{"id": "OPENVAS:1361412562310863903", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for kernel FEDORA-2011-15323", "description": "The remote host is missing an update for the ", "published": "2012-04-02T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863903", "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068751.html", "2011-15323"], "cvelist": ["CVE-2011-4097"], "lastseen": "2019-05-29T18:38:34", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4097"]}, {"type": "seebug", "idList": ["SSV:23176"]}, {"type": "fedora", "idList": ["FEDORA:B78FB21E49", "FEDORA:E3FE720DE6", "FEDORA:27FB120B7B", "FEDORA:7805A2110A", "FEDORA:B7B6820900", "FEDORA:4974E213B1", "FEDORA:96988210E1", "FEDORA:2F91620B3E", "FEDORA:C337E21244", "FEDORA:2AC1E20B4C"]}, {"type": "nessus", "idList": ["UBUNTU_USN-1384-1.NASL", "REDHAT-RHSA-2012-0333.NASL", "FEDORA_2011-15856.NASL", "UBUNTU_USN-1363-1.NASL", "UBUNTU_USN-1380-1.NASL", "FEDORA_2011-15323.NASL", "UBUNTU_USN-1386-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310840920", "OPENVAS:1361412562310863661", "OPENVAS:863903", "OPENVAS:1361412562310863625", "OPENVAS:863625", "OPENVAS:840920", "OPENVAS:1361412562310840922", "OPENVAS:840922", "OPENVAS:1361412562310840913", "OPENVAS:840913"]}, {"type": "ubuntu", "idList": ["USN-1364-1", "USN-1363-1", "USN-1384-1", "USN-1386-1", "USN-1380-1"]}, {"type": "redhat", "idList": ["RHSA-2012:0333"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1530"]}], "modified": "2019-05-29T18:38:34", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2019-05-29T18:38:34", "rev": 2}, "vulnersScore": 6.3}, "pluginID": "1361412562310863903", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-15323\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068751.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863903\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:31:01 +0530 (Mon, 02 Apr 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2011-4097\");\n script_xref(name:\"FEDORA\", value:\"2011-15323\");\n script_name(\"Fedora Update for kernel FEDORA-2011-15323\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.1.0~7.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2021-02-02T05:51:07", "description": "Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2012-05-17T11:00:00", "title": "CVE-2011-4097", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4097"], "modified": "2020-07-29T15:27:00", "cpe": ["cpe:/o:redhat:enterprise_linux:6.0"], "id": "CVE-2011-4097", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4097", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*"]}], "nessus": [{"lastseen": "2021-01-12T10:09:18", "description": "This update fixes a regression in booting via EFI on some machines.\n----------------------------------------------------------------------\n-----=\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-11-03T00:00:00", "title": "Fedora 16 : kernel-3.1.0-7.fc16 (2011-15323)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4097"], "modified": "2011-11-03T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-15323.NASL", "href": "https://www.tenable.com/plugins/nessus/56697", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-15323.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56697);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4097\");\n script_bugtraq_id(50459);\n script_xref(name:\"FEDORA\", value:\"2011-15323\");\n\n script_name(english:\"Fedora 16 : kernel-3.1.0-7.fc16 (2011-15323)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a regression in booting via EFI on some machines.\n----------------------------------------------------------------------\n-----=\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=748516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=749887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750402\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-November/068751.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b9f4ec01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"kernel-3.1.0-7.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:09:20", "description": "Rebase to upstream 3.1.1 kernel Fix boot regression on 64-bit EFI\nmachines Update to the Linux 3.0.8 (2.6.40.8) stable release. Fix\nassorted security bugs. Bugfix update Update to the latest 3.0.7\nstable kernel release which includes a variety of fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-11-18T00:00:00", "title": "Fedora 15 : kernel-2.6.41.1-1.fc15 (2011-15856)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1083", "CVE-2011-3347", "CVE-2011-4097", "CVE-2011-4077"], "modified": "2011-11-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-15856.NASL", "href": "https://www.tenable.com/plugins/nessus/56865", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-15856.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56865);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1083\", \"CVE-2011-3347\", \"CVE-2011-4077\", \"CVE-2011-4097\");\n script_bugtraq_id(46630, 50312, 50370, 50459);\n script_xref(name:\"FEDORA\", value:\"2011-15856\");\n\n script_name(english:\"Fedora 15 : kernel-2.6.41.1-1.fc15 (2011-15856)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Rebase to upstream 3.1.1 kernel Fix boot regression on 64-bit EFI\nmachines Update to the Linux 3.0.8 (2.6.40.8) stable release. Fix\nassorted security bugs. Bugfix update Update to the latest 3.0.7\nstable kernel release which includes a variety of fixes.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=641789\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=713315\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=713675\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=722509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=729882\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=733827\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=735946\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=737108\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=742010\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=745241\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=748516\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=748668\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=748691\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=749166\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=749887\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=750402\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-November/069394.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cece6ac7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"kernel-2.6.41.1-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-09-14T19:11:12", "description": "A flaw was discovered in the TOMOYO LSM's handling of mount system\ncalls. An unprivileged user could oops the system causing a denial of\nservice. (CVE-2011-2518)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2012-02-29T00:00:00", "title": "Ubuntu 11.04 : linux vulnerabilities (USN-1380-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0207", "CVE-2011-4097"], "modified": "2012-02-29T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:11.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1380-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58170", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1380-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58170);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/26\");\n\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-4097\", \"CVE-2012-0207\");\n script_bugtraq_id(48477, 50459, 51343);\n script_xref(name:\"USN\", value:\"1380-1\");\n\n script_name(english:\"Ubuntu 11.04 : linux vulnerabilities (USN-1380-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in the TOMOYO LSM's handling of mount system\ncalls. An unprivileged user could oops the system causing a denial of\nservice. (CVE-2011-2518)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1380-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-4097\", \"CVE-2012-0207\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1380-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-generic\", pkgver:\"2.6.38-13.56\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-generic-pae\", pkgver:\"2.6.38-13.56\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-server\", pkgver:\"2.6.38-13.56\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-versatile\", pkgver:\"2.6.38-13.56\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-virtual\", pkgver:\"2.6.38-13.56\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-14T19:11:08", "description": "A bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not\ndoing the extended permission checks needed by cgroups and Linux\nSecurity Modules (LSMs). A local user could exploit this to by-pass\nsecurity policy and access files that should not be accessible.\n(CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2012-02-14T00:00:00", "title": "Ubuntu 11.10 : linux vulnerabilities (USN-1363-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2012-02-14T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server"], "id": "UBUNTU_USN-1363-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57937", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1363-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57937);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/02\");\n\n script_cve_id(\"CVE-2011-4097\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0055\", \"CVE-2012-0207\");\n script_bugtraq_id(51343, 51529);\n script_xref(name:\"USN\", value:\"1363-1\");\n\n script_name(english:\"Ubuntu 11.10 : linux vulnerabilities (USN-1363-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not\ndoing the extended permission checks needed by cgroups and Linux\nSecurity Modules (LSMs). A local user could exploit this to by-pass\nsecurity policy and access files that should not be accessible.