). This is fixed by accounting queued files to the sender rather than the socket opener.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Debian DSA-3503-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-1805", "CVE-2015-7566", "CVE-2015-8767", "CVE-2015-8785", "CVE-2015-8812", "CVE-2015-8816", "CVE-2015-8830", "CVE-2016-0723", "CVE-2016-0774", "CVE-2016-2069", "CVE-2016-2384", "CVE-2016-2543", "CVE-2016-2544", "CVE-2016-2545", "CVE-2016-2546", "CVE-2016-2547", "CVE-2016-2548", "CVE-2016-2549", "CVE-2016-2550", "CVE-2016-2847"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3503.NASL", "href": "https://www.tenable.com/plugins/nessus/89122", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3503. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89122);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-8767\", \"CVE-2015-8785\", \"CVE-2015-8812\", \"CVE-2015-8816\", \"CVE-2015-8830\", \"CVE-2016-0723\", \"CVE-2016-0774\", \"CVE-2016-2069\", \"CVE-2016-2384\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2550\", \"CVE-2016-2847\");\n script_xref(name:\"DSA\", value:\"3503\");\n\n script_name(english:\"Debian DSA-3503-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service, information\nleak or data loss.\n\n - CVE-2013-4312, CVE-2016-2847\n Tetsuo Handa discovered that users can use pipes queued\n on local (Unix) sockets to allocate an unfair share of\n kernel memory, leading to denial-of-service (resource\n exhaustion).\n\n This issue was previously mitigated for the stable suite by limiting\n the total number of files queued by each user on local sockets. The\n new kernel version in both suites includes that mitigation plus\n limits on the total size of pipe buffers allocated for each user.\n\n - CVE-2015-7566\n Ralf Spenneberg of OpenSource Security reported that the\n visor driver crashes when a specially crafted USB device\n without bulk-out endpoint is detected.\n\n - CVE-2015-8767\n An SCTP denial-of-service was discovered which can be\n triggered by a local attacker during a heartbeat timeout\n event after the 4-way handshake.\n\n - CVE-2015-8785\n It was discovered that local users permitted to write to\n a file on a FUSE filesystem could cause a denial of\n service (unkillable loop in the kernel).\n\n - CVE-2015-8812\n A flaw was found in the iw_cxgb3 Infiniband driver.\n Whenever it could not send a packet because the network\n was congested, it would free the packet buffer but later\n attempt to send the packet again. This use-after-free\n could result in a denial of service (crash or hang),\n data loss or privilege escalation.\n\n - CVE-2015-8816\n A use-after-free vulnerability was discovered in the USB\n hub driver. This may be used by a physically present\n user for privilege escalation.\n\n - CVE-2015-8830\n Ben Hawkes of Google Project Zero reported that the AIO\n interface permitted reading or writing 2 GiB of data or\n more in a single chunk, which could lead to an integer\n overflow when applied to certain filesystems, socket or\n device types. The full security impact has not been\n evaluated.\n\n - CVE-2016-0723\n A use-after-free vulnerability was discovered in the\n TIOCGETD ioctl. A local attacker could use this flaw for\n denial-of-service.\n\n - CVE-2016-0774\n It was found that the fix for CVE-2015-1805 in kernel\n versions older than Linux 3.16 did not correctly handle\n the case of a partially failed atomic read. A local,\n unprivileged user could use this flaw to crash the\n system or leak kernel memory to user space.\n\n - CVE-2016-2069\n Andy Lutomirski discovered a race condition in flushing\n of the TLB when switching tasks on an x86 system. On an\n SMP system this could possibly lead to a crash,\n information leak or privilege escalation.\n\n - CVE-2016-2384\n Andrey Konovalov found that a crafted USB MIDI device\n with an invalid USB descriptor could trigger a\n double-free. This may be used by a physically present\n user for privilege escalation.\n\n - CVE-2016-2543\n Dmitry Vyukov found that the core sound sequencer driver\n (snd-seq) lacked a necessary check for a NULL pointer,\n allowing a user with access to a sound sequencer device\n to cause a denial-of service (crash).\n\n - CVE-2016-2544, CVE-2016-2546, CVE-2016-2547,\n CVE-2016-2548\n\n Dmitry Vyukov found various race conditions in the sound\n subsystem (ALSA)'s management of timers. A user with\n access to sound devices could use these to cause a\n denial-of-service (crash or hang) or possibly for\n privilege escalation.\n\n - CVE-2016-2545\n Dmitry Vyukov found a flaw in list manipulation in the\n sound subsystem (ALSA)'s management of timers. A user\n with access to sound devices could use this to cause a\n denial-of-service (crash or hang) or possibly for\n privilege escalation.\n\n - CVE-2016-2549\n Dmitry Vyukov found a potential deadlock in the sound\n subsystem (ALSA)'s use of high resolution timers. A user\n with access to sound devices could use this to cause a\n denial-of-service (hang).\n\n - CVE-2016-2550\n The original mitigation of CVE-2013-4312, limiting the\n total number of files a user could queue on local\n sockets, was flawed. A user given a local socket opened\n by another user, for example through the systemd socket\n activation mechanism, could make use of the other user's\n quota, again leading to a denial-of-service (resource\n exhaustion). This is fixed by accounting queued files to\n the sender rather than the socket opener.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8785\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8812\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8816\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-1805\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2544\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2547\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2548\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-2550\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4312\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-8767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0723\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2016-0774\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3503\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 3.2.73-2+deb7u3. The oldstable distribution (wheezy)\nis not affected by CVE-2015-8830.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.16.7-ckt20-1+deb8u4. CVE-2013-4312, CVE-2015-7566,\nCVE-2015-8767 and CVE-2016-0723 were already fixed in DSA-3448-1.\nCVE-2016-0774 does not affect the stable distribution.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux\", reference:\"3.2.73-2+deb7u3\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-x86\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-586\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-686-pae\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-amd64\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armel\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armhf\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-i386\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-common\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-orion5x\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-versatile\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-586\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae-dbg\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64-dbg\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-orion5x\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-versatile\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-9\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-9-amd64\", reference:\"3.16.7-ckt20-1+deb8u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:11", "description": "Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134)\n\nIt was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. (CVE-2013-4312)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux kernel did not properly sanity check the interfaces and endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2015-7833)\n\nIt was discovered that a race condition existed when handling heartbeat- timeout events in the SCTP implementation of the Linux kernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nIt was discovered that a race condition existed in the ioctl handler for the TTY driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2016-0723)\n\nAndy Lutomirski discovered a race condition in the Linux kernel's translation lookaside buffer (TLB) handling of flush events. A local attacker could use this to cause a denial of service or possibly leak sensitive information. (CVE-2016-2069)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework did not verify that a FIFO was attached to a client before attempting to clear it. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2543)\n\nDmitry Vyukov discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) framework between timer setup and closing of the client, resulting in a use-after-free. A local attacker could use this to cause a denial of service. (CVE-2016-2544)\n\nDmitry Vyukov discovered a race condition in the timer handling implementation of the Advanced Linux Sound Architecture (ALSA) framework, resulting in a use-after-free. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-2545)\n\nDmitry Vyukov discovered race conditions in the Advanced Linux Sound Architecture (ALSA) framework's timer ioctls leading to a use-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.\n(CVE-2016-2546)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers did not properly manage its data structures. A local attacker could use this to cause a denial of service (system hang or crash) or possibly execute arbitrary code. (CVE-2016-2547, CVE-2016-2548)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture (ALSA) framework's handling of high resolution timers could lead to a deadlock condition. A local attacker could use this to cause a denial of service (system hang). (CVE-2016-2549)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the Linux kernel did not properly sanity check the endpoints reported by the device. An attacker with physical access could cause a denial of service (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-15T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2932-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-7566", "CVE-2015-7833", "CVE-2015-8767", "CVE-2016-0723", "CVE-2016-2069", "CVE-2016-2384", "CVE-2016-2543", "CVE-2016-2544", "CVE-2016-2545", "CVE-2016-2546", "CVE-2016-2547", "CVE-2016-2548", "CVE-2016-2549", "CVE-2016-2782", "CVE-2016-3134"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2932-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89937", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2932-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89937);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-2069\", \"CVE-2016-2384\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2782\", \"CVE-2016-3134\");\n script_xref(name:\"USN\", value:\"2932-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-vivid vulnerabilities (USN-2932-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Hawkes discovered that the Linux netfilter implementation did not\ncorrectly perform validation when handling IPT_SO_SET_REPLACE events.\nA local unprivileged attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code with\nadministrative privileges. (CVE-2016-3134)\n\nIt was discovered that the Linux kernel did not properly enforce\nrlimits for file descriptors sent over UNIX domain sockets. A local\nattacker could use this to cause a denial of service. (CVE-2013-4312)\n\nRalf Spenneberg discovered that the USB driver for Clie devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2015-7566)\n\nRalf Spenneberg discovered that the usbvision driver in the Linux\nkernel did not properly sanity check the interfaces and endpoints\nreported by the device. An attacker with physical access could cause a\ndenial of service (system crash). (CVE-2015-7833)\n\nIt was discovered that a race condition existed when handling\nheartbeat- timeout events in the SCTP implementation of the Linux\nkernel. A remote attacker could use this to cause a denial of service.\n(CVE-2015-8767)\n\nIt was discovered that a race condition existed in the ioctl handler\nfor the TTY driver in the Linux kernel. A local attacker could use\nthis to cause a denial of service (system crash) or expose sensitive\ninformation. (CVE-2016-0723)\n\nAndy Lutomirski discovered a race condition in the Linux kernel's\ntranslation lookaside buffer (TLB) handling of flush events. A local\nattacker could use this to cause a denial of service or possibly leak\nsensitive information. (CVE-2016-2069)\n\nAndrey Konovalov discovered that the ALSA USB MIDI driver incorrectly\nperformed a double-free. A local attacker with physical access could\nuse this to cause a denial of service (system crash) or possibly\nexecute arbitrary code with administrative privileges. (CVE-2016-2384)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework did not verify that a FIFO was attached to a client\nbefore attempting to clear it. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2016-2543)\n\nDmitry Vyukov discovered that a race condition existed in the Advanced\nLinux Sound Architecture (ALSA) framework between timer setup and\nclosing of the client, resulting in a use-after-free. A local attacker\ncould use this to cause a denial of service. (CVE-2016-2544)\n\nDmitry Vyukov discovered a race condition in the timer handling\nimplementation of the Advanced Linux Sound Architecture (ALSA)\nframework, resulting in a use-after-free. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2016-2545)\n\nDmitry Vyukov discovered race conditions in the Advanced Linux Sound\nArchitecture (ALSA) framework's timer ioctls leading to a\nuse-after-free. A local attacker could use this to cause a denial of\nservice (system crash) or possibly execute arbitrary code.\n(CVE-2016-2546)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework's handling of high resolution timers did not properly\nmanage its data structures. A local attacker could use this to cause a\ndenial of service (system hang or crash) or possibly execute arbitrary\ncode. (CVE-2016-2547, CVE-2016-2548)\n\nDmitry Vyukov discovered that the Advanced Linux Sound Architecture\n(ALSA) framework's handling of high resolution timers could lead to a\ndeadlock condition. A local attacker could use this to cause a denial\nof service (system hang). (CVE-2016-2549)\n\nRalf Spenneberg discovered that the USB driver for Treo devices in the\nLinux kernel did not properly sanity check the endpoints reported by\nthe device. An attacker with physical access could cause a denial of\nservice (system crash). (CVE-2016-2782).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2932-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.19-generic,\nlinux-image-3.19-generic-lpae and / or linux-image-3.19-lowlatency\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.19-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2020 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-4312\", \"CVE-2015-7566\", \"CVE-2015-7833\", \"CVE-2015-8767\", \"CVE-2016-0723\", \"CVE-2016-2069\", \"CVE-2016-2384\", \"CVE-2016-2543\", \"CVE-2016-2544\", \"CVE-2016-2545\", \"CVE-2016-2546\", \"CVE-2016-2547\", \"CVE-2016-2548\", \"CVE-2016-2549\", \"CVE-2016-2782\", \"CVE-2016-3134\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2932-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-56-generic\", pkgver:\"3.19.0-56.62~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-56-generic-lpae\", pkgver:\"3.19.0-56.62~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.19.0-56-lowlatency\", pkgver:\"3.19.0-56.62~14.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.19-generic / linux-image-3.19-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:26", "description": "A number of fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.3.3-301.fc23 (2016-26e19f042a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7513", "CVE-2015-7566"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-26E19F042A.NASL", "href": "https://www.tenable.com/plugins/nessus/89497", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-26e19f042a.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89497);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7513\", \"CVE-2015-7566\");\n script_xref(name:\"FEDORA\", value:\"2016-26e19f042a\");\n\n script_name(english:\"Fedora 23 : kernel-4.3.3-301.fc23 (2016-26e19f042a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A number of fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1284847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296466\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bb4335ff\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.3.3-301.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:19", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* It is possible for a single process to cause an OOM condition by filling large pipes with data that are never read. A typical process filling 4096 pipes with 1 MB of data will use 4 GB of memory and there can be multiple such processes, up to a per-user-limit.\n(CVE-2016-2847, Moderate)\n\nRed Hat would like to thank Tetsuo Handa for reporting CVE-2016-2847.\n\nBug Fix(es) :\n\n* Previously, an XFS corruption in some cases occurred on Seagate 8TB drive based volumes after a planned system shutdown or reboot, when a disk write back cache was used. With this update, the megaraid_sas driver has been fixed and the XFS corruption no longer occurs in the described scenario. (BZ#1398178)\n\n* This update applies a set of patches for the resizable hash table (rhashtable). This set contains backported bug fixes and enhancements from upstream. (BZ#1382630)\n\n* Previously, a kernel panic in some cases occurred during the boot with the Nonvolatile Memory Express (NVMe) kernel module, because the NVMe driver did not receive legacy PCI interrupts. This update fixes the NVMe driver to always use the Message Signaled Interrupts (MSI/MSI-X) interrupts. As a result, the operating system now boots without panic under the described circumstances. (BZ#1396558)\n\n* Previously, the Advanced Error Reporting (AER) correct error in some cases caused a kernel panic. This update fixes the\n_scsih_pci_mmio_enabled() function in the mpt3sas driver to not incorrectly return PCI_ERS_RESULT_NEED_RESET return value in the situation when PCI_ERS_RESULT_RECOVERED return value is expected. As a result, the kernel no longer panics due to _scsih_pci_mmio_enabled().\n(BZ#1395220)\n\n* When resizing the Transmit (TX) and Receive (RX) rings in the sfc driver with the 'ethtool -G' command, a kernel protection fault in the napi_hash_add() function occurred on systems with a large number of queues. With this update, the efx_copy_channel()function in the sfc driver has been fixed to correctly clear the napi_hash state. As a result, the sfc kernel module now unloads successfully without the mentioned kernel protection fault. (BZ#1401460)\n\n* When a virtual machine (VM) with 2 PCI-Passthrough Ethernet interfaces attached was created, deleted and recreated, the operating system terminated unexpectedly and rebooted during the recreation.\nThis update fixes the race condition between the eventfd and virqfd signaling mechanisms in the vfio driver. As a result, the operating system now boots without crashing in the described situation.\n(BZ#1391610)\n\n* Previously, when two NFS shares with different security settings were mounted, the I/O operations to the kerberos-authenticated mount caused the RPC_CRED_KEY_EXPIRE_SOON parameter to be set, but the parameter was not unset when performing the I/O operations on the sec=sys mount. Consequently, writes to both NFS shares had the same parameters, regardless of their security settings. This update fixes this problem by moving the NO_CRKEY_TIMEOUT parameter to the auth->au_flags field. As a result, NFS shares with different security settings are now handled as expected. (BZ# 1388603)\n\n* Previously, memory corruption by copying data into the wrong memory locations sometimes occurred, because the __copy_tofrom_user() function was returning incorrect values. This update fixes the\n__copy_tofrom_user() function so that it no longer returns larger values than the number of bytes it was asked to copy. As a result, memory corruption no longer occurs in he described scenario.\n(BZ#1398588)", "cvss3": {}, "published": "2017-02-01T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2017:0217)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-2847", "CVE-2016-7117"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.2"], "id": "REDHAT-RHSA-2017-0217.NASL", "href": "https://www.tenable.com/plugins/nessus/96922", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0217. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96922);\n script_version(\"3.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:42\");\n\n script_cve_id(\"CVE-2016-2847\", \"CVE-2016-7117\");\n script_xref(name:\"RHSA\", value:\"2017:0217\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2017:0217)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.2\nExtended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* It is possible for a single process to cause an OOM condition by\nfilling large pipes with data that are never read. A typical process\nfilling 4096 pipes with 1 MB of data will use 4 GB of memory and there\ncan be multiple such processes, up to a per-user-limit.\n(CVE-2016-2847, Moderate)\n\nRed Hat would like to thank Tetsuo Handa for reporting CVE-2016-2847.\n\nBug Fix(es) :\n\n* Previously, an XFS corruption in some cases occurred on Seagate 8TB\ndrive based volumes after a planned system shutdown or reboot, when a\ndisk write back cache was used. With this update, the megaraid_sas\ndriver has been fixed and the XFS corruption no longer occurs in the\ndescribed scenario. (BZ#1398178)\n\n* This update applies a set of patches for the resizable hash table\n(rhashtable). This set contains backported bug fixes and enhancements\nfrom upstream. (BZ#1382630)\n\n* Previously, a kernel panic in some cases occurred during the boot\nwith the Nonvolatile Memory Express (NVMe) kernel module, because the\nNVMe driver did not receive legacy PCI interrupts. This update fixes\nthe NVMe driver to always use the Message Signaled Interrupts\n(MSI/MSI-X) interrupts. As a result, the operating system now boots\nwithout panic under the described circumstances. (BZ#1396558)\n\n* Previously, the Advanced Error Reporting (AER) correct error in some\ncases caused a kernel panic. This update fixes the\n_scsih_pci_mmio_enabled() function in the mpt3sas driver to not\nincorrectly return PCI_ERS_RESULT_NEED_RESET return value in the\nsituation when PCI_ERS_RESULT_RECOVERED return value is expected. As a\nresult, the kernel no longer panics due to _scsih_pci_mmio_enabled().\n(BZ#1395220)\n\n* When resizing the Transmit (TX) and Receive (RX) rings in the sfc\ndriver with the 'ethtool -G' command, a kernel protection fault in the\nnapi_hash_add() function occurred on systems with a large number of\nqueues. With this update, the efx_copy_channel()function in the sfc\ndriver has been fixed to correctly clear the napi_hash state. As a\nresult, the sfc kernel module now unloads successfully without the\nmentioned kernel protection fault. (BZ#1401460)\n\n* When a virtual machine (VM) with 2 PCI-Passthrough Ethernet\ninterfaces attached was created, deleted and recreated, the operating\nsystem terminated unexpectedly and rebooted during the recreation.\nThis update fixes the race condition between the eventfd and virqfd\nsignaling mechanisms in the vfio driver. As a result, the operating\nsystem now boots without crashing in the described situation.\n(BZ#1391610)\n\n* Previously, when two NFS shares with different security settings\nwere mounted, the I/O operations to the kerberos-authenticated mount\ncaused the RPC_CRED_KEY_EXPIRE_SOON parameter to be set, but the\nparameter was not unset when performing the I/O operations on the\nsec=sys mount. Consequently, writes to both NFS shares had the same\nparameters, regardless of their security settings. This update fixes\nthis problem by moving the NO_CRKEY_TIMEOUT parameter to the\nauth->au_flags field. As a result, NFS shares with different security\nsettings are now handled as expected. (BZ# 1388603)\n\n* Previously, memory corruption by copying data into the wrong memory\nlocations sometimes occurred, because the __copy_tofrom_user()\nfunction was returning incorrect values. This update fixes the\n__copy_tofrom_user() function so that it no longer returns larger\nvalues than the number of bytes it was asked to copy. As a result,\nmemory corruption no longer occurs in he described scenario.\n(BZ#1398588)\"\n );\n # https://access.redhat.com/security/vulnerabilities/2706661\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/vulnerabilities/DirtyCow\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0217\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-2847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7117\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/02/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7\\.2([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.2\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-2847\", \"CVE-2016-7117\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2017:0217\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0217\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", reference:\"kernel-abi-whitelists-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", reference:\"kernel-doc-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"perf-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"perf-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"python-perf-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-327.46.1.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:36", "description": "The openSUSE 13.2 kernel was updated to receive security and bugfixes.\n\nIt also fixes a regression that caused the Chromium sandbox to no longer work (bsc#965356).\n\nFollowing security bugs were fixed :\n\n - CVE-2016-2069: A flaw was discovered in a way the Linux deals with paging structures. When Linux invalidates a paging structure that is not in use locally, it could, in principle, race against another CPU that is switching to a process that uses the paging structure in question, causing a local denial service (machine crash).\n (bnc#963767).\n\n - CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500).\n\nThe following non-security bugs were fixed :\n\n - Bluetooth: ath3k: workaround the compatibility issue with xHCI controller (bnc#907378).\n\n - kABI fix for addition of user_namespace.flags field (bnc#965308, bnc#965356).\n\n - userns: Add a knob to disable setgroups on a per user namespace basis (bnc#965308, bnc#965356).\n\n - userns: Allow setting gid_maps without privilege when setgroups is disabled (bnc#965308, bnc#965356).\n\n - userns: Rename id_map_mutex to userns_state_mutex (bnc#965308, bnc#965356).", "cvss3": {}, "published": "2016-02-24T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2016-256)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-0723", "CVE-2016-2069"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:bbswitch", "p-cpe:/a:novell:opensuse:bbswitch-debugsource", "p-cpe:/a:novell:opensuse:bbswitch-kmp-default", "p-cpe:/a:novell:opensuse:bbswitch-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop", "p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-pae", "p-cpe:/a:novell:opensuse:bbswitch-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:bbswitch-kmp-xen", "p-cpe:/a:novell:opensuse:bbswitch-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:cloop", "p-cpe:/a:novell:opensuse:cloop-kmp-pae", "p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:cloop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-xen", "p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:cloop-debugsource", "p-cpe:/a:novell:opensuse:crash", "p-cpe:/a:novell:opensuse:cloop-kmp-default", "p-cpe:/a:novell:opensuse:crash-debuginfo", "p-cpe:/a:novell:opensuse:crash-debugsource", "p-cpe:/a:novell:opensuse:crash-devel", "p-cpe:/a:novell:opensuse:crash-eppic", "p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:crash-eppic-debuginfo", "p-cpe:/a:novell:opensuse:crash-gcore", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop", "p-cpe:/a:novell:opensuse:crash-gcore-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-default", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-desktop", "p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-pae", "p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:crash-kmp-xen", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:ipset", "p-cpe:/a:novell:opensuse:ipset-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:ipset-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:ipset-devel", "p-cpe:/a:novell:opensuse:ipset-kmp-default", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:ipset-kmp-pae", "p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:ipset-kmp-xen", "p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-obs-qa-xen", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-desktop-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:libipset3", "p-cpe:/a:novell:opensuse:libipset3-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:pcfclock-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-default", "p-cpe:/a:novell:opensuse:pcfclock-debugsource", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:python-virtualbox", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-debugsource", "p-cpe:/a:novell:opensuse:vhba-kmp-pae", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-kmp-default", "p-cpe:/a:novell:opensuse:vhba-kmp-xen", "p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:virtualbox", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-debugsource", "p-cpe:/a:novell:opensuse:xen-tools-domu", "p-cpe:/a:novell:opensuse:xen-tools-domu-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-devel", "p-cpe:/a:novell:opensuse:xtables-addons", "p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons", "p-cpe:/a:novell:opensuse:xtables-addons-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-debugsource", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo", "cpe:/o:novell:opensuse:13.2", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-source", "p-cpe:/a:novell:opensuse:virtualbox-qt", "p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-websrv", "p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo", "p-cpe:/a:novell:opensuse:xen"], "id": "OPENSUSE-2016-256.NASL", "href": "https://www.tenable.com/plugins/nessus/88927", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-256.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88927);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-0723\", \"CVE-2016-2069\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2016-256)\");\n script_summary(english:\"Check for the openSUSE-2016-256 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 13.2 kernel was updated to receive security and bugfixes.\n\nIt also fixes a regression that caused the Chromium sandbox to no\nlonger work (bsc#965356).\n\nFollowing security bugs were fixed :\n\n - CVE-2016-2069: A flaw was discovered in a way the Linux\n deals with paging structures. When Linux invalidates a\n paging structure that is not in use locally, it could,\n in principle, race against another CPU that is switching\n to a process that uses the paging structure in question,\n causing a local denial service (machine crash).\n (bnc#963767).\n\n - CVE-2016-0723: Race condition in the tty_ioctl function\n in drivers/tty/tty_io.c in the Linux kernel allowed\n local users to obtain sensitive information from kernel\n memory or cause a denial of service (use-after-free and\n system crash) by making a TIOCGETD ioctl call during\n processing of a TIOCSETD ioctl call (bnc#961500).\n\nThe following non-security bugs were fixed :\n\n - Bluetooth: ath3k: workaround the compatibility issue\n with xHCI controller (bnc#907378).\n\n - kABI fix for addition of user_namespace.flags field\n (bnc#965308, bnc#965356).\n\n - userns: Add a knob to disable setgroups on a per user\n namespace basis (bnc#965308, bnc#965356).\n\n - userns: Allow setting gid_maps without privilege when\n setgroups is disabled (bnc#965308, bnc#965356).\n\n - userns: Rename id_map_mutex to userns_state_mutex\n (bnc#965308, bnc#965356).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=907378\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965356\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:bbswitch-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-0.8-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-debugsource-0.8-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-default-0.8_k3.16.7_35-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-default-debuginfo-0.8_k3.16.7_35-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-desktop-0.8_k3.16.7_35-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_35-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-pae-0.8_k3.16.7_35-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_35-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-xen-0.8_k3.16.7_35-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_35-3.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-2.639-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-debuginfo-2.639-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-debugsource-2.639-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-default-2.639_k3.16.7_35-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-default-debuginfo-2.639_k3.16.7_35-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-desktop-2.639_k3.16.7_35-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-desktop-debuginfo-2.639_k3.16.7_35-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-pae-2.639_k3.16.7_35-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-pae-debuginfo-2.639_k3.16.7_35-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-xen-2.639_k3.16.7_35-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"cloop-kmp-xen-debuginfo-2.639_k3.16.7_35-14.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-7.0.8-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-debuginfo-7.0.8-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-debugsource-7.0.8-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-devel-7.0.8-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-eppic-7.0.8-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-eppic-debuginfo-7.0.8-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-gcore-7.0.8-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-gcore-debuginfo-7.0.8-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-default-7.0.8_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-default-debuginfo-7.0.8_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-desktop-7.0.8_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-pae-7.0.8_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-pae-debuginfo-7.0.8_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-xen-7.0.8_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"crash-kmp-xen-debuginfo-7.0.8_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-debugsource-1.28-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-default-1.28_k3.16.7_35-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-default-debuginfo-1.28_k3.16.7_35-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-desktop-1.28_k3.16.7_35-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_35-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-pae-1.28_k3.16.7_35-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_35-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-xen-1.28_k3.16.7_35-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_35-18.18.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-6.23-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-debuginfo-6.23-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-debugsource-6.23-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-devel-6.23-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-default-6.23_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-default-debuginfo-6.23_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-desktop-6.23_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-desktop-debuginfo-6.23_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-pae-6.23_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-pae-debuginfo-6.23_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-xen-6.23_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"ipset-kmp-xen-debuginfo-6.23_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-default-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-ec2-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-macros-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-build-3.16.7-35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-build-debugsource-3.16.7-35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-qa-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-obs-qa-xen-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-source-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-source-vanilla-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"kernel-syms-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libipset3-6.23-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libipset3-debuginfo-6.23-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-0.44-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-debuginfo-0.44-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-debugsource-0.44-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-default-0.44_k3.16.7_35-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-default-debuginfo-0.44_k3.16.7_35-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-desktop-0.44_k3.16.7_35-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_35-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-pae-0.44_k3.16.7_35-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_35-260.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-virtualbox-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"python-virtualbox-debuginfo-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-debugsource-20140629-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-default-20140629_k3.16.7_35-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-default-debuginfo-20140629_k3.16.7_35-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-desktop-20140629_k3.16.7_35-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-desktop-debuginfo-20140629_k3.16.7_35-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-pae-20140629_k3.16.7_35-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-pae-debuginfo-20140629_k3.16.7_35-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-xen-20140629_k3.16.7_35-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"vhba-kmp-xen-debuginfo-20140629_k3.16.7_35-2.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-debuginfo-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-debugsource-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-devel-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-desktop-icons-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-default-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-default-debuginfo-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-desktop-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-desktop-debuginfo-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-pae-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-kmp-pae-debuginfo-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-tools-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-tools-debuginfo-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-x11-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-guest-x11-debuginfo-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-default-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-default-debuginfo-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-desktop-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-desktop-debuginfo-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-pae-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-kmp-pae-debuginfo-4.3.36_k3.16.7_35-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-host-source-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-qt-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-qt-debuginfo-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-websrv-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"virtualbox-websrv-debuginfo-4.3.36-43.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-debugsource-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-devel-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-libs-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-libs-debuginfo-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-tools-domU-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xen-tools-domU-debuginfo-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-2.6-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-debuginfo-2.6-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-debugsource-2.6-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-default-2.6_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-desktop-2.6_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-pae-2.6_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-xen-2.6_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_35-17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-desktop-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-pae-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-vanilla-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"i686\", reference:\"kernel-xen-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.16.7-35.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-doc-html-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-default-4.4.3_08_k3.16.7_35-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-default-debuginfo-4.4.3_08_k3.16.7_35-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-desktop-4.4.3_08_k3.16.7_35-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-kmp-desktop-debuginfo-4.4.3_08_k3.16.7_35-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-tools-4.4.3_08-40.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.4.3_08-40.