\n(CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1363-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4097\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0055\", \"CVE-2012-0207\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1363-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-16-generic\", pkgver:\"3.0.0-16.28\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-16-generic-pae\", pkgver:\"3.0.0-16.28\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-16-server\", pkgver:\"3.0.0-16.28\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"linux-image-3.0.0-16-virtual\", pkgver:\"3.0.0-16.28\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-14T19:11:12", "description": "A bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nPaolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl\ncommand. A local user, or user in a VM could exploit this flaw to\nbypass restrictions and gain read/write access to all data on the\naffected block device. (CVE-2011-4127)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not\ndoing the extended permission checks needed by cgroups and Linux\nSecurity Modules (LSMs). A local user could exploit this to by-pass\nsecurity policy and access files that should not be accessible.\n(CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting\na corrupt filesystem. A user-assisted remote attacker could exploit\nthis flaw to cause a denial of service. (CVE-2012-2100).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2012-03-07T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1384-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4127", "CVE-2012-2100", "CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2012-03-07T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server"], "id": "UBUNTU_USN-1384-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58265", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1384-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58265);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/02\");\n\n script_cve_id(\"CVE-2011-4097\", \"CVE-2011-4127\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0055\", \"CVE-2012-0207\", \"CVE-2012-2100\");\n script_bugtraq_id(50459, 51343, 51529);\n script_xref(name:\"USN\", value:\"1384-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-oneiric vulnerabilities (USN-1384-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nPaolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl\ncommand. A local user, or user in a VM could exploit this flaw to\nbypass restrictions and gain read/write access to all data on the\naffected block device. (CVE-2011-4127)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not\ndoing the extended permission checks needed by cgroups and Linux\nSecurity Modules (LSMs). A local user could exploit this to by-pass\nsecurity policy and access files that should not be accessible.\n(CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting\na corrupt filesystem. A user-assisted remote attacker could exploit\nthis flaw to cause a denial of service. (CVE-2012-2100).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1384-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.0-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4097\", \"CVE-2011-4127\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0055\", \"CVE-2012-0207\", \"CVE-2012-2100\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1384-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-16-generic\", pkgver:\"3.0.0-16.29~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-16-generic-pae\", pkgver:\"3.0.0-16.29~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-16-server\", pkgver:\"3.0.0-16.29~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-3.0.0-16-virtual\", pkgver:\"3.0.0-16.29~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.0-generic / linux-image-3.0-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-14T19:11:13", "description": "The linux kernel did not properly account for PTE pages when deciding\nwhich task to kill in out of memory conditions. A local, unprivileged\ncould exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\nA flaw was discovered in the TOMOYO LSM's handling of mount system\ncalls. An unprivileged user could oops the system causing a denial of\nservice. (CVE-2011-2518)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 16, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2012-03-07T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1386-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0044", "CVE-2012-0207", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "modified": "2012-03-07T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1386-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58267", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1386-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58267);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/26\");\n\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-3353\", \"CVE-2011-4097\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n script_bugtraq_id(49527, 50459, 51343, 51371, 52202);\n script_xref(name:\"USN\", value:\"1386-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1386-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The linux kernel did not properly account for PTE pages when deciding\nwhich task to kill in out of memory conditions. A local, unprivileged\ncould exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\nA flaw was discovered in the TOMOYO LSM's handling of mount system\ncalls. An unprivileged user could oops the system causing a denial of\nservice. (CVE-2011-2518)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local\nuser who can mount a FUSE file system could cause a denial of service.\n(CVE-2011-3353)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of\nmemory) scores, that would result in the wrong process being killed. A\nuser could use this to kill the process with the highest OOM score,\neven if that process belongs to another user or the system.\n(CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a\nvirtual interrupt control is not available a local user could use this\nto cause a denial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a\nspecially crafted XFS image it could potential execute arbitrary code\non the system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in\nmemory corruption. A local unprivileged user could use this to crash\nthe system. (CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A\nremote attacker could exploit this to cause a denial of service.\n(CVE-2012-0207).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1386-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2020 Canonical, Inc. / NASL script (C) 2012-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-3353\", \"CVE-2011-4097\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1386-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-generic\", pkgver:\"2.6.38-13.56~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-generic-pae\", pkgver:\"2.6.38-13.56~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-server\", pkgver:\"2.6.38-13.56~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-virtual\", pkgver:\"2.6.38-13.56~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:10:30", "description": "Updated kernel-rt packages that fix multiple security issues and\nvarious bugs are now available for Red Hat Enterprise MRG 2.1.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages contain the Linux kernel.\n\nSecurity fixes :\n\n* SG_IO ioctl SCSI requests on partitions or LVM volumes could be\npassed to the underlying block device, allowing a privileged user to\nbypass restrictions and gain read and write access (and be able to\nissue other SCSI commands) to the entire block device. (CVE-2011-4127,\nImportant)\n\n* A local, unprivileged user could use an integer overflow flaw in\ndrm_mode_dirtyfb_ioctl() to cause a denial of service or escalate\ntheir privileges. (CVE-2012-0044, Important)\n\n* A local, unprivileged user could use a flaw in the Performance\nEvents implementation to cause a denial of service. (CVE-2011-2918,\nModerate)\n\n* A local, unprivileged user could use flaws in the XFS file system\nimplementation to cause a denial of service or escalate their\nprivileges by mounting a specially crafted disk. (CVE-2011-4077,\nCVE-2012-0038, Moderate)\n\n* A local, unprivileged user could use a flaw in the Out of Memory\n(OOM) killer to monopolize memory, have their process skipped by the\nOOM killer, or cause other tasks to be terminated. (CVE-2011-4097,\nModerate)\n\n* A local, unprivileged user could use a flaw in the key management\nfacility to cause a denial of service. (CVE-2011-4110, Moderate)\n\n* A malicious Network File System version 4 (NFSv4) server could\nreturn a crafted reply to a GETACL request, causing a denial of\nservice on the client. (CVE-2011-4131, Moderate)\n\n* A local attacker could use a flaw in the Journaling Block Device\n(JBD) to crash the system by mounting a specially crafted ext3 or ext4\ndisk. (CVE-2011-4132, Moderate)\n\n* A flaw in igmp_heard_query() could allow an attacker, who is able to\nsend certain IGMP (Internet Group Management Protocol) packets to a\ntarget system, to cause a denial of service. (CVE-2012-0207, Moderate)\n\n* If lock contention during signal sending occurred when in a software\ninterrupt handler that is using the per-CPU debug stack, the task\ncould be scheduled out on the realtime kernel, possibly leading to\ndebug stack corruption. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2012-0810, Moderate)\n\nRed Hat would like to thank Chen Haogang for reporting CVE-2012-0044;\nWang Xi for reporting CVE-2012-0038; Shubham Goyal for reporting\nCVE-2011-4097; Andy Adamson for reporting CVE-2011-4131; and Simon\nMcVittie for reporting CVE-2012-0207.\n\nBug fixes :\n\n* When a sleeping task, waiting on a futex (fast userspace mutex),\ntried to get the spin_lock(hb->lock) RT-mutex, if the owner of the\nfutex released the lock, the sleeping task was put on a futex proxy\nlock. Consequently, the sleeping task was blocked on two locks and\neventually terminated in the BUG_ON() function. With this update, the\nWAKEUP_INPROGRESS pseudo-lock has been added to be used as a proxy\nlock. This pseudo-lock tells the sleeping task that it is being woken\nup so that the task no longer tries to get the second lock. Now, the\nfutex code works as expected and sleeping tasks no longer crash in the\ndescribed scenario. (BZ#784733)\n\n* When the CONFIG_CRYPTO_FIPS configuration option was disabled, some\nservices such as sshd and ipsec, while working properly, returned\nwarning messages regarding this missing option during start up. With\nthis update, CONFIG_CRYPTO_FIPS has been enabled and no warning\nmessages are now returned in the described scenario. (BZ#786145)\n\n* Previously, when a read operation on a loop device failed, the data\nsuccessfully read from the device was not cleared and could eventually\nleak. This bug has been fixed and all data are now properly cleared in\nthe described scenario. (BZ#761420)\n\n* Due to an assembler-sourced object, the perf utility (from the\nperf-rt package) for AMD64 and Intel 64 architectures contained an\nexecutable stack. This update adds the '.note.GNU-stack' section\ndefinition to the bench/mem-memcpy-x86-64-asm.S component of perf,\nwith all flags disabled, and perf no longer contains an executable\nstack, thus fixing this bug. (BZ#783570)", "edition": 26, "cvss3": {"score": 5.5, "vector": "AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}, "published": "2014-07-22T00:00:00", "title": "RHEL 6 : MRG (RHSA-2012:0333)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2011-2918", "CVE-2012-0810", "CVE-2011-4110", "CVE-2011-4127", "CVE-2012-0044", "CVE-2011-4132", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4077", "CVE-2012-0038"], "modified": "2014-07-22T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo"], "id": "REDHAT-RHSA-2012-0333.NASL", "href": "https://www.tenable.com/plugins/nessus/76639", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0333. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76639);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2918\", \"CVE-2011-4077\", \"CVE-2011-4097\", \"CVE-2011-4110\", \"CVE-2011-4127\", \"CVE-2011-4131\", \"CVE-2011-4132\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\", \"CVE-2012-0810\");\n script_bugtraq_id(49152, 50370, 50459, 50655, 50663, 50755, 51176, 51343, 51371, 51380, 52182);\n script_xref(name:\"RHSA\", value:\"2012:0333\");\n\n script_name(english:\"RHEL 6 : MRG (RHSA-2012:0333)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated kernel-rt packages that fix multiple security issues and\nvarious bugs are now available for Red Hat Enterprise MRG 2.1.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThese packages contain the Linux kernel.\n\nSecurity fixes :\n\n* SG_IO ioctl SCSI requests on partitions or LVM volumes could be\npassed to the underlying block device, allowing a privileged user to\nbypass restrictions and gain read and write access (and be able to\nissue other SCSI commands) to the entire block device. (CVE-2011-4127,\nImportant)\n\n* A local, unprivileged user could use an integer overflow flaw in\ndrm_mode_dirtyfb_ioctl() to cause a denial of service or escalate\ntheir privileges. (CVE-2012-0044, Important)\n\n* A local, unprivileged user could use a flaw in the Performance\nEvents implementation to cause a denial of service. (CVE-2011-2918,\nModerate)\n\n* A local, unprivileged user could use flaws in the XFS file system\nimplementation to cause a denial of service or escalate their\nprivileges by mounting a specially crafted disk. (CVE-2011-4077,\nCVE-2012-0038, Moderate)\n\n* A local, unprivileged user could use a flaw in the Out of Memory\n(OOM) killer to monopolize memory, have their process skipped by the\nOOM killer, or cause other tasks to be terminated. (CVE-2011-4097,\nModerate)\n\n* A local, unprivileged user could use a flaw in the key management\nfacility to cause a denial of service. (CVE-2011-4110, Moderate)\n\n* A malicious Network File System version 4 (NFSv4) server could\nreturn a crafted reply to a GETACL request, causing a denial of\nservice on the client. (CVE-2011-4131, Moderate)\n\n* A local attacker could use a flaw in the Journaling Block Device\n(JBD) to crash the system by mounting a specially crafted ext3 or ext4\ndisk. (CVE-2011-4132, Moderate)\n\n* A flaw in igmp_heard_query() could allow an attacker, who is able to\nsend certain IGMP (Internet Group Management Protocol) packets to a\ntarget system, to cause a denial of service. (CVE-2012-0207, Moderate)\n\n* If lock contention during signal sending occurred when in a software\ninterrupt handler that is using the per-CPU debug stack, the task\ncould be scheduled out on the realtime kernel, possibly leading to\ndebug stack corruption. A local, unprivileged user could use this flaw\nto cause a denial of service. (CVE-2012-0810, Moderate)\n\nRed Hat would like to thank Chen Haogang for reporting CVE-2012-0044;\nWang Xi for reporting CVE-2012-0038; Shubham Goyal for reporting\nCVE-2011-4097; Andy Adamson for reporting CVE-2011-4131; and Simon\nMcVittie for reporting CVE-2012-0207.\n\nBug fixes :\n\n* When a sleeping task, waiting on a futex (fast userspace mutex),\ntried to get the spin_lock(hb->lock) RT-mutex, if the owner of the\nfutex released the lock, the sleeping task was put on a futex proxy\nlock. Consequently, the sleeping task was blocked on two locks and\neventually terminated in the BUG_ON() function. With this update, the\nWAKEUP_INPROGRESS pseudo-lock has been added to be used as a proxy\nlock. This pseudo-lock tells the sleeping task that it is being woken\nup so that the task no longer tries to get the second lock. Now, the\nfutex code works as expected and sleeping tasks no longer crash in the\ndescribed scenario. (BZ#784733)\n\n* When the CONFIG_CRYPTO_FIPS configuration option was disabled, some\nservices such as sshd and ipsec, while working properly, returned\nwarning messages regarding this missing option during start up. With\nthis update, CONFIG_CRYPTO_FIPS has been enabled and no warning\nmessages are now returned in the described scenario. (BZ#786145)\n\n* Previously, when a read operation on a loop device failed, the data\nsuccessfully read from the device was not cleared and could eventually\nleak. This bug has been fixed and all data are now properly cleared in\nthe described scenario. (BZ#761420)\n\n* Due to an assembler-sourced object, the perf utility (from the\nperf-rt package) for AMD64 and Intel 64 architectures contained an\nexecutable stack. This update adds the '.note.GNU-stack' section\ndefinition to the bench/mem-memcpy-x86-64-asm.S component of perf,\nwith all flags disabled, and perf no longer contains an executable\nstack, thus fixing this bug. (BZ#783570)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2918\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4097\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4127\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4131\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0810\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0333\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-2918\", \"CVE-2011-4077\", \"CVE-2011-4097\", \"CVE-2011-4110\", \"CVE-2011-4127\", \"CVE-2011-4131\", \"CVE-2011-4132\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\", \"CVE-2012-0810\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2012:0333\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0333\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n\n if (! (rpm_exists(release:\"RHEL6\", rpm:\"mrg-release\"))) audit(AUDIT_PACKAGE_NOT_INSTALLED, \"MRG\");\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-doc-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-rt-firmware-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-debuginfo-3.0.18-rt34.53.el6rt\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-rt-vanilla-devel-3.0.18-rt34.53.el6rt\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "seebug": [{"lastseen": "2017-11-19T17:58:40", "description": "Bugtraq ID: 50549\r\nCVE ID\uff1aCVE-2011-4097\r\n\r\nLinux\u662f\u4e00\u6b3e\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\nLinux Kernel\u5728/mm/oom_kill.c\u7684\u5b9e\u73b0\u4e0a\u5b58\u5728\u4e00\u4e2a\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e\uff0c\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u6b64\u6f0f\u6d1e\u63d0\u5347\u7279\u6743\u3002\u6b64\u6f0f\u6d1e\u4ec5\u5f71\u54cd64\u4f4d\u67b6\u6784\u3002\n\nLinux kernel 3.0.4\r\nLinux kernel 3.0.1\r\nLinux kernel 2.6.x\n\u5382\u5546\u89e3\u51b3\u65b9\u6848\r\n\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://www.lkml.org/lkml/2011/10/31/138", "published": "2011-11-09T00:00:00", "title": "Linux Kernel '/mm/oom_kill.c'\u6574\u6570\u6ea2\u51fa\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-4097"], "modified": "2011-11-09T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-23176", "id": "SSV:23176", "sourceData": "", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": ""}], "openvas": [{"lastseen": "2018-01-11T11:06:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4097"], "description": "Check for the Version of kernel", "modified": "2018-01-10T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:863903", "href": "http://plugins.openvas.org/nasl.php?oid=863903", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-15323", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-15323\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 16\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/068751.html\");\n script_id(863903);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:31:01 +0530 (Mon, 02 Apr 2012)\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_cve_id(\"CVE-2011-4097\");\n script_xref(name: \"FEDORA\", value: \"2011-15323\");\n script_name(\"Fedora Update for kernel FEDORA-2011-15323\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.1.0~7.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:20:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0207", "CVE-2011-4097"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1380-1", "modified": "2017-12-01T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:840913", "href": "http://plugins.openvas.org/nasl.php?oid=840913", "type": "openvas", "title": "Ubuntu Update for linux USN-1380-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1380_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux USN-1380-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The linux kernel did not properly account for PTE pages when deciding which\n task to kill in out of memory conditions. A local, unprivileged could\n exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\n A flaw was discovered in the TOMOYO LSM's handling of mount system calls.\n An unprivileged user could oops the system causing a denial of service.