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bbswitch / bbswitch-debugsource / bbswitch-kmp-default / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:30", "description": "The openSUSE 13.1 kernel was updated to 3.12.57 to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov. (bsc#963765)\n\n - CVE-2015-8551: The PCI backend driver in Xen, when running on an x86 system and using Linux as the driver domain, allowed local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and a crafted sequence of XEN_PCI_OP_* operations, aka 'Linux pciback missing sanity checks (bnc#957990).\n\n - CVE-2015-8552: The PCI backend driver in Xen, when running on an x86 system and using Linux as the driver domain, allowed local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka 'Linux pciback missing sanity checks (bnc#957990).\n\n - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario.(bsc#966437).\n\n - CVE-2015-8816: A malicious USB device could cause kernel crashes in the in hub_activate() function (bnc#968010).\n\n - CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call. (bsc#961500)\n\n - CVE-2016-2184: A malicious USB device could cause kernel crashes in the alsa usb-audio device driver (bsc#971125).\n\n - CVE-2016-2384: A double free on the ALSA umidi object was fixed. (bsc#966693).\n\n - CVE-2016-2782: A malicious USB device could cause kernel crashes in the visor device driver (bnc#968670).\n\n - CVE-2016-3139: A malicious USB device could cause kernel crashes in the wacom device driver (bnc#970909).\n\n - CVE-2016-3156: A quadratic algorithm could lead to long kernel ipv4 hangs when removing a device with a large number of addresses. (bsc#971360).\n\nThe following non-security bugs were fixed :\n\n - acl: Fix problem with setting ACL on directories (bsc#867251).\n\n - acpi / processor: Introduce apic_id in struct processor to save parsed APIC id (bsc#959463).\n\n - alsa: rawmidi: Make snd_rawmidi_transmit() race-free (bsc#968018).\n\n - alsa: seq: Fix leak of pool buffer at concurrent writes (bsc#968018).\n\n - arm: cubox: Add separate cubox configuration.\n\n - arm: xen: implement multicall hypercall support.\n\n - block: xen-blkfront: Fix possible NULL ptr dereference (bsc#957986 fate#320625).\n\n - btrfs-8394-qgroup-Account-data-space-in-more-proper-timi n.patch: (bsc#963193).\n\n - btrfs: Add handler for invalidate page (bsc#963193).\n\n - btrfs: check prepare_uptodate_page() error code earlier (bnc#966910).\n\n - btrfs: delayed_ref: Add new function to record reserved space into delayed ref (bsc#963193).\n\n - btrfs: delayed_ref: release and free qgroup reserved at proper timing (bsc#963193).\n\n - btrfs: extent_io: Introduce needed structure for recoding set/clear bits (bsc#963193).\n\n - btrfs: extent_io: Introduce new function clear_record_extent_bits() (bsc#963193).\n\n - btrfs: extent_io: Introduce new function set_record_extent_bits (bsc#963193).\n\n - btrfs: extent-tree: Add new version of btrfs_check_data_free_space and btrfs_free_reserved_data_space (bsc#963193).\n\n - btrfs: extent-tree: Add new version of btrfs_delalloc_reserve/release_space (bsc#963193).\n\n - btrfs: extent-tree: Switch to new check_data_free_space and free_reserved_data_space (bsc#963193).\n\n - btrfs: extent-tree: Switch to new delalloc space reserve and release (bsc#963193).\n\n - btrfs: fallocate: Add support to accurate qgroup reserve (bsc#963193).\n\n - btrfs: fix invalid page accesses in extent_same (dedup) ioctl (bnc#968230).\n\n - btrfs: fix page reading in extent_same ioctl leading to csum errors (bnc#968230).\n\n - btrfs: fix warning in backref walking (bnc#966278).\n\n - btrfs: qgroup: Add handler for NOCOW and inline (bsc#963193).\n\n - btrfs: qgroup: Add new trace point for qgroup data reserve (bsc#963193).\n\n - btrfs: qgroup: Avoid calling btrfs_free_reserved_data_space in clear_bit_hook (bsc#963193).\n\n - btrfs: qgroup: Check if qgroup reserved space leaked (bsc#963193).\n\n - btrfs: qgroup: Cleanup old inaccurate facilities (bsc#963193).\n\n - btrfs: qgroup: Fix a race in delayed_ref which leads to abort trans (bsc#963193).\n\n - btrfs: qgroup: Fix a rebase bug which will cause qgroup double free (bsc#963193).\n\n - btrfs: qgroup: Fix dead judgement on qgroup_rescan_leaf() return value (bsc#969439).\n\n - btrfs: qgroup: Introduce btrfs_qgroup_reserve_data function (bsc#963193).\n\n - btrfs: qgroup: Introduce functions to release/free qgroup reserve data space (bsc#963193).\n\n - btrfs: qgroup: Introduce new functions to reserve/free metadata (bsc#963193).\n\n - btrfs: qgroup: Use new metadata reservation (bsc#963193).\n\n - cpu: Provide smpboot_thread_init() on !CONFIG_SMP kernels as well.\n\n - dcache: use IS_ROOT to decide where dentry is hashed (bsc#949752).\n\n - dmapi: fix dm_open_by_handle_rvp taking an extra ref to mnt (bsc#967292).\n\n - drivers/base/memory.c: fix kernel warning during memory hotplug on ppc64 (bsc#963827).\n\n - drivers:hv: Allow for MMIO claims that span ACPI _CRS records (bnc#965924).\n\n - drivers:hv: Define the channel type for Hyper-V PCI Express pass-through (bnc#965924).\n\n - drivers:hv: Export a function that maps Linux CPU num onto Hyper-V proc num (bnc#965924).\n\n - drivers:hv: Export the API to invoke a hypercall on Hyper-V (bnc#965924).\n\n - drivers: hv: kvp: fix IP Failover.\n\n - drivers:pci:hv: New paravirtual PCI front-end for Hyper-V VMs (bnc#965924).\n\n - drivers: xen-blkfront: only talk_to_blkback() when in XenbusStateInitialising (bsc#957986 fate#320625).\n\n - driver: xen-blkfront: move talk_to_blkback to a more suitable place (bsc#957986 fate#320625).\n\n - drm/i915: do not warn if backlight unexpectedly enabled (boo#972068).\n\n - drm/i915: set backlight duty cycle after backlight enable for gen4 (boo#972780).\n\n - e1000e: Avoid divide by zero error (bsc#968643).\n\n - e1000e: fix division by zero on jumbo MTUs (bsc#968643).\n\n - e1000e: Fix tight loop implementation of systime read algorithm (bsc#968643).\n\n - fix: print ext4 mountopt data_err=abort correctly (bsc#969735).\n\n - fs/proc_namespace.c: simplify testing nsp and nsp->mnt_ns (bug#963960).\n\n - futex: Drop refcount if requeue_pi() acquired the rtmutex (bug#960174).\n\n - hv: Lock access to hyperv_mmio resource tree (bnc#965924).\n\n - hv: Make a function to free mmio regions through vmbus (bnc#965924).\n\n - hv: Reverse order of resources in hyperv_mmio (bnc#965924).\n\n - hv: Track allocations of children of hv_vmbus in private resource tree (bnc#965924).\n\n - hv: Use new vmbus_mmio_free() from client drivers (bnc#965924).\n\n - hwmon: (coretemp) Increase maximum core to 128 (bsc#970160)\n\n - ibmvnic: Fix ibmvnic_capability struct (fate#320253).\n\n - intel_pstate: Use del_timer_sync in intel_pstate_cpu_stop (bsc#967650).\n\n - ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs (bsc#956852).\n\n - kabi: Preserve checksum of kvm_x86_ops (bsc#969112).\n\n - kABI: protect enum enclosure_component_type.\n\n - kabi: protect struct acpi_processor signature (bsc#959463).\n\n - kABI: protect struct af_alg_type.\n\n - kABI: protect struct crypto_ahash.\n\n - kABI: protect struct dm_exception_store_type.\n\n - kABI: protect struct fib_nh_exception.\n\n - kABI: protect struct module.\n\n - kABI: protect struct rq.\n\n - kABI: protect struct sched_class.\n\n - kABI: protect struct scm_creds.\n\n - kABI: protect struct user_struct.\n\n - kabi/severities :\n\n - kabi/severities: Fail on changes in kvm_x86_ops, needed by lttng-modules\n\n - kgr: fix reversion of a patch already reverted by a replace_all patch (fate#313296).\n\n - kvm: SVM: add rdmsr support for AMD event registers (bsc#968448).\n\n - kvm: x86: Check dest_map->vector to match eoi signals for rtc (bsc#966471).\n\n - kvm: x86: Convert ioapic->rtc_status.dest_map to a struct (bsc#966471).\n\n - kvm: x86: store IOAPIC-handled vectors in each VCPU (bsc#966471).\n\n - kvm: x86: Track irq vectors in ioapic->rtc_status.dest_map (bsc#966471).\n\n - libceph: fix scatterlist last_piece calculation (bsc#963746).\n\n - lpfc: Fix kmalloc overflow in LPFC driver at large core count (bsc#969690).\n\n - memcg: do not hang on OOM when killed by userspace OOM access to memory reserves (bnc#969571).\n\n - mld, igmp: Fix reserved tailroom calculation (bsc#956852).\n\n - mmc: Exynos: Add module alias for dw mmc.\n\n - mvneta: fix per-cpu stats initialization.\n\n - namespaces: Re-introduce task_nsproxy() helper (bug#963960).\n\n - namespaces: Use task_lock and not rcu to protect nsproxy (bug#963960).\n\n - net: core: Correct an over-stringent device loop detection (bsc#945219).\n\n - net: irda: Fix use-after-free in irtty_open() (bnc#967903).\n\n - nfs4: treat lock owners as opaque values (bnc#968141).\n\n - nfs: Background flush should not be low priority (bsc#955308).\n\n - nfsd: fix nfsd_setattr return code for HSM (bsc#969992).\n\n - nfs: do not use STABLE writes during writeback (bnc#816099).\n\n - nfs: Fix handling of re-write-before-commit for mmapped NFS pages (bsc#964201).\n\n - nvme: default to 4k device page size (bsc#967047).\n\n - nvme: special case AEN requests (bsc#965087).\n\n - omap3isp: fix miscompile.\n\n - omap: Fix missing cm3xxx.h include.\n\n - omap: Fix missing usb.h include.\n\n - pci: Add global pci_lock_rescan_remove() (bnc#965924).\n\n - pci: allow access to VPD attributes with size 0 (bsc#959146).\n\n - pciback: Check PF instead of VF for PCI_COMMAND_MEMORY.\n\n - pciback: Save the number of MSI-X entries to be copied later.\n\n - pci: Blacklist vpd access for buggy devices (bsc#959146).\n\n - pci: Determine actual VPD size on first access (bsc#959146).\n\n - pci: Export symbols required for loadable host driver modules (bnc#965924).\n\n - pci: pciehp: Disable link notification across slot reset (bsc#967651).\n\n - pci: pciehp: Do not check adapter or latch status while disabling (bsc#967651).\n\n - pci: pciehp: Do not disable the link permanently during removal (bsc#967651).\n\n - pci: pciehp: Ensure very fast hotplug events are also processed (bsc#967651).\n\n - pci: Update VPD definitions (bsc#959146).\n\n - perf, nmi: Fix unknown NMI warning (bsc#968512).\n\n - power: Add _GLOBAL_TOC for 32bit.\n\n - proc: Fix ptrace-based permission checks for accessing task maps.\n\n - qla2xxx: Remove unavailable firmware files (bsc#943645).\n\n - rbd: do not log miscompare as an error (bsc#970062).\n\n - Refresh patches.drivers/0005-aacraid-MSI-x-support.patch.\n (boo#970249)\n\n - resources: Set type in __request_region() (bnc#965924).\n\n - Revert 'ipv6: tcp: add rcu locking in tcp_v6_send_synack()' (bnc#961257).\n\n - rpm/kernel-binary.spec.in: Sync the main and -base package dependencies (bsc#965830#c51).\n\n - rpm/kernel-module-subpackage: Fix obsoleting dropped flavors (bsc#968253)\n\n - sched: unbreak non-SMP build.\n\n - scsi_dh_alua: Do not block request queue if workqueue is active (bsc#960458).\n\n - scsi: fix soft lockup in scsi_remove_target() on module removal (bsc#965199).\n\n - scsi: proper state checking and module refcount handling in scsi_device_get (boo#966831).\n\n - series.conf: add section comments\n\n - supported.conf: Add e1000e (emulated by VMware) to -base (bsc#968074)\n\n - supported.conf: Add Hyper-V modules to -base (bsc#965830)\n\n - supported.conf: Add isofs to -base (bsc#969655).\n\n - supported.conf: Add more qemu device driver (bsc#968234)\n\n - supported.conf: Add mptspi and mptsas to -base (bsc#968206)\n\n - supported.conf: Add the qemu scsi driver (sym53c8xx) to\n -base (bsc#967802)\n\n - supported.conf: Add tulip to -base for Hyper-V (bsc#968234)\n\n - supported.conf: Add virtio-rng (bsc#966026)\n\n - supported.conf: Add xen-blkfront.\n\n - supported.conf: Add xfs to -base (bsc#965891)\n\n - supported.conf: Fix usb-common path usb-common moved to its own subdirectory in kernel v3.16, and we backported that change to SLE12.\n\n - sysctl: do not add hardlockup_all_cpu_backtrace sysctl on UP.\n\n - tcp: Restore RFC5961-compliant behavior for SYN packets (bsc#966864).\n\n - Update config files. Add new option CONFIG_PARAVIRT_XEN_BLKDEV_FRONTEND to i386 xen and ec2.\n\n - Update config files. Enable CONFIG_DEBUG_INFO for ec2 flavor. It's overriden on build anyway and having it disabled causes 'make silentoldconfig' checks fail because of new symbol CONFIG_DEBUG_INFO_REDUCED.\n\n - Update config files: enable CONFIG_PCI_HYPERV in non-SLE configs These are i386/* except xen, ec2 and vanilla and x86_64 desktop and trace.\n\n - Update config files: enable MACH_CUBOX in armv7hl/cubox\n\n - Update config files: ppc and ppc64 are big endian New config options (not existing in 13.1) need to be set accordingly.\n\n - Update patches.drivers/drm-ast-Initialize-data-needed-to-map-fb dev-memory.patch (bnc#880007). Fix refs and upstream status.\n\n - Update Xen config files (enable upstream block frontend).\n\n - Update Xen patches to 3.12.55.\n\n - USB: ehci-s5p: Fix phy reset.\n\n - usb: phy: Fix phy-samsung-usb when built as module.\n\n - usb: Quiet down false peer failure messages (bnc#960629).\n\n - x86: export x86_msi (bnc#965924).\n\n - xen: Add /etc/modprobe.d/50-xen.conf selecting Xen frontend driver implementation (bsc#957986, bsc#956084, bsc#961658).\n\n - xen-blkfront: allow building in our Xen environment (bsc#957986 fate#320625).\n\n - xen, blkfront: factor out flush-related checks from do_blkif_request() (bsc#957986 fate#320625).\n\n - xen-blkfront: fix accounting of reqs when migrating (bsc#957986 fate#320625).\n\n - xen/blkfront: Fix crash if backend does not follow the right states (bsc#957986 fate#320625).\n\n - xen-blkfront: improve aproximation of required grants per request (bsc#957986 fate#320625).\n\n - xen/blkfront: improve protection against issuing unsupported REQ_FUA (bsc#957986 fate#320625).\n\n - xen/blkfront: remove redundant flush_op (bsc#957986 fate#320625).\n\n - xen-blkfront: remove type check from blkfront_setup_discard (bsc#957986 fate#320625).\n\n - xen-blkfront: Silence pfn maybe-uninitialized warning (bsc#957986 fate#320625).\n\n - xen: fix blkfront and blkback build with normal xen.\n\n - xen-vscsi-large-requests: Fix resource collision for racing request maps and unmaps (bsc#966094).\n\n - xfs/dmapi: drop lock over synchronous XFS_SEND_DATA events (bsc#969993).\n\n - xfs/dmapi: propertly send postcreate event (bsc#967299).", "cvss3": {}, "published": "2016-04-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2016-518)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8551", "CVE-2015-8552", "CVE-2015-8709", "CVE-2015-8785", "CVE-2015-8812", "CVE-2015-8816", "CVE-2016-0723", "CVE-2016-2143", "CVE-2016-2184", "CVE-2016-2384", "CVE-2016-2782", "CVE-2016-3139", "CVE-2016-3156"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ipset-debuginfo", "p-cpe:/a:novell:opensuse:ipset-debugsource", "p-cpe:/a:novell:opensuse:ipset-devel", "p-cpe:/a:novell:opensuse:ipset-kmp-default", "p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop", "p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-pae", "p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:ipset-kmp-xen", "p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget", "p-cpe:/a:novell:opensuse:iscsitarget-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget-debugsource", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-default", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-desktop", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-pae", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-xen", "p-cpe:/a:novell:opensuse:iscsitarget-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:cloop", "p-cpe:/a:novell:opensuse:cloop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-debugsource", "p-cpe:/a:novell:opensuse:cloop-kmp-default", "p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo", "p-cpe:/a:novell:opensuse:kernel-desktop-debugsource", "p-cpe:/a:novell:opensuse:kernel-desktop-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-ec2", "p-cpe:/a:novell:opensuse:kernel-ec2-base", "p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo", "p-cpe:/a:novell:opensuse:kernel-ec2-debugsource", "p-cpe:/a:novell:opensuse:kernel-ec2-devel", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-pae", "p-cpe:/a:novell:opensuse:kernel-pae-base", "p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-pae", "p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-xen", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-desktop", "p-cpe:/a:novell:opensuse:kernel-desktop-base", "p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo", "p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:crash", "p-cpe:/a:novell:opensuse:crash-debuginfo", "p-cpe:/a:novell:opensuse:crash-debugsource", "p-cpe:/a:novell:opensuse:crash-devel", "p-cpe:/a:novell:opensuse:crash-eppic", "p-cpe:/a:novell:opensuse:crash-eppic-debuginfo", "p-cpe:/a:novell:opensuse:crash-gcore", "p-cpe:/a:novell:opensuse:crash-gcore-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-default", "p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-desktop", "p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-pae", "p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:crash-kmp-xen", "p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-debugsource", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default", "p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop", "p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae", "p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen", "p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:ipset", "p-cpe:/a:novell:opensuse:kernel-pae-debuginfo", "p-cpe:/a:novell:opensuse:kernel-pae-debugsource", "p-cpe:/a:novell:opensuse:kernel-pae-devel", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-trace", "p-cpe:/a:novell:opensuse:kernel-trace-base", "p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace-debuginfo", "p-cpe:/a:novell:opensuse:kernel-trace-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen", "p-cpe:/a:novell:opensuse:kernel-trace-devel", "p-cpe:/a:novell:opensuse:kernel-xen-base", "p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-xen-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-xen-debugsource", "p-cpe:/a:novell:opensuse:kernel-xen-devel", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:libipset3", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:libipset3-debuginfo", "p-cpe:/a:novell:opensuse:ndiswrapper", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default", "p-cpe:/a:novell:opensuse:ndiswrapper-debuginfo", "p-cpe:/a:novell:opensuse:ndiswrapper-debugsource", "p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-desktop", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-pae", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae", "p-cpe:/a:novell:opensuse:ndiswrapper-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:openvswitch", "p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:openvswitch-controller", "p-cpe:/a:novell:opensuse:python-openvswitch", "p-cpe:/a:novell:opensuse:openvswitch-controller-debuginfo", "p-cpe:/a:novell:opensuse:openvswitch-debuginfo", "p-cpe:/a:novell:opensuse:openvswitch-debugsource", "p-cpe:/a:novell:opensuse:openvswitch-kmp-default", "p-cpe:/a:novell:opensuse:openvswitch-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:python-openvswitch-test", "p-cpe:/a:novell:opensuse:openvswitch-kmp-desktop", "p-cpe:/a:novell:opensuse:python-virtualbox", "p-cpe:/a:novell:opensuse:openvswitch-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:openvswitch-kmp-pae", "p-cpe:/a:novell:opensuse:openvswitch-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-debugsource", "p-cpe:/a:novell:opensuse:openvswitch-kmp-xen", "p-cpe:/a:novell:opensuse:openvswitch-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-default", "p-cpe:/a:novell:opensuse:openvswitch-pki", "p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:openvswitch-switch", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop", "p-cpe:/a:novell:opensuse:openvswitch-switch-debuginfo", "p-cpe:/a:novell:opensuse:openvswitch-test", "p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock", "p-cpe:/a:novell:opensuse:vhba-kmp-pae", "p-cpe:/a:novell:opensuse:pcfclock-debuginfo", "p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:pcfclock-debugsource", "p-cpe:/a:novell:opensuse:vhba-kmp-xen", "p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-debugsource", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-source", "p-cpe:/a:novell:opensuse:virtualbox-qt", "p-cpe:/a:novell:opensuse:virtualbox-devel", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-websrv", "p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae", "p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo", "p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-kmp-default", "p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-pae", "p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-libs-32bit", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domu", "p-cpe:/a:novell:opensuse:xen-tools-domu-debuginfo", "p-cpe:/a:novell:opensuse:xen-xend-tools", "p-cpe:/a:novell:opensuse:xen-xend-tools-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons", "p-cpe:/a:novell:opensuse:xtables-addons-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-debugsource", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen", "p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo", "cpe:/o:novell:opensuse:13.1"], "id": "OPENSUSE-2016-518.NASL", "href": "https://www.tenable.com/plugins/nessus/90783", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-518.