\n (CVE-2011-2518)\n\n A bug was discovered in the Linux kernel's calculation of OOM (Out of\n memory) scores, that would result in the wrong process being killed. A user\n could use this to kill the process with the highest OOM score, even if that\n process belongs to another user or the system. (CVE-2011-4097)\n\n A flaw was found in the linux kernels IPv4 IGMP query processing. A remote\n attacker could exploit this to cause a denial of service. (CVE-2012-0207)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1380-1\";\ntag_affected = \"linux on Ubuntu 11.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1380-1/\");\n script_id(840913);\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:20 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-4097\", \"CVE-2012-0207\");\n script_xref(name: \"USN\", value: \"1380-1\");\n script_name(\"Ubuntu Update for linux USN-1380-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic-pae\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-omap\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc-smp\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc64-smp\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-server\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-versatile\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-virtual\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:03", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0207", "CVE-2011-4097"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1380-1", "modified": "2019-03-13T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:1361412562310840913", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840913", "type": "openvas", "title": "Ubuntu Update for linux USN-1380-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1380_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux USN-1380-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1380-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840913\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:20 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-4097\", \"CVE-2012-0207\");\n script_xref(name:\"USN\", value:\"1380-1\");\n script_name(\"Ubuntu Update for linux USN-1380-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU11\\.04\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1380-1\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 11.04\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The linux kernel did not properly account for PTE pages when deciding which\n task to kill in out of memory conditions. A local, unprivileged could\n exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\n A flaw was discovered in the TOMOYO LSM's handling of mount system calls.\n An unprivileged user could oops the system causing a denial of service.\n (CVE-2011-2518)\n\n A bug was discovered in the Linux kernel's calculation of OOM (Out of\n memory) scores, that would result in the wrong process being killed. A user\n could use this to kill the process with the highest OOM score, even if that\n process belongs to another user or the system. (CVE-2011-4097)\n\n A flaw was found in the linux kernels IPv4 IGMP query processing. A remote\n attacker could exploit this to cause a denial of service. (CVE-2012-0207)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic-pae\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-omap\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc-smp\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-powerpc64-smp\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-server\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-versatile\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-virtual\", ver:\"2.6.38-13.56\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:20:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4127", "CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1384-1", "modified": "2017-12-01T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:840922", "href": "http://plugins.openvas.org/nasl.php?oid=840922", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-oneiric USN-1384-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1384_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-lts-backport-oneiric USN-1384-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A bug was discovered in the Linux kernel's calculation of OOM (Out of\n memory) scores, that would result in the wrong process being killed. A user\n could use this to kill the process with the highest OOM score, even if that\n process belongs to another user or the system. (CVE-2011-4097)\n\n Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl\n command. A local user, or user in a VM could exploit this flaw to bypass\n restrictions and gain read/write access to all data on the affected block\n device. (CVE-2011-4127)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the\n extended permission checks needed by cgroups and Linux Security Modules\n (LSMs). A local user could exploit this to by-pass security policy and\n access files that should not be accessible. (CVE-2012-0055)\n\n A flaw was found in the linux kernels IPv4 IGMP query processing. A remote\n attacker could exploit this to cause a denial of service. (CVE-2012-0207)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1384-1\";\ntag_affected = \"linux-lts-backport-oneiric on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1384-1/\");\n script_id(840922);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:07 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-4097\", \"CVE-2011-4127\", \"CVE-2011-4622\", \"CVE-2012-0038\",\n \"CVE-2012-0055\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1384-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-oneiric USN-1384-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-16-generic\", ver:\"3.0.0-16.29~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-16-generic-pae\", ver:\"3.0.0-16.29~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-16-server\", ver:\"3.0.0-16.29~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-16-virtual\", ver:\"3.0.0-16.29~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4127", "CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1384-1", "modified": "2019-03-13T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:1361412562310840922", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840922", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-oneiric USN-1384-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1384_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-lts-backport-oneiric USN-1384-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1384-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840922\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:07 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-4097\", \"CVE-2011-4127\", \"CVE-2011-4622\", \"CVE-2012-0038\",\n \"CVE-2012-0055\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1384-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-oneiric USN-1384-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1384-1\");\n script_tag(name:\"affected\", value:\"linux-lts-backport-oneiric on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"A bug was discovered in the Linux kernel's calculation of OOM (Out of\n memory) scores, that would result in the wrong process being killed. A user\n could use this to kill the process with the highest OOM score, even if that\n process belongs to another user or the system. (CVE-2011-4097)\n\n Paolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl\n command. A local user, or user in a VM could exploit this flaw to bypass\n restrictions and gain read/write access to all data on the affected block\n device. (CVE-2011-4127)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Andy Whitcroft discovered a that the Overlayfs filesystem was not doing the\n extended permission checks needed by cgroups and Linux Security Modules\n (LSMs). A local user could exploit this to by-pass security policy and\n access files that should not be accessible. (CVE-2012-0055)\n\n A flaw was found in the linux kernels IPv4 IGMP query processing. A remote\n attacker could exploit this to cause a denial of service. (CVE-2012-0207)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-16-generic\", ver:\"3.0.0-16.29~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-16-generic-pae\", ver:\"3.0.0-16.29~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-16-server\", ver:\"3.0.0-16.29~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.0.0-16-virtual\", ver:\"3.0.0-16.29~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0044", "CVE-2012-0207", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1386-1", "modified": "2019-03-13T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:1361412562310840920", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840920", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-natty USN-1386-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1386_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for linux-lts-backport-natty USN-1386-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1386-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840920\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:56 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-3353\", \"CVE-2011-4097\",\n \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"USN\", value:\"1386-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-natty USN-1386-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU10\\.04 LTS\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1386-1\");\n script_tag(name:\"affected\", value:\"linux-lts-backport-natty on Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The linux kernel did not properly account for PTE pages when deciding which\n task to kill in out of memory conditions. A local, unprivileged could\n exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\n A flaw was discovered in the TOMOYO LSM's handling of mount system calls.\n An unprivileged user could oops the system causing a denial of service.\n (CVE-2011-2518)\n\n Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A bug was discovered in the Linux kernel's calculation of OOM (Out of\n memory) scores, that would result in the wrong process being killed. A user\n could use this to kill the process with the highest OOM score, even if that\n process belongs to another user or the system. (CVE-2011-4097)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\n\n A flaw was found in the linux kernels IPv4 IGMP query processing. A remote\n attacker could exploit this to cause a denial of service. (CVE-2012-0207)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic-pae\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-server\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-virtual\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-12-04T11:20:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0044", "CVE-2012-0207", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1386-1", "modified": "2017-12-01T00:00:00", "published": "2012-03-07T00:00:00", "id": "OPENVAS:840920", "href": "http://plugins.openvas.org/nasl.php?oid=840920", "type": "openvas", "title": "Ubuntu Update for linux-lts-backport-natty USN-1386-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1386_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for linux-lts-backport-natty USN-1386-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The linux kernel did not properly account for PTE pages when deciding which\n task to kill in out of memory conditions. A local, unprivileged could\n exploit this flaw to cause a denial of service. (CVE-2011-2498)\n\n A flaw was discovered in the TOMOYO LSM's handling of mount system calls.\n An unprivileged user could oops the system causing a denial of service.\n (CVE-2011-2518)\n\n Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user\n who can mount a FUSE file system could cause a denial of service.\n (CVE-2011-3353)\n\n A bug was discovered in the Linux kernel's calculation of OOM (Out of\n memory) scores, that would result in the wrong process being killed. A user\n could use this to kill the process with the highest OOM score, even if that\n process belongs to another user or the system. (CVE-2011-4097)\n\n A flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual\n interrupt control is not available a local user could use this to cause a\n denial of service by starting a timer. (CVE-2011-4622)\n\n A flaw was discovered in the XFS filesystem. If a local user mounts a\n specially crafted XFS image it could potential execute arbitrary code on\n the system. (CVE-2012-0038)\n\n Chen Haogang discovered an integer overflow that could result in memory\n corruption. A local unprivileged user could use this to crash the system.\n (CVE-2012-0044)\n\n A flaw was found in the linux kernels IPv4 IGMP query processing. A remote\n attacker could exploit this to cause a denial of service. (CVE-2012-0207)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1386-1\";\ntag_affected = \"linux-lts-backport-natty on Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1386-1/\");\n script_id(840920);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:19:56 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2011-2498\", \"CVE-2011-2518\", \"CVE-2011-3353\", \"CVE-2011-4097\",\n \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0044\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"USN\", value: \"1386-1\");\n script_name(\"Ubuntu Update for linux-lts-backport-natty USN-1386-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-generic-pae\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-server\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-2.6.38-13-virtual\", ver:\"2.6.38-13.56~lucid1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-08-01T16:15:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1083", "CVE-2011-1162", "CVE-2011-3347", "CVE-2011-1161", "CVE-2011-4097", "CVE-2011-2905", "CVE-2011-4077", "CVE-2011-3191"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-11-18T00:00:00", "id": "OPENVAS:1361412562310863625", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863625", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-15856", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-15856\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069394.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863625\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-18 09:45:00 +0530 (Fri, 18 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-15856\");\n script_cve_id(\"CVE-2011-4097\", \"CVE-2011-4077\", \"CVE-2011-3347\", \"CVE-2011-1083\",\n \"CVE-2011-1161\", \"CVE-2011-1162\", \"CVE-2011-3191\", \"CVE-2011-2905\");\n script_name(\"Fedora Update for kernel FEDORA-2011-15856\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.41.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1083", "CVE-2011-1162", "CVE-2011-3347", "CVE-2011-1161", "CVE-2011-4097", "CVE-2011-2905", "CVE-2011-4077", "CVE-2011-3191"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2011-11-18T00:00:00", "id": "OPENVAS:863625", "href": "http://plugins.openvas.org/nasl.php?oid=863625", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-15856", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-15856\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 15\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-November/069394.html\");\n script_id(863625);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-11-18 09:45:00 +0530 (Fri, 18 Nov 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-15856\");\n script_cve_id(\"CVE-2011-4097\", \"CVE-2011-4077\", \"CVE-2011-3347\", \"CVE-2011-1083\",\n \"CVE-2011-1161\", \"CVE-2011-1162\", \"CVE-2011-3191\", \"CVE-2011-2905\");\n script_name(\"Fedora Update for kernel FEDORA-2011-15856\");\n\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.41.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-08-01T16:16:57", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2011-4110", "CVE-2011-1083", "CVE-2011-1162", "CVE-2011-3347", "CVE-2011-4132", "CVE-2011-1161", "CVE-2011-4097", "CVE-2011-2905", "CVE-2011-4077", "CVE-2011-3191"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-12-12T00:00:00", "id": "OPENVAS:1361412562310863661", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863661", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2011-16621", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2011-16621\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/070706.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863661\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-12 12:02:27 +0530 (Mon, 12 Dec 2011)\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-16621\");\n script_cve_id(\"CVE-2011-4131\", \"CVE-2011-4132\", \"CVE-2011-4097\", \"CVE-2011-4077\",\n \"CVE-2011-3347\", \"CVE-2011-1083\", \"CVE-2011-1161\", \"CVE-2011-1162\",\n \"CVE-2011-3191\", \"CVE-2011-2905\", \"CVE-2011-4110\");\n script_name(\"Fedora Update for kernel FEDORA-2011-16621\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.41.4~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4097"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2011-11-02T18:20:05", "published": "2011-11-02T18:20:05", "id": "FEDORA:27FB120B7B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.1.0-7.fc16", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4097"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2011-11-17T23:29:35", "published": "2011-11-17T23:29:35", "id": "FEDORA:C337E21244", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.41.1-1.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4097", "CVE-2011-4110", "CVE-2011-4131", "CVE-2011-4132"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2011-12-10T19:51:33", "published": "2011-12-10T19:51:33", "id": "FEDORA:E3FE720DE6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.41.4-1.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4097", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-01-15T19:59:13", "published": "2012-01-15T19:59:13", "id": "FEDORA:2F91620B3E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.41.9-1.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4097", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-01-24T19:58:32", "published": "2012-01-24T19:58:32", "id": "FEDORA:96988210E1", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.41.10-3.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4086", "CVE-2011-4097", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-02-11T22:03:03", "published": "2012-02-11T22:03:03", "id": "FEDORA:7805A2110A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.42.3-2.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4086", "CVE-2011-4097", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-06T19:39:27", "published": "2012-03-06T19:39:27", "id": "FEDORA:B78FB21E49", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.42.9-1.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4086", "CVE-2011-4097", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090", "CVE-2012-1097"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-15T02:31:47", "published": "2012-03-15T02:31:47", "id": "FEDORA:B7B6820900", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.42.9-2.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4086", "CVE-2011-4097", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090", "CVE-2012-1097", "CVE-2012-1146", "CVE-2012-1179", "CVE-2012-1568"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-26T18:02:56", "published": "2012-03-26T18:02:56", "id": "FEDORA:4974E213B1", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.42.12-1.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4086", "CVE-2011-4097", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090", "CVE-2012-1097", "CVE-2012-1146", "CVE-2012-1179", "CVE-2012-1568", "CVE-2012-1601", "CVE-2012-2119", "CVE-2012-2123"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-05-15T23:24:09", "published": "2012-05-15T23:24:09", "id": "FEDORA:61B6920DF2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.43.5-2.