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90783);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-8551\", \"CVE-2015-8552\", \"CVE-2015-8709\", \"CVE-2015-8785\", \"CVE-2015-8812\", \"CVE-2015-8816\", \"CVE-2016-0723\", \"CVE-2016-2143\", \"CVE-2016-2184\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3139\", \"CVE-2016-3156\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2016-518)\");\n script_summary(english:\"Check for the openSUSE-2016-518 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE 13.1 kernel was updated to 3.12.57 to receive various\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2015-8785: The fuse_fill_write_pages function in\n fs/fuse/file.c in the Linux kernel allowed local users\n to cause a denial of service (infinite loop) via a\n writev system call that triggers a zero length for the\n first segment of an iov. (bsc#963765)\n\n - CVE-2015-8551: The PCI backend driver in Xen, when\n running on an x86 system and using Linux as the driver\n domain, allowed local guest administrators to hit BUG\n conditions and cause a denial of service (NULL pointer\n dereference and host OS crash) by leveraging a system\n with access to a passed-through MSI or MSI-X capable\n physical PCI device and a crafted sequence of\n XEN_PCI_OP_* operations, aka 'Linux pciback missing\n sanity checks (bnc#957990).\n\n - CVE-2015-8552: The PCI backend driver in Xen, when\n running on an x86 system and using Linux as the driver\n domain, allowed local guest administrators to generate a\n continuous stream of WARN messages and cause a denial of\n service (disk consumption) by leveraging a system with\n access to a passed-through MSI or MSI-X capable physical\n PCI device and XEN_PCI_OP_enable_msi operations, aka\n 'Linux pciback missing sanity checks (bnc#957990).\n\n - CVE-2015-8812: A flaw was found in the CXGB3 kernel\n driver when the network was considered congested. The\n kernel would incorrectly misinterpret the congestion as\n an error condition and incorrectly free/clean up the\n skb. When the device would then send the skb's queued,\n these structures would be referenced and may panic the\n system or allow an attacker to escalate privileges in a\n use-after-free scenario.(bsc#966437).\n\n - CVE-2015-8816: A malicious USB device could cause kernel\n crashes in the in hub_activate() function (bnc#968010).\n\n - CVE-2016-0723: Race condition in the tty_ioctl function\n in drivers/tty/tty_io.c in the Linux kernel allowed\n local users to obtain sensitive information from kernel\n memory or cause a denial of service (use-after-free and\n system crash) by making a TIOCGETD ioctl call during\n processing of a TIOCSETD ioctl call. (bsc#961500)\n\n - CVE-2016-2184: A malicious USB device could cause kernel\n crashes in the alsa usb-audio device driver\n (bsc#971125).\n\n - CVE-2016-2384: A double free on the ALSA umidi object\n was fixed. (bsc#966693).\n\n - CVE-2016-2782: A malicious USB device could cause kernel\n crashes in the visor device driver (bnc#968670).\n\n - CVE-2016-3139: A malicious USB device could cause kernel\n crashes in the wacom device driver (bnc#970909).\n\n - CVE-2016-3156: A quadratic algorithm could lead to long\n kernel ipv4 hangs when removing a device with a large\n number of addresses. (bsc#971360).\n\nThe following non-security bugs were fixed :\n\n - acl: Fix problem with setting ACL on directories\n (bsc#867251).\n\n - acpi / processor: Introduce apic_id in struct processor\n to save parsed APIC id (bsc#959463).\n\n - alsa: rawmidi: Make snd_rawmidi_transmit() race-free\n (bsc#968018).\n\n - alsa: seq: Fix leak of pool buffer at concurrent writes\n (bsc#968018).\n\n - arm: cubox: Add separate cubox configuration.\n\n - arm: xen: implement multicall hypercall support.\n\n - block: xen-blkfront: Fix possible NULL ptr dereference\n (bsc#957986 fate#320625).\n\n -\n btrfs-8394-qgroup-Account-data-space-in-more-proper-timi\n n.patch: (bsc#963193).\n\n - btrfs: Add handler for invalidate page (bsc#963193).\n\n - btrfs: check prepare_uptodate_page() error code earlier\n (bnc#966910).\n\n - btrfs: delayed_ref: Add new function to record reserved\n space into delayed ref (bsc#963193).\n\n - btrfs: delayed_ref: release and free qgroup reserved at\n proper timing (bsc#963193).\n\n - btrfs: extent_io: Introduce needed structure for\n recoding set/clear bits (bsc#963193).\n\n - btrfs: extent_io: Introduce new function\n clear_record_extent_bits() (bsc#963193).\n\n - btrfs: extent_io: Introduce new function\n set_record_extent_bits (bsc#963193).\n\n - btrfs: extent-tree: Add new version of\n btrfs_check_data_free_space and\n btrfs_free_reserved_data_space (bsc#963193).\n\n - btrfs: extent-tree: Add new version of\n btrfs_delalloc_reserve/release_space (bsc#963193).\n\n - btrfs: extent-tree: Switch to new check_data_free_space\n and free_reserved_data_space (bsc#963193).\n\n - btrfs: extent-tree: Switch to new delalloc space reserve\n and release (bsc#963193).\n\n - btrfs: fallocate: Add support to accurate qgroup reserve\n (bsc#963193).\n\n - btrfs: fix invalid page accesses in extent_same (dedup)\n ioctl (bnc#968230).\n\n - btrfs: fix page reading in extent_same ioctl leading to\n csum errors (bnc#968230).\n\n - btrfs: fix warning in backref walking (bnc#966278).\n\n - btrfs: qgroup: Add handler for NOCOW and inline\n (bsc#963193).\n\n - btrfs: qgroup: Add new trace point for qgroup data\n reserve (bsc#963193).\n\n - btrfs: qgroup: Avoid calling\n btrfs_free_reserved_data_space in clear_bit_hook\n (bsc#963193).\n\n - btrfs: qgroup: Check if qgroup reserved space leaked\n (bsc#963193).\n\n - btrfs: qgroup: Cleanup old inaccurate facilities\n (bsc#963193).\n\n - btrfs: qgroup: Fix a race in delayed_ref which leads to\n abort trans (bsc#963193).\n\n - btrfs: qgroup: Fix a rebase bug which will cause qgroup\n double free (bsc#963193).\n\n - btrfs: qgroup: Fix dead judgement on\n qgroup_rescan_leaf() return value (bsc#969439).\n\n - btrfs: qgroup: Introduce btrfs_qgroup_reserve_data\n function (bsc#963193).\n\n - btrfs: qgroup: Introduce functions to release/free\n qgroup reserve data space (bsc#963193).\n\n - btrfs: qgroup: Introduce new functions to reserve/free\n metadata (bsc#963193).\n\n - btrfs: qgroup: Use new metadata reservation\n (bsc#963193).\n\n - cpu: Provide smpboot_thread_init() on !CONFIG_SMP\n kernels as well.\n\n - dcache: use IS_ROOT to decide where dentry is hashed\n (bsc#949752).\n\n - dmapi: fix dm_open_by_handle_rvp taking an extra ref to\n mnt (bsc#967292).\n\n - drivers/base/memory.c: fix kernel warning during memory\n hotplug on ppc64 (bsc#963827).\n\n - drivers:hv: Allow for MMIO claims that span ACPI _CRS\n records (bnc#965924).\n\n - drivers:hv: Define the channel type for Hyper-V PCI\n Express pass-through (bnc#965924).\n\n - drivers:hv: Export a function that maps Linux CPU num\n onto Hyper-V proc num (bnc#965924).\n\n - drivers:hv: Export the API to invoke a hypercall on\n Hyper-V (bnc#965924).\n\n - drivers: hv: kvp: fix IP Failover.\n\n - drivers:pci:hv: New paravirtual PCI front-end for\n Hyper-V VMs (bnc#965924).\n\n - drivers: xen-blkfront: only talk_to_blkback() when in\n XenbusStateInitialising (bsc#957986 fate#320625).\n\n - driver: xen-blkfront: move talk_to_blkback to a more\n suitable place (bsc#957986 fate#320625).\n\n - drm/i915: do not warn if backlight unexpectedly enabled\n (boo#972068).\n\n - drm/i915: set backlight duty cycle after backlight\n enable for gen4 (boo#972780).\n\n - e1000e: Avoid divide by zero error (bsc#968643).\n\n - e1000e: fix division by zero on jumbo MTUs (bsc#968643).\n\n - e1000e: Fix tight loop implementation of systime read\n algorithm (bsc#968643).\n\n - fix: print ext4 mountopt data_err=abort correctly\n (bsc#969735).\n\n - fs/proc_namespace.c: simplify testing nsp and\n nsp->mnt_ns (bug#963960).\n\n - futex: Drop refcount if requeue_pi() acquired the\n rtmutex (bug#960174).\n\n - hv: Lock access to hyperv_mmio resource tree\n (bnc#965924).\n\n - hv: Make a function to free mmio regions through vmbus\n (bnc#965924).\n\n - hv: Reverse order of resources in hyperv_mmio\n (bnc#965924).\n\n - hv: Track allocations of children of hv_vmbus in private\n resource tree (bnc#965924).\n\n - hv: Use new vmbus_mmio_free() from client drivers\n (bnc#965924).\n\n - hwmon: (coretemp) Increase maximum core to 128\n (bsc#970160)\n\n - ibmvnic: Fix ibmvnic_capability struct (fate#320253).\n\n - intel_pstate: Use del_timer_sync in\n intel_pstate_cpu_stop (bsc#967650).\n\n - ipv6: mld: fix add_grhead skb_over_panic for devs with\n large MTUs (bsc#956852).\n\n - kabi: Preserve checksum of kvm_x86_ops (bsc#969112).\n\n - kABI: protect enum enclosure_component_type.\n\n - kabi: protect struct acpi_processor signature\n (bsc#959463).\n\n - kABI: protect struct af_alg_type.\n\n - kABI: protect struct crypto_ahash.\n\n - kABI: protect struct dm_exception_store_type.\n\n - kABI: protect struct fib_nh_exception.\n\n - kABI: protect struct module.\n\n - kABI: protect struct rq.\n\n - kABI: protect struct sched_class.\n\n - kABI: protect struct scm_creds.\n\n - kABI: protect struct user_struct.\n\n - kabi/severities :\n\n - kabi/severities: Fail on changes in kvm_x86_ops, needed\n by lttng-modules\n\n - kgr: fix reversion of a patch already reverted by a\n replace_all patch (fate#313296).\n\n - kvm: SVM: add rdmsr support for AMD event registers\n (bsc#968448).\n\n - kvm: x86: Check dest_map->vector to match eoi signals\n for rtc (bsc#966471).\n\n - kvm: x86: Convert ioapic->rtc_status.dest_map to a\n struct (bsc#966471).\n\n - kvm: x86: store IOAPIC-handled vectors in each VCPU\n (bsc#966471).\n\n - kvm: x86: Track irq vectors in\n ioapic->rtc_status.dest_map (bsc#966471).\n\n - libceph: fix scatterlist last_piece calculation\n (bsc#963746).\n\n - lpfc: Fix kmalloc overflow in LPFC driver at large core\n count (bsc#969690).\n\n - memcg: do not hang on OOM when killed by userspace OOM\n access to memory reserves (bnc#969571).\n\n - mld, igmp: Fix reserved tailroom calculation\n (bsc#956852).\n\n - mmc: Exynos: Add module alias for dw mmc.\n\n - mvneta: fix per-cpu stats initialization.\n\n - namespaces: Re-introduce task_nsproxy() helper\n (bug#963960).\n\n - namespaces: Use task_lock and not rcu to protect nsproxy\n (bug#963960).\n\n - net: core: Correct an over-stringent device loop\n detection (bsc#945219).\n\n - net: irda: Fix use-after-free in irtty_open()\n (bnc#967903).\n\n - nfs4: treat lock owners as opaque values (bnc#968141).\n\n - nfs: Background flush should not be low priority\n (bsc#955308).\n\n - nfsd: fix nfsd_setattr return code for HSM (bsc#969992).\n\n - nfs: do not use STABLE writes during writeback\n (bnc#816099).\n\n - nfs: Fix handling of re-write-before-commit for mmapped\n NFS pages (bsc#964201).\n\n - nvme: default to 4k device page size (bsc#967047).\n\n - nvme: special case AEN requests (bsc#965087).\n\n - omap3isp: fix miscompile.\n\n - omap: Fix missing cm3xxx.h include.\n\n - omap: Fix missing usb.h include.\n\n - pci: Add global pci_lock_rescan_remove() (bnc#965924).\n\n - pci: allow access to VPD attributes with size 0\n (bsc#959146).\n\n - pciback: Check PF instead of VF for PCI_COMMAND_MEMORY.\n\n - pciback: Save the number of MSI-X entries to be copied\n later.\n\n - pci: Blacklist vpd access for buggy devices\n (bsc#959146).\n\n - pci: Determine actual VPD size on first access\n (bsc#959146).\n\n - pci: Export symbols required for loadable host driver\n modules (bnc#965924).\n\n - pci: pciehp: Disable link notification across slot reset\n (bsc#967651).\n\n - pci: pciehp: Do not check adapter or latch status while\n disabling (bsc#967651).\n\n - pci: pciehp: Do not disable the link permanently during\n removal (bsc#967651).\n\n - pci: pciehp: Ensure very fast hotplug events are also\n processed (bsc#967651).\n\n - pci: Update VPD definitions (bsc#959146).\n\n - perf, nmi: Fix unknown NMI warning (bsc#968512).\n\n - power: Add _GLOBAL_TOC for 32bit.\n\n - proc: Fix ptrace-based permission checks for accessing\n task maps.\n\n - qla2xxx: Remove unavailable firmware files (bsc#943645).\n\n - rbd: do not log miscompare as an error (bsc#970062).\n\n - Refresh\n patches.drivers/0005-aacraid-MSI-x-support.patch.\n (boo#970249)\n\n - resources: Set type in __request_region() (bnc#965924).\n\n - Revert 'ipv6: tcp: add rcu locking in\n tcp_v6_send_synack()' (bnc#961257).\n\n - rpm/kernel-binary.spec.in: Sync the main and -base\n package dependencies (bsc#965830#c51).\n\n - rpm/kernel-module-subpackage: Fix obsoleting dropped\n flavors (bsc#968253)\n\n - sched: unbreak non-SMP build.\n\n - scsi_dh_alua: Do not block request queue if workqueue is\n active (bsc#960458).\n\n - scsi: fix soft lockup in scsi_remove_target() on module\n removal (bsc#965199).\n\n - scsi: proper state checking and module refcount handling\n in scsi_device_get (boo#966831).\n\n - series.conf: add section comments\n\n - supported.conf: Add e1000e (emulated by VMware) to -base\n (bsc#968074)\n\n - supported.conf: Add Hyper-V modules to -base\n (bsc#965830)\n\n - supported.conf: Add isofs to -base (bsc#969655).\n\n - supported.conf: Add more qemu device driver (bsc#968234)\n\n - supported.conf: Add mptspi and mptsas to -base\n (bsc#968206)\n\n - supported.conf: Add the qemu scsi driver (sym53c8xx) to\n -base (bsc#967802)\n\n - supported.conf: Add tulip to -base for Hyper-V\n (bsc#968234)\n\n - supported.conf: Add virtio-rng (bsc#966026)\n\n - supported.conf: Add xen-blkfront.\n\n - supported.conf: Add xfs to -base (bsc#965891)\n\n - supported.conf: Fix usb-common path usb-common moved to\n its own subdirectory in kernel v3.16, and we backported\n that change to SLE12.\n\n - sysctl: do not add hardlockup_all_cpu_backtrace sysctl\n on UP.\n\n - tcp: Restore RFC5961-compliant behavior for SYN packets\n (bsc#966864).\n\n - Update config files. Add new option\n CONFIG_PARAVIRT_XEN_BLKDEV_FRONTEND to i386 xen and ec2.\n\n - Update config files. Enable CONFIG_DEBUG_INFO for ec2\n flavor. It's overriden on build anyway and having it\n disabled causes 'make silentoldconfig' checks fail\n because of new symbol CONFIG_DEBUG_INFO_REDUCED.\n\n - Update config files: enable CONFIG_PCI_HYPERV in non-SLE\n configs These are i386/* except xen, ec2 and vanilla and\n x86_64 desktop and trace.\n\n - Update config files: enable MACH_CUBOX in armv7hl/cubox\n\n - Update config files: ppc and ppc64 are big endian New\n config options (not existing in 13.1) need to be set\n accordingly.\n\n - Update\n patches.drivers/drm-ast-Initialize-data-needed-to-map-fb\n dev-memory.patch (bnc#880007). Fix refs and upstream\n status.\n\n - Update Xen config files (enable upstream block\n frontend).\n\n - Update Xen patches to 3.12.55.\n\n - USB: ehci-s5p: Fix phy reset.\n\n - usb: phy: Fix phy-samsung-usb when built as module.\n\n - usb: Quiet down false peer failure messages\n (bnc#960629).\n\n - x86: export x86_msi (bnc#965924).\n\n - xen: Add /etc/modprobe.d/50-xen.conf selecting Xen\n frontend driver implementation (bsc#957986, bsc#956084,\n bsc#961658).\n\n - xen-blkfront: allow building in our Xen environment\n (bsc#957986 fate#320625).\n\n - xen, blkfront: factor out flush-related checks from\n do_blkif_request() (bsc#957986 fate#320625).\n\n - xen-blkfront: fix accounting of reqs when migrating\n (bsc#957986 fate#320625).\n\n - xen/blkfront: Fix crash if backend does not follow the\n right states (bsc#957986 fate#320625).\n\n - xen-blkfront: improve aproximation of required grants\n per request (bsc#957986 fate#320625).\n\n - xen/blkfront: improve protection against issuing\n unsupported REQ_FUA (bsc#957986 fate#320625).\n\n - xen/blkfront: remove redundant flush_op (bsc#957986\n fate#320625).\n\n - xen-blkfront: remove type check from\n blkfront_setup_discard (bsc#957986 fate#320625).\n\n - xen-blkfront: Silence pfn maybe-uninitialized warning\n (bsc#957986 fate#320625).\n\n - xen: fix blkfront and blkback build with normal xen.\n\n - xen-vscsi-large-requests: Fix resource collision for\n racing request maps and unmaps (bsc#966094).\n\n - xfs/dmapi: drop lock over synchronous XFS_SEND_DATA\n events (bsc#969993).\n\n - xfs/dmapi: propertly send postcreate event (bsc#967299).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=816099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=867251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=880007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=943645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=945219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=949752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=955308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=956852\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=957990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=959709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960174\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=960629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=961658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=963960\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=964201\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=965924\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966278\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=967047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=967292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=967299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=967650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=967651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=967802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=967903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=968670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=969993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=970062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=970160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=970249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=970909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=971125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=971360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=972068\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=972780\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cloop-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-eppic-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-gcore-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:crash-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:hdjmod-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ipset-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:iscsitarget-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-desktop-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libipset3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ndiswrapper-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-controller-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-pki\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-switch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-switch-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openvswitch-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pcfclock-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-openvswitch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-openvswitch-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vhba-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-xend-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-xend-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xtables-addons-kmp-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-2.639-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-debuginfo-2.639-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-debugsource-2.639-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-default-2.639_k3.12.57_44-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-default-debuginfo-2.639_k3.12.57_44-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-desktop-2.639_k3.12.57_44-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-desktop-debuginfo-2.639_k3.12.57_44-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-pae-2.639_k3.12.57_44-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-pae-debuginfo-2.639_k3.12.57_44-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-xen-2.639_k3.12.57_44-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"cloop-kmp-xen-debuginfo-2.639_k3.12.57_44-11.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-7.0.2-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-debuginfo-7.0.2-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-debugsource-7.0.2-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-devel-7.0.2-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-eppic-7.0.2-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-eppic-debuginfo-7.0.2-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-gcore-7.0.2-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-gcore-debuginfo-7.0.2-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-default-7.0.2_k3.12.57_44-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-default-debuginfo-7.0.2_k3.12.57_44-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-desktop-7.0.2_k3.12.57_44-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-desktop-debuginfo-7.0.2_k3.12.57_44-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-pae-7.0.2_k3.12.57_44-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-pae-debuginfo-7.0.2_k3.12.57_44-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-xen-7.0.2_k3.12.57_44-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"crash-kmp-xen-debuginfo-7.0.2_k3.12.57_44-2.28.4\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-debugsource-1.28-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-default-1.28_k3.12.57_44-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-default-debuginfo-1.28_k3.12.57_44-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-desktop-1.28_k3.12.57_44-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-desktop-debuginfo-1.28_k3.12.57_44-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-pae-1.28_k3.12.57_44-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-pae-debuginfo-1.28_k3.12.57_44-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-xen-1.28_k3.12.57_44-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"hdjmod-kmp-xen-debuginfo-1.28_k3.12.57_44-16.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-6.21.1-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-debuginfo-6.21.1-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-debugsource-6.21.1-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-devel-6.21.1-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-default-6.21.1_k3.12.57_44-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-default-debuginfo-6.21.1_k3.12.57_44-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-desktop-6.21.1_k3.12.57_44-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-desktop-debuginfo-6.21.1_k3.12.57_44-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-pae-6.21.1_k3.12.57_44-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-pae-debuginfo-6.21.1_k3.12.57_44-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-xen-6.21.1_k3.12.57_44-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ipset-kmp-xen-debuginfo-6.21.1_k3.12.57_44-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-1.4.20.3-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-debuginfo-1.4.20.3-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-debugsource-1.4.20.3-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-default-1.4.20.3_k3.12.57_44-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-default-debuginfo-1.4.20.3_k3.12.57_44-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-desktop-1.4.20.3_k3.12.57_44-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-desktop-debuginfo-1.4.20.3_k3.12.57_44-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-pae-1.4.20.3_k3.12.57_44-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-pae-debuginfo-1.4.20.3_k3.12.57_44-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-xen-1.4.20.3_k3.12.57_44-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"iscsitarget-kmp-xen-debuginfo-1.4.20.3_k3.12.57_44-13.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-default-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-devel-3.12.57-44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-macros-3.12.57-44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-source-3.12.57-44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-source-vanilla-3.12.57-44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"kernel-syms-3.12.57-44.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libipset3-6.21.1-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"libipset3-debuginfo-6.21.1-2.32.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-1.58-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-debuginfo-1.58-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-debugsource-1.58-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-default-1.58_k3.12.57_44-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-default-debuginfo-1.58_k3.12.57_44-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-desktop-1.58_k3.12.57_44-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-desktop-debuginfo-1.58_k3.12.57_44-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-pae-1.58_k3.12.57_44-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"ndiswrapper-kmp-pae-debuginfo-1.58_k3.12.57_44-29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-controller-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-controller-debuginfo-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-debuginfo-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-debugsource-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-kmp-default-1.11.0_k3.12.57_44-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-kmp-default-debuginfo-1.11.0_k3.12.57_44-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-kmp-desktop-1.11.0_k3.12.57_44-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-kmp-desktop-debuginfo-1.11.0_k3.12.57_44-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-kmp-pae-1.11.0_k3.12.57_44-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-kmp-pae-debuginfo-1.11.0_k3.12.57_44-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-kmp-xen-1.11.0_k3.12.57_44-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-kmp-xen-debuginfo-1.11.0_k3.12.57_44-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-pki-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-switch-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-switch-debuginfo-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"openvswitch-test-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-0.44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-debuginfo-0.44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-debugsource-0.44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-default-0.44_k3.12.57_44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-default-debuginfo-0.44_k3.12.57_44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-desktop-0.44_k3.12.57_44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-desktop-debuginfo-0.44_k3.12.57_44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-pae-0.44_k3.12.57_44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"pcfclock-kmp-pae-debuginfo-0.44_k3.12.57_44-258.29.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-openvswitch-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-openvswitch-test-1.11.0-0.35.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-virtualbox-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"python-virtualbox-debuginfo-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-debugsource-20130607-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-default-20130607_k3.12.57_44-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-default-debuginfo-20130607_k3.12.57_44-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-desktop-20130607_k3.12.57_44-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-desktop-debuginfo-20130607_k3.12.57_44-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-pae-20130607_k3.12.57_44-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-pae-debuginfo-20130607_k3.12.57_44-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-xen-20130607_k3.12.57_44-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"vhba-kmp-xen-debuginfo-20130607_k3.12.57_44-2.28.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-debuginfo-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-debugsource-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-devel-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-default-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-default-debuginfo-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-desktop-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-desktop-debuginfo-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-pae-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-kmp-pae-debuginfo-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-tools-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-tools-debuginfo-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-x11-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-guest-x11-debuginfo-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-default-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-default-debuginfo-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-desktop-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-desktop-debuginfo-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-pae-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-kmp-pae-debuginfo-4.2.36_k3.12.57_44-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-host-source-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-qt-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-qt-debuginfo-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-websrv-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"virtualbox-websrv-debuginfo-4.2.36-2.60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-debugsource-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-devel-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-default-4.3.4_10_k3.12.57_44-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-default-debuginfo-4.3.4_10_k3.12.57_44-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-desktop-4.3.4_10_k3.12.57_44-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-desktop-debuginfo-4.3.4_10_k3.12.57_44-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-pae-4.3.4_10_k3.12.57_44-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-kmp-pae-debuginfo-4.3.4_10_k3.12.57_44-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-libs-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-libs-debuginfo-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-tools-domU-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xen-tools-domU-debuginfo-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-2.3-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-debuginfo-2.3-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-debugsource-2.3-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-default-2.3_k3.12.57_44-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-default-debuginfo-2.3_k3.12.57_44-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-desktop-2.3_k3.12.57_44-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-desktop-debuginfo-2.3_k3.12.57_44-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-pae-2.3_k3.12.57_44-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-pae-debuginfo-2.3_k3.12.57_44-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-xen-2.3_k3.12.57_44-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", reference:\"xtables-addons-kmp-xen-debuginfo-2.3_k3.12.57_44-2.27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-debug-devel-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-desktop-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-ec2-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-pae-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-trace-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-vanilla-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"i686\", reference:\"kernel-xen-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-debug-devel-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-desktop-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-trace-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-vanilla-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.57-44.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-doc-html-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-libs-32bit-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-libs-debuginfo-32bit-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-tools-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-tools-debuginfo-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-xend-tools-4.3.4_10-61.2\") ) flag++;\nif ( rpm_check(release:\"SUSE13.1\", cpu:\"x86_64\", reference:\"xen-xend-tools-debuginfo-4.3.4_10-61.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cloop / cloop-debuginfo / cloop-debugsource / cloop-kmp-default / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:12:18", "description": "According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - A race condition flaw was found in the way the Linux kernel's SCTP implementation handled sctp_accept() during the processing of heartbeat timeout events. A remote attacker could use this flaw to prevent further connections to be accepted by the SCTP server running on the system, resulting in a denial of service.(CVE-2015-8767)\n\n - The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application.(CVE-2015-8660)\n\n - Several Moderate and Low impact security issues were found in the Linux kernel. Space precludes documenting each of these issues in this advisory. Refer to the CVE links in the References section for a description of each of these vulnerabilities. (CVE-2015-8746, CVE-2015-8812, CVE-2016-2069, CVE-2016-2117, CVE-2016-2384, CVE-2016-2847)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-05-01T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1020)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8660", "CVE-2015-8746", "CVE-2015-8767", "CVE-2015-8812", "CVE-2016-2069", "CVE-2016-2117", "CVE-2016-2384", "CVE-2016-2847"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-debug", "p-cpe:/a:huawei:euleros:kernel-debuginfo", "p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2016-1020.NASL", "href": "https://www.tenable.com/plugins/nessus/99783", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(99783);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2015-8660\",\n \"CVE-2015-8746\",\n \"CVE-2015-8767\",\n \"CVE-2015-8812\",\n \"CVE-2016-2069\",\n \"CVE-2016-2117\",\n \"CVE-2016-2384\",\n \"CVE-2016-2847\"\n );\n\n script_name(english:\"EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1020)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - A race condition flaw was found in the way the Linux\n kernel's SCTP implementation handled sctp_accept()\n during the processing of heartbeat timeout events. A\n remote attacker could use this flaw to prevent further\n connections to be accepted by the SCTP server running\n on the system, resulting in a denial of\n service.(CVE-2015-8767)\n\n - The ovl_setattr function in fs/overlayfs/inode.c in the\n Linux kernel through 4.3.3 attempts to merge distinct\n setattr operations, which allows local users to bypass\n intended access restrictions and modify the attributes\n of arbitrary overlay files via a crafted\n application.(CVE-2015-8660)\n\n - Several Moderate and Low impact security issues were\n found in the Linux kernel. Space precludes documenting\n each of these issues in this advisory. Refer to the CVE\n links in the References section for a description of\n each of these vulnerabilities. (CVE-2015-8746,\n CVE-2015-8812, CVE-2016-2069, CVE-2016-2117,\n CVE-2016-2384, CVE-2016-2847)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2016-1020\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?71b1ff6c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Overlayfs Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(1)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP1\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-229.30.1.57\",\n \"kernel-debug-3.10.0-229.30.1.57\",\n \"kernel-debuginfo-3.10.0-229.30.1.57\",\n \"kernel-debuginfo-common-x86_64-3.10.0-229.30.1.57\",\n \"kernel-devel-3.10.0-229.30.1.57\",\n \"kernel-headers-3.10.0-229.30.1.57\",\n \"kernel-tools-3.10.0-229.30.1.57\",\n \"kernel-tools-libs-3.10.0-229.30.1.57\",\n \"perf-3.10.0-229.30.1.57\",\n \"python-perf-3.10.0-229.30.1.57\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"1\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:00", "description": "The 4.2.7 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.2.7-300.fc23 (2015-ac9a19888e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7515", "CVE-2015-7833", "CVE-2015-8374"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-AC9A19888E.NASL", "href": "https://www.tenable.com/plugins/nessus/89366", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-ac9a19888e.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89366);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7515\", \"CVE-2015-7833\", \"CVE-2015-8374\");\n script_xref(name:\"FEDORA\", value:\"2015-ac9a19888e\");\n\n script_name(english:\"Fedora 23 : kernel-4.2.7-300.fc23 (2015-ac9a19888e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.7 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1270158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1285326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1286261\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/173908.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b32d1104\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.2.7-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:24", "description": "The 4.2.7 stable update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.2.7-200.fc22 (2015-c4ed00a68f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7515", "CVE-2015-7833", "CVE-2015-8374"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-C4ED00A68F.NASL", "href": "https://www.tenable.com/plugins/nessus/89399", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-c4ed00a68f.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89399);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7515\", \"CVE-2015-7833\", \"CVE-2015-8374\");\n script_xref(name:\"FEDORA\", value:\"2015-c4ed00a68f\");\n\n script_name(english:\"Fedora 22 : kernel-4.2.7-200.fc22 (2015-c4ed00a68f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.7 stable update contains a number of important fixes across\nthe tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1270158\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1285326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1286261\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-December/173888.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6bfd0e0d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.2.7-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:27", "description": "The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.57 to receive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2015-8812: A flaw was found in the CXGB3 kernel driver when the network was considered congested. The kernel would incorrectly misinterpret the congestion as an error condition and incorrectly free/clean up the skb. When the device would then send the skb's queued, these structures would be referenced and may panic the system or allow an attacker to escalate privileges in a use-after-free scenario. (bsc#966437)\n\n - CVE-2015-8816: A malicious USB device could cause a kernel crash in the USB hub driver. (bnc#968010).\n\n - CVE-2016-2143: On zSeries a fork of a large process could have caused memory corruption due to incorrect page table handling. (bnc#970504)\n\n - CVE-2016-2184: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#971125).\n\n - CVE-2016-2384: A malicious USB device could cause a kernel crash in the alsa usb-audio driver. (bsc#966693)\n\n - CVE-2016-2782: A malicious USB device could cause a kernel crash in the usb visor driver. (bnc#968670).\n\n - CVE-2016-3139: A malicious USB device could cause a kernel crash in the wacom driver. (bnc#970909).\n\n - CVE-2016-3156: Removal of ipv4 interfaces with a large number of IP addresses was taking very long.\n (bsc#971360).\n\n - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states 'there is no kernel bug here (bnc#960561).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-04-15T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:1019-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8709", "CVE-2015-8812", "CVE-2015-8816", "CVE-2016-2143", "CVE-2016-2184", "CVE-2016-2384", "CVE-2016-2782", "CVE-2016-3139", "CVE-2016-3156"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-1019-1.NASL", "href": "https://www.tenable.com/plugins/nessus/90531", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:1019-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90531);\n script_version(\"2.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-8709\", \"CVE-2015-8812\", \"CVE-2015-8816\", \"CVE-2016-2143\", \"CVE-2016-2184\", \"CVE-2016-2384\", \"CVE-2016-2782\", \"CVE-2016-3139\", \"CVE-2016-3156\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:1019-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.57 to\nreceive various security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2015-8812: A flaw was found in the CXGB3 kernel\n driver when the network was considered congested. The\n kernel would incorrectly misinterpret the congestion as\n an error condition and incorrectly free/clean up the\n skb. When the device would then send the skb's queued,\n these structures would be referenced and may panic the\n system or allow an attacker to escalate privileges in a\n use-after-free scenario. (bsc#966437)\n\n - CVE-2015-8816: A malicious USB device could cause a\n kernel crash in the USB hub driver. (bnc#968010).\n\n - CVE-2016-2143: On zSeries a fork of a large process\n could have caused memory corruption due to incorrect\n page table handling. (bnc#970504)\n\n - CVE-2016-2184: A malicious USB device could cause a\n kernel crash in the alsa usb-audio driver. (bsc#971125).