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:33:32", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2518", "CVE-2012-0207", "CVE-2011-4097"], "description": "A flaw was discovered in the TOMOYO LSM's handling of mount system calls. \nAn unprivileged user could oops the system causing a denial of service. \n(CVE-2011-2518)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of \nmemory) scores, that would result in the wrong process being killed. A user \ncould use this to kill the process with the highest OOM score, even if that \nprocess belongs to another user or the system. (CVE-2011-4097)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)", "edition": 5, "modified": "2012-02-29T00:00:00", "published": "2012-02-29T00:00:00", "id": "USN-1380-1", "href": "https://ubuntu.com/security/notices/USN-1380-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:28:03", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0056", "CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2012-0038"], "description": "A bug was discovered in the Linux kernel's calculation of OOM (Out of \nmemory) scores, that would result in the wrong process being killed. A user \ncould use this to kill the process with the highest OOM score, even if that \nprocess belongs to another user or the system. (CVE-2011-4097)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not doing the \nextended permission checks needed by cgroups and Linux Security Modules \n(LSMs). A local user could exploit this to by-pass security policy and \naccess files that should not be accessible. (CVE-2012-0055)\n\nJ\u00fcri Aedla discovered that the kernel incorrectly handled /proc//mem \npermissions. A local attacker could exploit this and gain root privileges. \n(CVE-2012-0056)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)", "edition": 68, "modified": "2012-02-13T00:00:00", "published": "2012-02-13T00:00:00", "id": "USN-1364-1", "href": "https://ubuntu.com/security/notices/USN-1364-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-08T23:30:27", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "A bug was discovered in the Linux kernel's calculation of OOM (Out of \nmemory) scores, that would result in the wrong process being killed. A user \ncould use this to kill the process with the highest OOM score, even if that \nprocess belongs to another user or the system. (CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not doing the \nextended permission checks needed by cgroups and Linux Security Modules \n(LSMs). A local user could exploit this to by-pass security policy and \naccess files that should not be accessible. (CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)", "edition": 5, "modified": "2012-02-13T00:00:00", "published": "2012-02-13T00:00:00", "id": "USN-1363-1", "href": "https://ubuntu.com/security/notices/USN-1363-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:30:28", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4127", "CVE-2012-2100", "CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "A bug was discovered in the Linux kernel's calculation of OOM (Out of \nmemory) scores, that would result in the wrong process being killed. A user \ncould use this to kill the process with the highest OOM score, even if that \nprocess belongs to another user or the system. (CVE-2011-4097)\n\nPaolo Bonzini discovered a flaw in Linux's handling of the SG_IO ioctl \ncommand. A local user, or user in a VM could exploit this flaw to bypass \nrestrictions and gain read/write access to all data on the affected block \ndevice. (CVE-2011-4127)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not doing the \nextended permission checks needed by cgroups and Linux Security Modules \n(LSMs). A local user could exploit this to by-pass security policy and \naccess files that should not be accessible. (CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)\n\nA flaw was found in the Linux kernel's ext4 file system when mounting a \ncorrupt filesystem. A user-assisted remote attacker could exploit this flaw \nto cause a denial of service. (CVE-2012-2100)", "edition": 5, "modified": "2012-03-06T00:00:00", "published": "2012-03-06T00:00:00", "id": "USN-1384-1", "href": "https://ubuntu.com/security/notices/USN-1384-1", "title": "Linux kernel (Oneiric backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T01:31:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2498", "CVE-2011-2518", "CVE-2012-0044", "CVE-2012-0207", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "The linux kernel did not properly account for PTE pages when deciding which \ntask to kill in out of memory conditions. A local, unprivileged could \nexploit this flaw to cause a denial of service. (CVE-2011-2498)\n\nA flaw was discovered in the TOMOYO LSM's handling of mount system calls. \nAn unprivileged user could oops the system causing a denial of service. \n(CVE-2011-2518)\n\nHan-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user \nwho can mount a FUSE file system could cause a denial of service. \n(CVE-2011-3353)\n\nA bug was discovered in the Linux kernel's calculation of OOM (Out of \nmemory) scores, that would result in the wrong process being killed. A user \ncould use this to kill the process with the highest OOM score, even if that \nprocess belongs to another user or the system. (CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nChen Haogang discovered an integer overflow that could result in memory \ncorruption. A local unprivileged user could use this to crash the system. \n(CVE-2012-0044)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)", "edition": 5, "modified": "2012-03-06T00:00:00", "published": "2012-03-06T00:00:00", "id": "USN-1386-1", "href": "https://ubuntu.com/security/notices/USN-1386-1", "title": "Linux kernel (Natty backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:46:33", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2918", "CVE-2011-4077", "CVE-2011-4097", "CVE-2011-4110", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2012-0038", "CVE-2012-0044", "CVE-2012-0207", "CVE-2012-0810"], "description": "These packages contain the Linux kernel.\n\nSecurity fixes:\n\n* SG_IO ioctl SCSI requests on partitions or LVM volumes could be passed to\nthe underlying block device, allowing a privileged user to bypass\nrestrictions and gain read and write access (and be able to issue other\nSCSI commands) to the entire block device. (CVE-2011-4127, Important)\n\n* A local, unprivileged user could use an integer overflow flaw in\ndrm_mode_dirtyfb_ioctl() to cause a denial of service or escalate their\nprivileges. (CVE-2012-0044, Important)\n\n* A local, unprivileged user could use a flaw in the Performance Events\nimplementation to cause a denial of service. (CVE-2011-2918, Moderate)\n\n* A local, unprivileged user could use flaws in the XFS file system\nimplementation to cause a denial of service or escalate their privileges by\nmounting a specially-crafted disk. (CVE-2011-4077, CVE-2012-0038, Moderate)\n\n* A local, unprivileged user could use a flaw in the Out of Memory (OOM)\nkiller to monopolize memory, have their process skipped by the OOM killer,\nor cause other tasks to be terminated. (CVE-2011-4097, Moderate)\n\n* A local, unprivileged user could use a flaw in the key management\nfacility to cause a denial of service. (CVE-2011-4110, Moderate)\n\n* A malicious Network File System version 4 (NFSv4) server could return a\ncrafted reply to a GETACL request, causing a denial of service on the\nclient. (CVE-2011-4131, Moderate)\n\n* A local attacker could use a flaw in the Journaling Block Device (JBD) to\ncrash the system by mounting a specially-crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* A flaw in igmp_heard_query() could allow an attacker, who is able to send\ncertain IGMP (Internet Group Management Protocol) packets to a target\nsystem, to cause a denial of service. (CVE-2012-0207, Moderate)\n\n* If lock contention during signal sending occurred when in a software\ninterrupt handler that is using the per-CPU debug stack, the task could be\nscheduled out on the realtime kernel, possibly leading to debug stack\ncorruption. A local, unprivileged user could use this flaw to cause a\ndenial of service. (CVE-2012-0810, Moderate)\n\nRed Hat would like to thank Chen Haogang for reporting CVE-2012-0044;\nWang Xi for reporting CVE-2012-0038; Shubham Goyal for reporting\nCVE-2011-4097; Andy Adamson for reporting CVE-2011-4131; and Simon McVittie\nfor reporting CVE-2012-0207.\n\nBug fixes:\n\n* When a sleeping task, waiting on a futex (fast userspace mutex), tried to\nget the spin_lock(hb->lock) RT-mutex, if the owner of the futex released\nthe lock, the sleeping task was put on a futex proxy lock. Consequently,\nthe sleeping task was blocked on two locks and eventually terminated in the\nBUG_ON() function. With this update, the WAKEUP_INPROGRESS pseudo-lock has\nbeen added to be used as a proxy lock. This pseudo-lock tells the sleeping\ntask that it is being woken up so that the task no longer tries to get the\nsecond lock. Now, the futex code works as expected and sleeping tasks no\nlonger crash in the described scenario. (BZ#784733)\n\n* When the CONFIG_CRYPTO_FIPS configuration option was disabled, some\nservices such as sshd and ipsec, while working properly, returned warning\nmessages regarding this missing option during start up. With this update,\nCONFIG_CRYPTO_FIPS has been enabled and no warning messages are now\nreturned in the described scenario. (BZ#786145)\n\n* Previously, when a read operation on a loop device failed, the data\nsuccessfully read from the device was not cleared and could eventually\nleak. This bug has been fixed and all data are now properly cleared in the\ndescribed scenario. (BZ#761420)\n\n* Due to an assembler-sourced object, the perf utility (from the perf-rt\npackage) for AMD64 and Intel 64 architectures contained an executable\nstack. This update adds the \".note.GNU-stack\" section definition to the\nbench/mem-memcpy-x86-64-asm.S component of perf, with all flags disabled,\nand perf no longer contains an executable stack, thus fixing this bug.