\n\n - CVE-2016-2384: A malicious USB device could cause a\n kernel crash in the alsa usb-audio driver. (bsc#966693)\n\n - CVE-2016-2782: A malicious USB device could cause a\n kernel crash in the usb visor driver. (bnc#968670).\n\n - CVE-2016-3139: A malicious USB device could cause a\n kernel crash in the wacom driver. (bnc#970909).\n\n - CVE-2016-3156: Removal of ipv4 interfaces with a large\n number of IP addresses was taking very long.\n (bsc#971360).\n\n - CVE-2015-8709: kernel/ptrace.c in the Linux kernel\n mishandled uid and gid mappings, which allowed local\n users to gain privileges by establishing a user\n namespace, waiting for a root process to enter that\n namespace with an unsafe uid or gid, and then using the\n ptrace system call. NOTE: the vendor states 'there is no\n kernel bug here (bnc#960561).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=816099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=867251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=875631\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=880007\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944749\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956852\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960174\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963960\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=964201\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=964730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965087\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965924\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966278\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967047\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967651\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967903\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968141\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968448\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968643\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969439\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969655\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969690\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969735\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969992\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969993\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=970062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=970160\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=970249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=970909\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=971125\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=971360\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8709/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8812/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8816/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2143/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2184/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2384/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2782/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3139/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-3156/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20161019-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ac814a9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP1 :\n\nzypper in -t patch SUSE-SLE-WE-12-SP1-2016-600=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP1-2016-600=1\n\nSUSE Linux Enterprise Server 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2016-600=1\n\nSUSE Linux Enterprise Module for Public Cloud 12 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-600=1\n\nSUSE Linux Enterprise Live Patching 12 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-2016-600=1\n\nSUSE Linux Enterprise Desktop 12-SP1 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-SP1-2016-600=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/04/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-debuginfo-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debuginfo-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debugsource-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-devel-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-syms-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.57-60.35.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.57-60.35.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:06", "description": "Backported i915, networking, and nouveau fixes tagged for stable from 4.4 upstream. Assorted fixes elsewhere. ---- A few bug fixes and backports of all the i915 patches queued for stable from 4.4. ---- A number of fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.3.3-303.fc23 (2016-b59fd603be)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-7513", "CVE-2015-7566", "CVE-2016-0728"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-B59FD603BE.NASL", "href": "https://www.tenable.com/plugins/nessus/89600", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-b59fd603be.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89600);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-7513\", \"CVE-2015-7566\", \"CVE-2016-0728\");\n script_xref(name:\"FEDORA\", value:\"2016-b59fd603be\");\n\n script_name(english:\"Fedora 23 : kernel-4.3.3-303.fc23 (2016-b59fd603be)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Backported i915, networking, and nouveau fixes tagged for stable from\n4.4 upstream. Assorted fixes elsewhere. ---- A few bug fixes and\nbackports of all the i915 patches queued for stable from 4.4. ---- A\nnumber of fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1284847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297475\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6c84e8fb\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.3.3-303.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:03", "description": "Update to latest upstream stable release, Linux v4.3.4. Fixes for Elan touchpads.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.3.4-300.fc23 (2016-2f25d12c51)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-8787", "CVE-2016-0723"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-2F25D12C51.NASL", "href": "https://www.tenable.com/plugins/nessus/89507", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-2f25d12c51.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89507);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-8787\", \"CVE-2016-0723\");\n script_xref(name:\"FEDORA\", value:\"2016-2f25d12c51\");\n\n script_name(english:\"Fedora 23 : kernel-4.3.4-300.fc23 (2016-2f25d12c51)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, Linux v4.3.4. Fixes for Elan\ntouchpads.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1300731\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d44ecb9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.3.4-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:13", "description": "The SUSE Linux Enterprise 12 kernel was updated to 3.12.55 to receive various security and bugfixes.\n\nFeatures added :\n\n - A improved XEN blkfront module was added, which allows more I/O bandwidth. (FATE#320625) It is called xen-blkfront in PV, and xen-vbd-upstream in HVM mode.\n\nThe following security bugs were fixed :\n\n - CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bnc#955654).\n\n - CVE-2015-5707: Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request (bnc#940338).\n\n - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and gid mappings, which allowed local users to gain privileges by establishing a user namespace, waiting for a root process to enter that namespace with an unsafe uid or gid, and then using the ptrace system call. NOTE: the vendor states 'there is no kernel bug here' (bnc#959709 bnc#960561).\n\n - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux kernel did not properly manage the relationship between a lock and a socket, which allowed local users to cause a denial of service (deadlock) via a crafted sctp_accept call (bnc#961509).\n\n - CVE-2015-8785: The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel allowed local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov (bnc#963765).\n\n - CVE-2015-8812: A use-after-free flaw was found in the CXGB3 kernel driver when the network was considered to be congested. This could be used by local attackers to cause machine crashes or potentially code executuon (bsc#966437).\n\n - CVE-2016-0723: Race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call (bnc#961500).\n\n - CVE-2016-0774: A pipe buffer state corruption after unsuccessful atomic read from pipe was fixed (bsc#964730).\n\n - CVE-2016-2069: Race conditions in TLB syncing was fixed which could leak to information leaks (bnc#963767).\n\n - CVE-2016-2384: A double-free triggered by invalid USB descriptor in ALSA usb-audio was fixed, which could be exploited by physical local attackers to crash the kernel or gain code execution (bnc#966693).\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-17T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0785-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-5707", "CVE-2015-8709", "CVE-2015-8767", "CVE-2015-8785", "CVE-2015-8812", "CVE-2016-0723", "CVE-2016-0774", "CVE-2016-2069", "CVE-2016-2384"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-0785-1.NASL", "href": "https://www.tenable.com/plugins/nessus/89993", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:0785-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89993);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-7446\", \"CVE-2015-5707\", \"CVE-2015-8709\", \"CVE-2015-8767\", \"CVE-2015-8785\", \"CVE-2015-8812\", \"CVE-2016-0723\", \"CVE-2016-0774\", \"CVE-2016-2069\", \"CVE-2016-2384\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:0785-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 kernel was updated to 3.12.55 to receive\nvarious security and bugfixes.\n\nFeatures added :\n\n - A improved XEN blkfront module was added, which allows\n more I/O bandwidth. (FATE#320625) It is called\n xen-blkfront in PV, and xen-vbd-upstream in HVM mode.\n\nThe following security bugs were fixed :\n\n - CVE-2013-7446: Use-after-free vulnerability in\n net/unix/af_unix.c in the Linux kernel allowed local\n users to bypass intended AF_UNIX socket permissions or\n cause a denial of service (panic) via crafted epoll_ctl\n calls (bnc#955654).\n\n - CVE-2015-5707: Integer overflow in the sg_start_req\n function in drivers/scsi/sg.c in the Linux kernel\n allowed local users to cause a denial of service or\n possibly have unspecified other impact via a large\n iov_count value in a write request (bnc#940338).\n\n - CVE-2015-8709: kernel/ptrace.c in the Linux kernel\n mishandled uid and gid mappings, which allowed local\n users to gain privileges by establishing a user\n namespace, waiting for a root process to enter that\n namespace with an unsafe uid or gid, and then using the\n ptrace system call. NOTE: the vendor states 'there is no\n kernel bug here' (bnc#959709 bnc#960561).\n\n - CVE-2015-8767: net/sctp/sm_sideeffect.c in the Linux\n kernel did not properly manage the relationship between\n a lock and a socket, which allowed local users to cause\n a denial of service (deadlock) via a crafted sctp_accept\n call (bnc#961509).\n\n - CVE-2015-8785: The fuse_fill_write_pages function in\n fs/fuse/file.c in the Linux kernel allowed local users\n to cause a denial of service (infinite loop) via a\n writev system call that triggers a zero length for the\n first segment of an iov (bnc#963765).\n\n - CVE-2015-8812: A use-after-free flaw was found in the\n CXGB3 kernel driver when the network was considered to\n be congested. This could be used by local attackers to\n cause machine crashes or potentially code executuon\n (bsc#966437).\n\n - CVE-2016-0723: Race condition in the tty_ioctl function\n in drivers/tty/tty_io.c in the Linux kernel allowed\n local users to obtain sensitive information from kernel\n memory or cause a denial of service (use-after-free and\n system crash) by making a TIOCGETD ioctl call during\n processing of a TIOCSETD ioctl call (bnc#961500).\n\n - CVE-2016-0774: A pipe buffer state corruption after\n unsuccessful atomic read from pipe was fixed\n (bsc#964730).\n\n - CVE-2016-2069: Race conditions in TLB syncing was fixed\n which could leak to information leaks (bnc#963767).\n\n - CVE-2016-2384: A double-free triggered by invalid USB\n descriptor in ALSA usb-audio was fixed, which could be\n exploited by physical local attackers to crash the\n kernel or gain code execution (bnc#966693).\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=812259\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=816099\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=855062\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=867583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=884701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=899908\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=922071\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=937444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940338\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=940946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=941363\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=943989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945219\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=947953\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=949752\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=950292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=951155\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955308\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=955654\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956084\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=956514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=957986\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959146\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=959709\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960174\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960227\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960458\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=960629\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961257\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961500\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961588\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961658\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=961971\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=962336\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=962356\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=962788\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=962965\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963449\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963572\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963765\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=963960\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=964201\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=964730\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965199\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=965891\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966026\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966278\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966437\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966471\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966693\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=966910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=967802\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968018\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968206\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=968253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=969112\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2013-7446/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5707/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8709/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8767/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8785/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-8812/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-0723/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-0774/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2069/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-2384/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20160785-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c1ef02b6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12 :\n\nzypper in -t patch SUSE-SLE-WE-12-2016-460=1\n\nSUSE Linux Enterprise Software Development Kit 12 :\n\nzypper in -t patch SUSE-SLE-SDK-12-2016-460=1\n\nSUSE Linux Enterprise Server 12 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-2016-460=1\n\nSUSE Linux Enterprise Module for Public Cloud 12 :\n\nzypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2016-460=1\n\nSUSE Linux Enterprise Live Patching 12 :\n\nzypper in -t patch SUSE-SLE-Live-Patching-12-2016-460=1\n\nSUSE Linux Enterprise Desktop 12 :\n\nzypper in -t patch SUSE-SLE-DESKTOP-12-2016-460=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-debuginfo-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debuginfo-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debugsource-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-devel-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-syms-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-devel-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-syms-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.55-52.42.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.55-52.42.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:28", "description": "Update to latest upstream stable release, Linux v4.3.4. Elan touchpad fixes. ---- Update to 4.3.y stable series. Fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.3.4-200.fc22 (2016-5d43766e33)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-7513", "CVE-2015-7566", "CVE-2015-8569", "CVE-2015-8575", "CVE-2015-8709", "CVE-2015-8767", "CVE-2015-8787", "CVE-2016-0723", "CVE-2016-0728"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-5D43766E33.NASL", "href": "https://www.tenable.com/plugins/nessus/89554", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-5d43766e33.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89554);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7513\", \"CVE-2015-7566\", \"CVE-2015-8569\", \"CVE-2015-8575\", \"CVE-2015-8709\", \"CVE-2015-8767\", \"CVE-2015-8787\", \"CVE-2016-0723\", \"CVE-2016-0728\");\n script_xref(name:\"FEDORA\", value:\"2016-5d43766e33\");\n\n script_name(english:\"Fedora 22 : kernel-4.3.4-200.fc22 (2016-5d43766e33)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, Linux v4.3.4. Elan touchpad\nfixes. ---- Update to 4.3.y stable series. Fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1284847\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1292045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1292840\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1295287\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1296466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297389\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297475\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1297813\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1300731\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?44a7add4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/12/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.3.4-200.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:53", "description": "Incremental update from 4.4.3-200 bringing in a few missed ARMv7 fixes\n---- The 4.4.3 update contains a number of important fixes across the tree\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-07T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.4.3-201.fc22 (2016-9fbe2c258b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-0617", "CVE-2016-2383", "CVE-2016-2384"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-9FBE2C258B.NASL", "href": "https://www.tenable.com/plugins/nessus/89702", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-9fbe2c258b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89702);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-0617\", \"CVE-2016-2383\", \"CVE-2016-2384\");\n script_xref(name:\"FEDORA\", value:\"2016-9fbe2c258b\");\n\n script_name(english:\"Fedora 22 : kernel-4.4.3-201.fc22 (2016-9fbe2c258b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Incremental update from 4.4.3-200 bringing in a few missed ARMv7 fixes\n---- The 4.4.3 update contains a number of important fixes across the\ntree\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1303532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1305803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1308444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1308452\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-March/178403.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9559ab09\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.4.3-201.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:04:14", "description": "This update fixes the CVEs described below.\n\nCVE-2015-8812\n\nA flaw was found in the iw_cxgb3 Infiniband driver. Whenever it could not send a packet because the network was congested, it would free the packet buffer but later attempt to send the packet again. This use-after-free could result in a denial of service (crash or hang), data loss or privilege escalation.\n\nCVE-2016-0774\n\nIt was found that the fix for CVE-2015-1805 in kernel versions older than Linux 3.16 did not correctly handle the case of a partially failed atomic read. A local, unprivileged user could use this flaw to crash the system or leak kernel memory to user space.\n\nCVE-2016-2384\n\nAndrey Konovalov found that a USB MIDI device with an invalid USB descriptor could trigger a double-free. This may be used by a physically present user for privilege escalation.\n\nAdditionally, it fixes some old security issues with no CVE ID :\n\nSeveral kernel APIs permitted reading or writing 2 GiB of data or more in a single chunk, which could lead to an integer overflow when applied to certain filesystems, socket or device types. The full security impact has not been evaluated.\n\nFinally, it fixes a regression in 2.6.32-48squeeze17 that would cause Samba to hang in some situations.\n\nFor the oldoldstable distribution (squeeze), these problems have been fixed in version 2.6.32-48squeeze20. This is *really* the final update to the linux-2.6 package for squeeze.\n\nFor the oldstable distribution (wheezy), the kernel was not affected by the integer overflow issues and the remaining problems will be fixed in version 3.2.73-2+deb7u3.\n\nFor the stable distribution (jessie), the kernel was not affected by the integer overflow issues or CVE-2016-0774, and the remaining problems will be fixed in version 3.16.7-ckt20-1+deb8u4.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-01T00:00:00", "type": "nessus", "title": "Debian DLA-439-1 : linux-2.6 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1805", "CVE-2015-8812", "CVE-2016-0774", "CVE-2016-2384"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firmware-linux-free", "p-cpe:/a:debian:debian_linux:linux-base", "p-cpe:/a:debian:debian_linux:linux-doc-2.6.32", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-2.6.32", "p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32", "p-cpe:/a:debian:debian_linux:linux-source-2.6.32", "p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5", "p-cpe:/a:debian:debian_linux:linux-tools-2.6.32", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-439.NASL", "href": "https://www.tenable.com/plugins/nessus/89040", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-439-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89040);\n script_version(\"2.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-0774\", \"CVE-2016-2384\");\n\n script_name(english:\"Debian DLA-439-1 : linux-2.6 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes the CVEs described below.\n\nCVE-2015-8812\n\nA flaw was found in the iw_cxgb3 Infiniband driver. Whenever it could\nnot send a packet because the network was congested, it would free the\npacket buffer but later attempt to send the packet again. This\nuse-after-free could result in a denial of service (crash or hang),\ndata loss or privilege escalation.\n\nCVE-2016-0774\n\nIt was found that the fix for CVE-2015-1805 in kernel versions older\nthan Linux 3.16 did not correctly handle the case of a partially\nfailed atomic read. A local, unprivileged user could use this flaw to\ncrash the system or leak kernel memory to user space.\n\nCVE-2016-2384\n\nAndrey Konovalov found that a USB MIDI device with an invalid USB\ndescriptor could trigger a double-free. This may be used by a\nphysically present user for privilege escalation.\n\nAdditionally, it fixes some old security issues with no CVE ID :\n\nSeveral kernel APIs permitted reading or writing 2 GiB of data or more\nin a single chunk, which could lead to an integer overflow when\napplied to certain filesystems, socket or device types. The full\nsecurity impact has not been evaluated.\n\nFinally, it fixes a regression in 2.6.32-48squeeze17 that would cause\nSamba to hang in some situations.\n\nFor the oldoldstable distribution (squeeze), these problems have been\nfixed in version 2.6.32-48squeeze20. This is *really* the final update\nto the linux-2.6 package for squeeze.\n\nFor the oldstable distribution (wheezy), the kernel was not affected\nby the integer overflow issues and the remaining problems will be\nfixed in version 3.2.73-2+deb7u3.\n\nFor the stable distribution (jessie), the kernel was not affected by\nthe integer overflow issues or CVE-2016-0774, and the remaining\nproblems will be fixed in version 3.16.7-ckt20-1+deb8u4.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/02/msg00036.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/linux-2.6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:firmware-linux-free\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-doc-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-libc-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-manual-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-source-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux-tools-2.6.32\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"firmware-linux-free\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-base\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-doc-2.6.32\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-486\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-all-i386\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-openvz\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-vserver\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-common-xen\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-headers-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-486\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-686-bigmem-dbg\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-amd64-dbg\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-686-dbg\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-openvz-amd64-dbg\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-686-bigmem-dbg\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-vserver-amd64-dbg\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-686-dbg\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-image-2.6.32-5-xen-amd64-dbg\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-libc-dev\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-manual-2.6.32\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-patch-debian-2.6.32\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-source-2.6.32\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-support-2.6.32-5\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"linux-tools-2.6.32\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-686\", reference:\"2.6.32-48squeeze20\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"xen-linux-system-2.6.32-5-xen-amd64\", reference:\"2.6.32-48squeeze20\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:29", "description": "Update to the latest upstream stable release, Linux v4.3.6\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.3.6-201.fc22 (2016-e7162262b0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-0617", "CVE-2016-2383", "CVE-2016-2384"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2016-E7162262B0.NASL", "href": "https://www.tenable.com/plugins/nessus/89632", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-e7162262b0.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89632);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-0617\", \"CVE-2016-2383\", \"CVE-2016-2384\");\n script_xref(name:\"FEDORA\", value:\"2016-e7162262b0\");\n\n script_name(english:\"Fedora 22 : kernel-4.3.6-201.fc22 (2016-e7162262b0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to the latest upstream stable release, Linux v4.3.6\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1303532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1305803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1308444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1308452\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/178034.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cd61379d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.3.6-201.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:27", "description": "This is an incremental update over 4.4.2-300 which contains two fixes fix for AMD IOMMU warnings use after free in USB ---- The 4.4.2 update contains a number of important updates across the kernel tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.4.2-301.fc23 (2016-7e12ae5359)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-8812", "CVE-2016-0617", "CVE-2016-2383", "CVE-2016-2384"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-7E12AE5359.NASL", "href": "https://www.tenable.com/plugins/nessus/89570", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2016-7e12ae5359.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89570);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-8812\", \"CVE-2016-0617\", \"CVE-2016-2383\", \"CVE-2016-2384\");\n script_xref(name:\"FEDORA\", value:\"2016-7e12ae5359\");\n\n script_name(english:\"Fedora 23 : kernel-4.4.2-301.fc23 (2016-7e12ae5359)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This is an incremental update over 4.4.2-300 which contains two fixes\nfix for AMD IOMMU warnings use after free in USB ---- The 4.4.2 update\ncontains a number of important updates across the kernel tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1303532\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1305803\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1308444\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1308452\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2016-February/178056.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61322666\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.4.2-301.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:44", "description": "The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.\n(CVE-2013-4312)\n\nA race condition in the tty_ioctl function in drivers/tty/tty_io.c in the Linux kernel through 4.4.1 was found that allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free and system crash) by making a TIOCGETD ioctl call during processing of a TIOCSETD ioctl call. (CVE-2016-0723)\n\nA privilege-escalation vulnerability was discovered in the Linux kernel built with User Namespace (CONFIG_USER_NS) support. The flaw occurred when the ptrace() system call was used on a root-owned process to enter a user namespace. A privileged namespace user could exploit this flaw to potentially escalate their privileges on the system, outside the original namespace. (CVE-2015-8709)\n\nnet/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not properly manage the relationship between a lock and a socket, which allows local users to cause a denial of service (deadlock) via a crafted sctp_accept call. (CVE-2015-8767)", "cvss3": {}, "published": "2016-02-10T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2016-648)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-8709", "CVE-2015-8767", "CVE-2016-0723"], "modified": "2018-09-04T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2016-648.NASL", "href": "https://www.tenable.com/plugins/nessus/88660", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2016-648.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(88660);\n script_version(\"2.6\");\n script_cvs_date(\"Date: 2018/09/04 13:20:07\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-8709\", \"CVE-2015-8767\", \"CVE-2016-0723\");\n script_xref(name:\"ALAS\", value:\"2016-648\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2016-648)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The Linux kernel before 4.4.1 allows local users to bypass\nfile-descriptor limits and cause a denial of service (memory\nconsumption) by sending each descriptor over a UNIX socket before\nclosing it, related to net/unix/af_unix.c and net/unix/garbage.c.\n(CVE-2013-4312)\n\nA race condition in the tty_ioctl function in drivers/tty/tty_io.c in\nthe Linux kernel through 4.4.1 was found that allows local users to\nobtain sensitive information from kernel memory or cause a denial of\nservice (use-after-free and system crash) by making a TIOCGETD ioctl\ncall during processing of a TIOCSETD ioctl call. (CVE-2016-0723)\n\nA privilege-escalation vulnerability was discovered in the Linux\nkernel built with User Namespace (CONFIG_USER_NS) support. The flaw\noccurred when the ptrace() system call was used on a root-owned\nprocess to enter a user namespace. A privileged namespace user could\nexploit this flaw to potentially escalate their privileges on the\nsystem, outside the original namespace. (CVE-2015-8709)\n\nnet/sctp/sm_sideeffect.c in the Linux kernel before 4.3 does not\nproperly manage the relationship between a lock and a socket, which\nallows local users to cause a denial of service (deadlock) via a\ncrafted sctp_accept call. (CVE-2015-8767)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2016-648.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Run 'yum clean all' followed by 'yum update kernel' to update your\nsystem. You will need to reboot your system in order for the new\nkernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.1.17-22.30.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.1.17-22.30.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:17:57", "description": "Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service.\n\n - CVE-2015-5307 Ben Serebrin from Google discovered a guest to host denial of service flaw affecting the KVM hypervisor. A malicious guest can trigger an infinite stream of 'alignment check' (#AC) exceptions causing the processor microcode to enter an infinite loop where the core never receives another interrupt. This leads to a panic of the host kernel.\n\n - CVE-2015-7833 Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a flaw in the processing of certain USB device descriptors in the usbvision driver. An attacker with physical access to the system can use this flaw to crash the system.\n\n - CVE-2015-7872 Dmitry Vyukov discovered a vulnerability in the keyrings garbage collector allowing a local user to trigger a kernel panic.\n\n - CVE-2015-7990 It was discovered that the fix for CVE-2015-6937 was incomplete. A race condition when sending a message on unbound socket can still cause a NULL pointer dereference. A remote attacker might be able to cause a denial of service (crash) by sending a crafted packet.", "cvss3": {}, "published": "2015-11-11T00:00:00", "type": "nessus", "title": "Debian DSA-3396-1 : linux - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5307", "CVE-2015-6937", "CVE-2015-7833", "CVE-2015-7872", "CVE-2015-7990"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3396.NASL", "href": "https://www.tenable.com/plugins/nessus/86832", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3396. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86832);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5307\", \"CVE-2015-7833\", \"CVE-2015-7872\", \"CVE-2015-7990\");\n script_xref(name:\"DSA\", value:\"3396\");\n\n script_name(english:\"Debian DSA-3396-1 : linux - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a denial of service.\n\n - CVE-2015-5307\n Ben Serebrin from Google discovered a guest to host\n denial of service flaw affecting the KVM hypervisor. A\n malicious guest can trigger an infinite stream of\n 'alignment check' (#AC) exceptions causing the processor\n microcode to enter an infinite loop where the core never\n receives another interrupt. This leads to a panic of the\n host kernel.\n\n - CVE-2015-7833\n Sergej Schumilo, Hendrik Schwartke and Ralf Spenneberg\n discovered a flaw in the processing of certain USB\n device descriptors in the usbvision driver. An attacker\n with physical access to the system can use this flaw to\n crash the system.\n\n - CVE-2015-7872\n Dmitry Vyukov discovered a vulnerability in the keyrings\n garbage collector allowing a local user to trigger a\n kernel panic.\n\n - CVE-2015-7990\n It was discovered that the fix for CVE-2015-6937 was\n incomplete. A race condition when sending a message on\n unbound socket can still cause a NULL pointer\n dereference. A remote attacker might be able to cause a\n denial of service (crash) by sending a crafted packet.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-5307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7872\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-7990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2015-6937\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/linux\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3396\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the linux packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 3.2.68-1+deb7u6.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 3.16.7-ckt11-1+deb8u6.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux\", reference:\"3.2.68-1+deb7u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.9-x86\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-586\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-686-pae\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-amd64\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armel\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-armhf\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-all-i386\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-amd64\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-common\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-orion5x\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-9-versatile\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-586\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-686-pae-dbg\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-amd64-dbg\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-armmp-lpae\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-ixp4xx\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-kirkwood\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-orion5x\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-9-versatile\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-9\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-9-amd64\", reference:\"3.16.7-ckt11-1+deb8u6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:28:02", "description": "The remote OracleVM system is missing necessary patches to address critical security updates : please see Oracle VM Security Advisory OVMSA-2016-0100 for details.", "cvss3": {}, "published": "2016-09-23T00:00:00", "type": "nessus", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4312", "CVE-2015-7513", "CVE-2015-7799", "CVE-2015-7837", "CVE-2015-8767", "CVE-2015-8787", "CVE-2015-8816", "CVE-2016-0723", "CVE-2016-0758", "CVE-2016-2069", "CVE-2016-2085", "CVE-2016-2117", "CVE-2016-2847", "CVE-2016-3136", "CVE-2016-3137", "CVE-2016-4470", "CVE-2016-4565", "CVE-2016-4581", "CVE-2016-4805", "CVE-2016-4913", "CVE-2016-4951", "CVE-2016-6197", "CVE-2016-6198"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2016-0100.NASL", "href": "https://www.tenable.com/plugins/nessus/93679", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2016-0100.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93679);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-4312\", \"CVE-2015-7513\", \"CVE-2015-7799\", \"CVE-2015-7837\", \"CVE-2015-8767\", \"CVE-2015-8787\", \"CVE-2015-8816\", \"CVE-2016-0723\", \"CVE-2016-0758\", \"CVE-2016-2069\", \"CVE-2016-2085\", \"CVE-2016-2117\", \"CVE-2016-2847\", \"CVE-2016-3136\", \"CVE-2016-3137\", \"CVE-2016-4470\", \"CVE-2016-4565\", \"CVE-2016-4581\", \"CVE-2016-4805\", \"CVE-2016-4913\", \"CVE-2016-4951\", \"CVE-2016-6197\", \"CVE-2016-6198\");\n\n script_name(english:\"OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0100)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates : please see Oracle VM Security Advisory\nOVMSA-2016-0100 for details.\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2016-September/000547.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1bd3063c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/10/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-4.1.12-61.1.6.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-firmware-4.1.12-61.1.6.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:43", "description": "The remote Debian host is running a version of the Linux kernel prior to 3.2.73-2+deb7u1 on Debian 7 or is running a version of the Linux kernel prior to 3.16.7-ckt20-1+deb8u1 on Debian 8. It is, therefore, affected by the following vulnerabilities :\n\n - A use-after-free error exists in the unix_dgram_poll() function within file net/unix/af_unix.c. A local attacker can exploit this, via specially crafted epoll_ctl calls, to cause a denial of service condition or bypass AF_UNIX socket permissions. (CVE-2013-7446)\n\n - A NULL pointer dereference flaw exists in the slhc_init() function within file drivers/net/slip/slhc.c due to improper validation of slot numbers. A local attacker can exploit this, via specially crafted PPPIOCSMAXCID IOCTL calls, to cause a denial of service condition. (CVE-2015-7799)\n\n - A flaw exists in the usbvision driver that allows a local attacker, via a nonzero bInterfaceNumber value in a USB device descriptor, to cause a kernel panic, resulting in a denial of service condition.