\n(BZ#783570)\n", "modified": "2018-06-07T08:58:36", "published": "2012-02-23T05:00:00", "id": "RHSA-2012:0333", "href": "https://access.redhat.com/errata/RHSA-2012:0333", "type": "redhat", "title": "(RHSA-2012:0333) Important: kernel-rt security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2020-08-01T13:27:57", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2942", "CVE-2011-3188", "CVE-2011-4098", "CVE-2011-4110", "CVE-2011-1162", "CVE-2011-3347", "CVE-2011-2699", "CVE-2011-2521", "CVE-2011-1161", "CVE-2011-3359", "CVE-2011-2494", "CVE-2011-3363", "CVE-2011-1833", "CVE-2011-3353", "CVE-2011-4097", "CVE-2011-1020", "CVE-2011-2905", "CVE-2011-3638", "CVE-2011-3593", "CVE-2011-3637", "CVE-2011-3191", "CVE-2011-1577"], "description": "[2.6.32-220.el6]\n- [drm] i915: fix unmap race condition introduced with VT-d fix (Dave Airlie) [750583]\n- [scsi] iscsi: revert lockless queuecommand dispatch (Rob Evers) [751426]\n[2.6.32-219.el6]\n- [kernel] KEYS: Fix a NULL pointer deref in the user-defined key type (David Howells) [751190] {CVE-2011-4110}\n- [scsi] fc class: fix building of Fibre Channel DUP drivers in 6.2 (Mike Christie) [750268]\n- [fs] nfs: dont call __mark_inode_dirty while holding i_lock (Steve Dickson) [747391]\n- [netdrv] vxge: allow rebinding the driver with a different number of SR-IOV VFs (Michal Schmidt) [694742]\n- [netdrv] vxge: fix crash of VF when unloading PF (Michal Schmidt) [694742]\n- [ata] revert libata: remove SCSI host lock (David Milburn) [751426]\n- [crypto] ansi_cprng: enforce key != seed in fips mode (Jarod Wilson) [751198]\n- [net] mac80211: Fix reassociation processing within ESS roaming (John Linville) [750350]\n- [net] nl80211: Allow association to change channels during reassociation (John Linville) [750350]\n- [net] mac80211: let cfg80211 manage auth state (John Linville) [750350]\n- [net] cfg80211: avoid sending spurious deauth to userspace (John Linville) [750350]\n- [net] mac80211: recalculate idle later in MLME (John Linville) [750350]\n- [net] mac80211: avoid spurious deauth frames/messages (John Linville) [750350]\n- [net] cfg80211: Allow reassociation in associated state (John Linville) [750350]\n- [net] cfg80211: remove warning in deauth case (John Linville) [750350]\n- [net] netfilter: fix nf_conntrack refcount leak in l4proto->error() (Thomas Graf) [745472]\n- [scsi] qla2xxx: Remove check for null fcport from host reset handler (Chad Dupuis) [744741]\n- [scsi] qla2xxx: Perform implicit logout during rport tear-down (Chad Dupuis) [744741]\n- [scsi] Revert 'qla2xxx: Remove host_lock in queuecommand function' (Chad Dupuis) [744741]\n- [drm] nv50/disp: shutdown display on suspend/hibernate (Ben Skeggs) [740857]\n- [edac] Add sb_edac driver into the Red Hat Building system (Mauro Carvalho Chehab) [647700]\n- [edac] Fix incorrect edac mode reporting in sb_edac (Mauro Carvalho Chehab) [647700]\n- [edac] Add an experimental new driver to support Sandy Bridge CPUs (Mauro Carvalho Chehab) [647700]\n[2.6.32-218.el6]\n- [netdrv] benet: remove bogus 'unlikely' on vlan check (Ivan Vecera) [736429] {CVE-2011-3347}\n- [netdrv] be2net: non-member vlan pkts not received in promiscous mode (Ivan Vecera) [736429] {CVE-2011-3347}\n- [netdrv] be2net: fix crash receiving non-member VLAN packets (Ivan Vecera) [736429] {CVE-2011-3347}\n- [mm] fix race between mremap and removing migration entry (Andrea Arcangeli) [751084]\n[2.6.32-217.el6]\n- [fs] GFS2: rewrite fallocate code to write blocks directly (Benjamin Marzinski) [750208] {CVE-2011-4098}\n- [netdrv] bnx2x: link fixes for 57810 (Andy Gospodarek) [749421]\n- [netdrv] enic: fix accidental GRO off by default (Stefan Assmann) [749390]\n- [scsi] qla2xxx: Correct inadvertent clearing of RISC_INTR status (Chad Dupuis) [748978]\n- [debug] lockdep: double MAX_LOCKDEP_ENTRIES (Kyle McMartin) [748941]\n- [x86] Add missing KERN_DEBUG to x86 module printk (Prarit Bhargava) [747837]\n- [x86] Update module alternatives message (Prarit Bhargava) [745596]\n- [x86] UV: KABI breakage in uv_blade_info (George Beshers) [745253]\n- [net] vlan: fix panic when handling priority tagged frames (Andy Gospodarek) [714936] {CVE-2011-3593}\n- [scsi] qla4xxx: Autologin persisted target entries update (Mike Christie) [747696]\n- [mm] oom: fix integer overflow of points in oom_badness (Frantisek Hrbata) [741207] {CVE-2011-4097}\n[2.6.32-216.el6]\n- [scsi] lockless queuecommand dispatch fixup (Rob Evers) [749018]\n- [scsi] iscsi class: export pid of process that created session (Mike Christie) [747696]\n- [scsi] qla4xxx: Autologin persisted target entries (Mike Christie) [747696]\n- [netdrv] iwlagn: enable 11n aggregation without checking traffic load (John Linville) [744361]\n- [s390x] qdio: EQBS retry after CCQ 96 (Hendrik Brueckner) [747578]\n- [s390x] dasd: fix UID readout for z/VM (Hendrik Brueckner) [746000]\n- [x86] PCI: irq and pci_ids patch for Intel Panther Point DeviceIDs (Prarit Bhargava) [747638]\n- [netdrv] Help 6.1 out of tree drivers cope with ABI breakage (Thomas Graf) [746570]\n- [mm] shmem: let shared anonymous be nonlinear again (Larry Woodman) [690129]\n- [fs] ext4: fix BUG_ON() in ext4_ext_insert_extent() (Lukas Czerner) [742091] {CVE-2011-3638}\n- [ipc] mqueue: separate mqueue default value from maximum value (Motohiro Kosaki) [746606]\n- [ipc] mqueue: dont use kmalloc with KMALLOC_MAX_SIZE (Motohiro Kosaki) [746606]\n- [ipc] mqueue: revert bump up DFLT_*MAX (Motohiro Kosaki) [746606]\n- [kernel] ipc/mqueue: Up the hard limit on message queues per namespace (Doug Ledford) [746606]\n- [kernel] ipc/mqueue: update maximums for the mqueue subsystem (Doug Ledford) [746606]\n- [kernel] ipc/mqueue: enforce hard limits (Doug Ledford) [746606]\n- [kernel] ipc/mqueue: switch back to using non-max values on create (Doug Ledford) [746606 746898]\n- [kernel] ipc/mqueue: cleanup definition names and locations (Doug Ledford) [746606]\n- [kernel] Revert 'Restore max mqueue message size to its previous RHEL 5 value' (Doug Ledford) [746606]\n[2.6.32-215.el6]\n- [virt] index of virtio disk is not decremented when removed (Mark Wu) [692767]\n- [edac] i7core_edac: Initialize memory name with cpu, channel, bank (Mauro Carvalho Chehab) [712957]\n- [kernel] perf: Optimize event scheduling locking (Steve Best) [744986]\n- [drm] i915: set the right SDVO transcoder for CPT (Adam Jackson) [735122]\n- [scsi] libfc: Prevent race that causes panic during FCoE port destroy (Neil Horman) [735959]\n- [scsi] qla4xxx: Update driver version to 5.02.00-k8 (Mike Christie) [732622]\n- [scsi] qla4xxx: updated device id check for BFS (Mike Christie) [732622]\n- [scsi] qla4xxx: Fixed target discovery failed issue (Mike Christie) [732622]\n- [scsi] qla4xxx: Fixed active session re-open issue (Mike Christie) [732622]\n- [scsi] qla4xxx: Fixed device blocked issue on link up-down (Mike Christie) [732622]\n- [scsi] qla4xxx: Fixed session destroy issue on link up-down (Mike Christie) [732622]\n- [scsi] qla4xxx: Clear DDB map index on the basis of AEN (Mike Christie) [732622]\n- [scsi] qla4xxx: Free Device Database (DDB) reserved by FW (Mike Christie) [732622]\n- [scsi] qla4xxx: Fix getting BIDI CHAP for boot targets (Mike Christie) [732622]\n- [scsi] qla4xxx: Fix exporting boot targets to sysfs (Mike Christie) [732622]\n- [scsi] qla4xxx: Do not add duplicate CHAP entry in FLASH (Mike Christie) [732622]\n- [scsi] qla4xxx: Fix bidirectional CHAP (Mike Christie) [732622]\n- [scsi] qla4xxx: Add new FLT firmware region (Mike Christie) [732622]\n- [scsi] qla4xxx: Update license (Mike Christie) [732622]\n- [scsi] iscsi class: fix vlan configuration (Mike Christie) [732622]\n- [scsi] qla4xxx: fix data alignment and use nl helpers (Mike Christie) [732622]\n- [scsi] iscsi class: fix link local mispelling (Mike Christie) [732622]\n- [scsi] qla4xxx: Added Get ACB support using BSG (Mike Christie) [732622]\n- [scsi] qla4xxx: Added restore factory defaults support using BSG (Mike Christie) [732622]\n- [scsi] qla4xxx: added support to update initiator iscsi port (Mike Christie) [732622]\n- [scsi] scsi_transport_iscsi: Added support to update initiator iscsi port (Mike Christie) [732622]\n- [scsi] qla4xxx: Added vendor specific sysfs attributes (Mike Christie) [732622]\n- [scsi] qla4xxx: Add read/update NVRAM support for 40xx adapters using BSG (Mike Christie) [732622]\n- [scsi] qla4xxx: Add get ACB state support using BSG (Mike Christie) [732622]\n- [scsi] qla4xxx: Code cleanup for read/update flash using BSG (Mike Christie) [732622]\n- [scsi] qla4xxx: Added support to update mtu (Mike Christie) [732622]\n- [scsi] scsi_transport_iscsi: Added support to update mtu (Mike Christie) [732622]\n- [scsi] libfc: improve flogi retries to avoid lport stuck (Mike Christie) [745667]\n- [scsi] libfc: avoid exchanges collision during lport reset (Mike Christie) [745667]\n- [scsi] libfc: fix checking FC_TYPE_BLS (Mike Christie) [745667]\n- [scsi] libfc: revert fix deadlock bug in fc_exch_abort_locked (Mike Christie) [745667]\n- [dm] log userspace: Allow for 'log device name' response in CTR msg exchange (Jonathan E Brassow) [746254]\n- [dm] kcopyd: fix job_pool leak (Mike Snitzer) [748441]\n- [netdrv] igb: Fix for Alt MAC Address feature on 82580 and later (Andy Gospodarek) [748503]\n[2.6.32-214.el6]\n- [dm] table: add immutable feature (Mike Snitzer) [747438]\n- [mm] reduce overhead on paravirt functions (Larry Woodman) [743554]\n[2.6.32-213.el6]\n- [netdrv] Fixing use of netif_set_real_num_tx_queues in niu.c (Neil Horman) [742117]\n- [netdrv] Fixing use of netif_set_real_num_tx_queues in myri10ge.c (Neil Horman) [742117]\n- [netdrv] Fixing use of netif_set_real_num_tx_queues in igb_main.c (Neil Horman) [742117]\n- [netdrv] Fixing use of netif_set_real_num_tx_queues in cxgb4_main.c (Neil Horman) [742117]\n- [netdrv] Fixing use of netif_set_real_num_tx_queues in cxgb3_main.c (Neil Horman) [742117]\n- [netdrv] Fixing use of netif_set_real_num_tx_queues in bnx2.c (Neil Horman) [742117]\n- [ppc] kabi: add symbol 'paca' to ppc KABI (Jiri Olsa) [737466]\n- [fs] proc: fix oops on invalid /proc/pid/maps access (Johannes Weiner) [746613] {CVE-2011-3637}\n- [nfs] fix pNFS hang and oops on umounts (Steve Dickson) [746861]\n- [scsi] qla4xxx: export address/port of connection (Mike Christie) [728156]\n- [netdrv] Fix pktgen to not oops on unsupported drivers (Neil Horman) [678794]\n- [kernel] tracing: Update the comm field in the right variable in update_max_tr (Jiri Olsa) [736955]\n- [kernel] kabi: Add missing compat_alloc_user_space symbol to kABI (Jiri Olsa) [747047]\n- [kernel] fix taskstats io infoleak (Jerome Marchand) [716848] {CVE-2011-2494}\n- [x86] ACPI, APEI, HEST: Detect duplicated hardware error source ID (Don Zickus) [737189]\n- [netdrv] Add latest cxgb3 firmware (Neil Horman) [742011]\n[2.6.32-212.el6]\n- [net] bridge: fix use after free in __br_deliver() (Amerigo Wang) [730756] {CVE-2011-2942}\n- [scsi] Update lpfc version for 8.3.5.45.4p driver release (Rob Evers) [746668]\n- [scsi] Fix crash when cfg_fcp_eq_count is zero (Rob Evers) [746668]\n- [scsi] Fix kernel crash during boot with SLI4 card installed (Rob Evers) [746668]\n- [scsi] Properly clean up EQ and CQ child lists to prevent kernel crash (Rob Evers) [746668]\n- [kabi] add missing symbols for Emulex be2net driver (Jiri Olsa) [745712]\n- [netdrv] netxen-firmware: Install the 4.0.579 firmware (Kyle McMartin) [741776]\n- [perf] symbols: Treat all memory maps without dso file as