\n (CVE-2015-7833)\n\n - An infinite loop condition exists in the KVM subsystem on some unspecified CPU chipsets. A local attacker who has sufficient privileges within a virtual guest OS can exploit this issue, by triggering many debug exceptions, to cause a denial of service condition. (CVE-2015-8104)\n\n - A flaw exists in the truncate_space_check() function within file /fs/btrfs/inode.c due to improper handling of compressed file extents. A local attacker can exploit this, via a clone action, to disclose sensitive pre-truncation information from a file. (CVE-2015-8374)\n\n - A NULL pointer dereference flaw exists in the inet_autobind() function within file net/ipv4/af_inet.c when handling connection attempts via IPv6. A local attacker can exploit this, via a specially crafted SOCK_RAW application that makes use of CLONE_NEWUSER support, to cause a denial of service condition or possibly gain elevated privileges. (CVE-2015-8543)", "cvss3": {}, "published": "2016-08-02T00:00:00", "type": "nessus", "title": "Debian DSA-3426-1 : Linux Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-7799", "CVE-2015-7833", "CVE-2015-8104", "CVE-2015-8374", "CVE-2015-8543"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:linux", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3426-1.NASL", "href": "https://www.tenable.com/plugins/nessus/92679", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were\n# extracted from Debian Security Advisory DSA-3426-1.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(92679);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\n \"CVE-2013-7446\",\n \"CVE-2015-7799\",\n \"CVE-2015-7833\",\n \"CVE-2015-8104\",\n \"CVE-2015-8374\",\n \"CVE-2015-8543\"\n );\n script_bugtraq_id(\n 77030,\n 77033,\n 77524,\n 77638,\n 78219,\n 79698\n );\n script_xref(name:\"DSA\", value:\"3426\");\n\n script_name(english:\"Debian DSA-3426-1 : Linux Security Update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian host is running a version of the Linux kernel prior\nto 3.2.73-2+deb7u1 on Debian 7 or is running a version of the Linux\nkernel prior to 3.16.7-ckt20-1+deb8u1 on Debian 8. It is, therefore,\naffected by the following vulnerabilities :\n\n - A use-after-free error exists in the unix_dgram_poll()\n function within file net/unix/af_unix.c. A local\n attacker can exploit this, via specially crafted\n epoll_ctl calls, to cause a denial of service condition\n or bypass AF_UNIX socket permissions. (CVE-2013-7446)\n\n - A NULL pointer dereference flaw exists in the\n slhc_init() function within file drivers/net/slip/slhc.c\n due to improper validation of slot numbers. A local\n attacker can exploit this, via specially crafted\n PPPIOCSMAXCID IOCTL calls, to cause a denial of service\n condition. (CVE-2015-7799)\n\n - A flaw exists in the usbvision driver that allows a\n local attacker, via a nonzero bInterfaceNumber value in\n a USB device descriptor, to cause a kernel panic,\n resulting in a denial of service condition.\n (CVE-2015-7833)\n\n - An infinite loop condition exists in the KVM subsystem\n on some unspecified CPU chipsets. A local attacker who\n has sufficient privileges within a virtual guest OS can\n exploit this issue, by triggering many debug exceptions,\n to cause a denial of service condition. (CVE-2015-8104)\n\n - A flaw exists in the truncate_space_check() function\n within file /fs/btrfs/inode.c due to improper handling\n of compressed file extents. A local attacker can exploit\n this, via a clone action, to disclose sensitive\n pre-truncation information from a file. (CVE-2015-8374)\n\n - A NULL pointer dereference flaw exists in the\n inet_autobind() function within file net/ipv4/af_inet.c\n when handling connection attempts via IPv6. A local\n attacker can exploit this, via a specially crafted\n SOCK_RAW application that makes use of CLONE_NEWUSER\n support, to cause a denial of service condition or\n possibly gain elevated privileges. (CVE-2015-8543)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2013-7446\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-7799\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-7833\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8104\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8374\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2015-8543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/wheezy/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/jessie/linux\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.debian.org/security/2015/dsa-3426\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the Linux packages.\n\nFor the oldstable distribution (wheezy), these issues have been fixed\nin version 3.2.73-2+deb7u1. In addition, this update contains several\nchanges originally targeted for the Wheezy point release.\n\nFor the stable distribution (jessie), these issues have been fixed in\nversion 3.16.7-ckt20-1+deb8u1. In addition, this update contains\nseveral changes originally targeted for the Jessie point release.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/08/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"linux-doc-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-486\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-4kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-5kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armel\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-armhf\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-i386\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-ia64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mips\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-mipsel\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-all-sparc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-common-rt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-iop32x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-itanium\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-ixp4xx\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-kirkwood\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-loongson-2f\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mckinley\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mv78xx0\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-mx5\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-octeon\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-omap\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-orion5x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-powerpc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r4k-ip22\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-cobalt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-r5k-ip32\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-rt-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-sparc64-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-versatile\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-headers-3.2.0-4-vexpress\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-486\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-4kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-5kc-malta\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-686-pae-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-amd64-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-iop32x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-itanium\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-ixp4xx\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-kirkwood\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-loongson-2f\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mckinley\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mv78xx0\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-mx5\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-octeon\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-omap\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-orion5x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-powerpc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r4k-ip22\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-cobalt\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-r5k-ip32\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-686-pae-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-rt-amd64-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-dbg\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-s390x-tape\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1-bcm91250a\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sb1a-bcm91480b\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-sparc64-smp\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-versatile\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-image-3.2.0-4-vexpress\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-libc-dev\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-manual-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-source-3.2\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"linux-support-3.2.0-4\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-686-pae\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"xen-linux-system-3.2.0-4-amd64\", reference:\"3.2.73-2+deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"acpi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"affs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"btrfs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"cdrom-core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crc-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-dm-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"crypto-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"dasd-extra-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"dasd-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"efi-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"event-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ext4-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fancontrol-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fancontrol-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fat-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"firewire-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"fuse-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hyperv-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hypervisor-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"hypervisor-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"i2c-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"input-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ipv6-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"isofs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jffs2-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"jfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"kernel-image-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"leds-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-arm\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-s390\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-compiler-gcc-4.8-x86\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-doc-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-4kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-586\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-5kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-686-pae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-armel\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-armhf\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-i386\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-mips\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-mipsel\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-ppc64el\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-all-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-armmp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-common\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-2e\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-2f\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-loongson-3\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-octeon\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-orion5x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc-smp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-powerpc64le\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-r4k-ip22\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-r5k-ip32\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-sb1-bcm91250a\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-headers-3.16.0-4-versatile\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-4kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-586\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-5kc-malta\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-686-pae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-686-pae-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-amd64-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-arm64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-arm64-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-armmp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-armmp-lpae\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-ixp4xx\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-kirkwood\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-2e\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-2f\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-loongson-3\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-octeon\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-orion5x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc-smp\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-powerpc64le\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-r4k-ip22\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-r5k-ip32\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-s390x\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-s390x-dbg\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-sb1-bcm91250a\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-image-3.16.0-4-versatile\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-libc-dev\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-manual-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-source-3.16\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"linux-support-3.16.0-4\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"loop-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"md-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"minix-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mmc-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mouse-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"mtd-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"multipath-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nbd-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-pcmcia-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-shared-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-usb-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"nic-wireless-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ntfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pcmcia-storage-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ppp-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"rtc-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"rtc-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sata-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-common-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-core-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-extra-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"scsi-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"serial-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"sound-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"speakup-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"squashfs-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"udf-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"uinput-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-serial-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-kirkwood-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"usb-storage-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"virtio-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xen-linux-system-3.16.0-4-amd64\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-586-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-686-pae-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-amd64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-powerpc64le-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-s390x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xfs-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-4kc-malta-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-arm64-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-armmp-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-2e-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-2f-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-loongson-3-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-octeon-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-orion5x-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-powerpc-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-r4k-ip22-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-r5k-ip32-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-sb1-bcm91250a-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"zlib-modules-3.16.0-4-versatile-di\", reference:\"3.16.7-ckt20-1+deb8u1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:05", "description": "This update fixes the CVEs described below.\n\nCVE-2013-7446\n\nDmitry Vyukov discovered that a particular sequence of valid operations on local (AF_UNIX) sockets can result in a use-after-free.\nThis may be used to cause a denial of service (crash) or possibly for privilege escalation.\n\nCVE-2015-7799\n\n&#x90ED;&#x6C38;&#x521A; discovered that a user granted access to /dev/ppp can cause a denial of service (crash) by passing invalid parameters to the PPPIOCSMAXCID ioctl. This also applies to ISDN PPP device nodes.\n\nCVE-2015-7833\n\nSergej Schumilo, Hendrik Schwartke and Ralf Spenneberg discovered a flaw in the processing of certain USB device descriptors in the usbvision driver. An attacker with physical access to the system can use this flaw to crash the system.\n\nCVE-2015-7990\n\nIt was discovered that the fix for CVE-2015-6937 was incomplete. A race condition when sending a message on unbound socket can still cause a NULL pointer dereference. A remote attacker might be able to cause a denial of service (crash) by sending a crafted packet.\n\nCVE-2015-8324\n\n'Valintinr' reported that an attempt to mount a corrupted ext4 filesystem may result in a kernel panic. A user permitted to mount filesystems could use this flaw to crash the system.\n\nFor the oldoldstable distribution (squeeze), these problems have been fixed in version 2.6.32-48squeeze17. We recommend that you upgrade your linux-2.6 packages.\n\nFor the oldstable (wheezy) and stable (jessie) distributions, CVE-2015-7833, CVE-2015-7990 and CVE-2015-8324 have been fixed and the other issues will be fixed soon.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-12-09T00:00:00", "type": "nessus", "title": "Debian DLA-360-1 : linux-2.6 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-7446", "CVE-2015-6937", "CVE-2015-7799", "CVE-2015-7833", "CVE-2015-7990", "CVE-2015-8324"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:firmware-linux-free", "p-cpe:/a:debian:debian_linux:linux-base", "p-cpe:/a:debian:debian_linux:linux-doc-2.6.32", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-all-i386", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-686-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-openvz-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-openvz", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-vserver", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-common-xen", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-openvz-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-vserver-amd64", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-headers-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-486", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-686-bigmem-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-vserver-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-686-dbg", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64", "p-cpe:/a:debian:debian_linux:linux-image-2.6.32-5-xen-amd64-dbg", "p-cpe:/a:debian:debian_linux:linux-libc-dev", "p-cpe:/a:debian:debian_linux:linux-manual-2.6.32", "p-cpe:/a:debian:debian_linux:linux-patch-debian-2.6.32", "p-cpe:/a:debian:debian_linux:linux-source-2.6.32", "p-cpe:/a:debian:debian_linux:linux-support-2.6.32-5", "p-cpe:/a:debian:debian_linux:linux-tools-2.6.32", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-686", "p-cpe:/a:debian:debian_linux:xen-linux-system-2.6.32-5-xen-amd64", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-360.NASL", "href": "https://www.tenable.com/plugins/nessus/87265", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-360-1. The text\n# itself