loaded (Jiri Olsa) [726582]\n- [debug] increase MAX_STACK_TRACE_ENTRIES (Kyle McMartin) [645777]\n- [fs] cifs: add fallback in is_path_accessible for old servers (Jeff Layton) [692709] {CVE-2011-3363}\n- [tpm] Zero buffer after copying to userspace (Jiri Benc) [732633] {CVE-2011-1161 CVE-2011-1162}\n- [pci] intel-iommu: IOTLB hang workaround (Dave Airlie) [728476]\n- [drm] i915: Fix hang on Ironlake mobile GPU with VT-d (Dave Airlie) [728476]\n- [drm] i915: Remove early exit on i915_gpu_idle (Dave Airlie) [728476]\n- [drm] nv50/bios: fixup mpll programming from the init table parser (Ben Skeggs) [744992]\n- [drm] nv50/vram: fix incorrect detection of bank count on newer chipsets (Ben Skeggs) [744992]\n- [drm] radeon: fix llano output setup + memory corruption (Dave Airlie) [747292]\n- [drm] radeon caicos enablement fixes (Dave Airlie) [747291]\n- [pci] Disable SRIOV on powerpc (Prarit Bhargava) [742089]\n- [pci] Add pci=nosriov to disable SRIOV (Prarit Bhargava) [742089]\n- [x86] apic: ack all pending irqs when crashed/on kexec (Takao Indoh) [704142]\n[2.6.32-211.el6]\n- [scsi] libsas: fix warnings when checking sata/stp protocol (David Milburn) [695950]\n- [scsi] libsas: disable scanning lun > 0 on ata devices (David Milburn) [695950]\n- [scsi] libsas: Allow expander T-T attachments (David Milburn) [695950]\n- [usb] xhci: Make xHCI driver endian-safe (Don Zickus) [745967]\n- [infiniband] RDMA/cxgb3: Dont post zero-byte read if endpoint is going away (Neil Horman) [717379]\n- [scsi] isci: atapi support (David Milburn) [743692]\n- [x86] amd: Move BSP code to cpu_dev helper (Larry Woodman) [739456]\n- [x86] Add a BSP cpu_dev helper (Larry Woodman) [739456]\n- [x86] amd: Avoid cache aliasing penalties on AMD family 15h (Larry Woodman) [739456]\n- [net] ipv6: fix NULL dereference in udp6_ufo_fragment() (Jason Wang) [740465]\n- [netdrv] cxgb4: Updating NIC driver firmware (Neil Horman) [717806]\n- [netdrv] cxgb3: Fix NULL pointer dereference in t3_l2t_get (Neil Horman) [729737]\n- [netdrv] bnx2x: remaining fixes from upstream 3.1 (Michal Schmidt) [743917]\n- [netdrv] e1000e: fix WoL on 82578DM and 82567V3 (Andy Gospodarek) [699042]\n- [netdrv] tg3: Use netif_set_real_num_tx_queues() (Jiri Pirko) [740477]\n- [netdrv] bnx2x: critical fixes (Veaceslav Falico) [745211]\n- [netdrv] bonding: properly stop queuing work when requested (Andy Gospodarek) [736904]\n- [netdrv] tg3: negate USE_PHYLIB flag check (Jiri Pirko) [746006]\n- [x86] Add new cpu capabilities to /proc/cpuinfo (Prarit Bhargava) [745799]\n- [kabi] add missing multipath symbols for s390x (Aristeu Rozanski) [714992]\n- [perf] sched: Fix script command documentation (Jiri Olsa) [726589]\n- [pm] hibernate: Fix memory corruption related to swap (Stanislaw Gruszka) [701857]\n- [scsi] hpsa: add heartbeat sysfs host attribute (Tomas Henzl) [730027]\n- [scsi] Revert megaraid_sas: Driver only report tape drive, JBOD and logic drives (Tomas Henzl) [736667]\n- [fs] GFS2: Fix ->page_mkwrite() races (Steven Whitehouse) [725091]\n- [scsi] scsi_transport_fc: Fix deadlock during fc_remove_host (Mike Christie) [714320]\n- [kernel] workqueue: Fix workqueue deadlock during destroy_workqueue (Mike Christie) [714320]\n- [sched] Avoid expensive initial update_cfs_load() (Larry Woodman) [741569 742414]\n- [sched] Simplify update_cfs_shares parameters (Larry Woodman) [741569 742414]\n- [sched] Fix/remove redundant cfs_rq checks (Larry Woodman) [741569 742414]\n- [sched] Fix sign under-flows in wake_affine (Larry Woodman) [741569 742414]\n- [sched] Update effective_load() to use global share weights (Larry Woodman) [741569 742414]\n- [sched] Fix interactivity bug by charging unaccounted run-time on entity re-weight (Larry Woodman) [741569 742414]\n- [sched] Move periodic share updates to entity_tick() (Larry Woodman) [741569 742414]\n- [sched] Fix UP build breakage (Larry Woodman) [741569 742414]\n- [sched] Update tg->shares after cpu.shares write (Larry Woodman) [741569 742414]\n[2.6.32-210.el6]\n- [drm] i915: fix IVB cursor support (Adam Jackson) [741780]\n- [drm] i915: always set FDI composite sync bit (Adam Jackson) [745564]\n- [netdrv] bnx2i: Fixed the endian on TTT for NOP out transmission (Mike Christie) [745676]\n- [scsi] megaraid_sas: Add driver workaround for PERC5/1068 kdump kernel panic (Tomas Henzl) [723218]\n- [ata] AHCI: Add new Panther Point RAID DeviceID (Prarit Bhargava) [745484]\n- [scsi] isci: export phy events via ->lldd_control_phy() (David Milburn) [743654]\n- [scsi] isci: The port state should be set to stopping on the last phy (David Milburn) [743654]\n- [scsi] isci: fix decode of DONE_CRC_ERR TC completion status (David Milburn) [743654]\n- [scsi] isci: SATA/STP I/O is only returned in the normal path to libsas (David Milburn) [743654]\n- [scsi] isci: fix support for large smp requests (David Milburn) [743654]\n- [scsi] isci: fix missed unlock in apc_agent_timeout() (David Milburn) [743654]\n- [scsi] isci: fix event-get pointer increment (David Milburn) [743654]\n- [scsi] isci: add version number (David Milburn) [743654]\n- [scsi] isci: dynamic interrupt coalescing (David Milburn) [743654]\n- [scsi] isci: fix sata response handling (David Milburn) [743654]\n- [scsi] isci: Leave requests alone if already terminating (David Milburn) [743654]\n- [fs] jbd: Fix forever sleeping process in do_get_write_access() (Harshula Jayasuriya) [744979]\n- [fs] jbd2: Fix forever sleeping process in do_get_write_access() (Harshula Jayasuriya) [744979]\n- [net] ipv6: fix refcnt problem related to POSTDAD state (Weiping Pan) [709280 731608]\n- [x86] paravirt: PTE updates in k(un)map_atomic need to be synchronous, regardless of lazy_mmu mode (Igor Mammedov) [632802]\n- [s390x] qdio: 2nd stage retry on SIGA-W busy conditions (Hendrik Brueckner) [732708]\n- [s390x] kernel: NSS creation with initrd fails (Hendrik Brueckner) [730780]\n- [s390x] qeth: wrong number of output queues for HiperSockets (Hendrik Brueckner) [730701]\n- [s390x] qeth: l3 ipv6 vlan not working on shared OSA chpid (Hendrik Brueckner) [727850]\n- [x86] Intel pci: Provide option to enable 64-bit IOMMU pass through mode (George Beshers) [696420]\n- [x86] intel-iommu: Remove Host Bridge devices from identity mapping (George Beshers) [696420]\n- [x86] intel-iommu: Add domain check in domain_remove_one_dev_info (George Beshers) [696420]\n- [x86] intel-iommu: Use coherent DMA mask when requested (George Beshers) [696420]\n- [x86] intel-iommu: Dont cache iova above 32bit (George Beshers) [696420]\n- [x86] intel-iommu: Speed up processing of the identity_mapping function (George Beshers) [696420]\n- [x86] intel-iommu: Check for identity mapping candidate using system dma mask (George Beshers) [696420]\n- [scsi] tcm_fc: Fix to activate non-offload path for FCoE target (Andy Grover) [638007]\n[2.6.32-209.el6]\n- [pci] edd: Treat 'XPRS' host bus type the same as 'PCI' (Mike Christie) [742059]\n- [scsi] be2iscsi: Move driver Version (Mike Christie) [738163 738934]\n- [scsi] be2iscsi: memset wrb for ring create (Mike Christie) [738163 738934]\n- [scsi] be2iscsi: Fix for case where task->sc was cleanedup earlier (Mike Christie) [738163 738934]\n- [scsi] be2iscsi: Fix for wrong dmsg setting in wrb (Mike Christie) [738163 738934]\n- [scsi] be2iscsi: Fix for kdump failure (Mike Christie) [738163 738934]\n- [sched] wait_for_completion_interruptible_timeout() should return signed long (J. Bruce Fields) [738379]\n[2.6.32-208.el6]\n- [net] fix net_dev_xmit tracepoint use of freed skb (Jiri Pirko) [705253]\n- [block] kabi: symbols missing for FusionIO iomemory-vsl driver (Jiri Olsa) [735227]\n- [netdrv] kabi: symbols missing for Emulex be2net driver (Jiri Olsa) [735229]\n- [virt] xen: use maximum reservation to limit amount of usable RAM (Igor Mammedov) [743590]\n- [usb] additional regression fix for device removal (Don Zickus) [744154]\n- [usb] fix regression occurring during device removal (Don Zickus) [744154]\n- [usb] Lower USB storage settling delay to something more reasonable (Don Zickus) [743959]\n[2.6.32-207.el6]\n- [netdrv] bna: Multiple Definition and Interface Setup Fix (Ivan Vecera) [743347]\n- [netdrv] bna: Driver Version changed to 3.0.2.2 (Ivan Vecera) [743347]\n- [netdrv] bna: Add Callback to Fix RXQ Stop (Ivan Vecera) [743347]\n- [netdrv] bna: PLL Init Fix and Add Stats Attributes (Ivan Vecera) [743347]\n- [netdrv] bna: Brocade 1860 HW Enablement (Ivan Vecera) [743347]\n- [netdrv] bna: Implement FW Download for New HW (Ivan Vecera) [743347]\n- [netdrv] bna: Capability Map and MFG Block Changes for New HW (Ivan Vecera) [743347]\n- [netdrv] bna: PCI Probe Conf Lock Fix (Ivan Vecera) [743347]\n- [netdrv] bna: Eliminate Small Race Condition Window in RX Path (Ivan Vecera) [743347]\n- [netdrv] bna: Set Ring Param Fix (Ivan Vecera) [743347]\n- [netdrv] bna: Semaphore Lock Fix (Ivan Vecera) [743347]\n- [netdrv] bna: make function tables cont (Ivan Vecera) [743347]\n- [netdrv] bna: Driver Version changed to 3.0.2.1 (Ivan Vecera) [743347]\n- [netdrv] bna: SKB PCI UNMAP Fix (Ivan Vecera) [743347]\n- [netdrv] bna: TX Queue Depth Fix (Ivan Vecera) [743347]\n- [netdrv] bna: MBOX IRQ Flag Check after Locking (Ivan Vecera) [743347]\n- [netdrv] bna: Async Mode Tx Rx Init Fix (Ivan Vecera) [743347]\n- [netdrv] bna: Ethtool Enhancements and Fix (Ivan Vecera) [743347]\n- [netdrv] bna: Initialization and Locking Fix (Ivan Vecera) [743347]\n- [netdrv] bna: Formatting and Code Cleanup (Ivan Vecera) [743347]\n- [netdrv] bna: TX Path and RX Path Changes (Ivan Vecera) [743347]\n- [netdrv] bna: Interrupt Polling and NAPI Init Changes (Ivan Vecera) [743347]\n- [netdrv] bna: PCI Probe Fix (Ivan Vecera) [743347]\n- [netdrv] bna: Naming Change and Minor Macro Fix (Ivan Vecera) [743347]\n- [netdrv] bna: off by one in bfa_msgq_rspq_pi_update() (Ivan Vecera) [743347]\n- [netdrv] bna: unlock on error path in pnad_pci_probe() (Ivan Vecera) [743347]\n- [scsi] libfc: fix deadlock bug in fc_exch_abort_locked (Mike Christie) [740096]\n- [scsi] bnx2fc: Bumped version to 1.0.8 (Mike Christie) [740096]\n- [scsi] bnx2fc: Return error statistics of remote peer (Mike Christie) [740096]\n- [scsi] fcoe/libfcoe: Move common code for fcoe_get_lesb to fcoe_transport (Mike Christie) [740096]\n- [scsi] bnx2fc: call ctlr_link_up only when the interface is enabled (Mike Christie) [740096]\n- [scsi] bnx2fc: Add driver documentation (Mike Christie) [740096]\n- [scsi] bnx2fc: Bumped version to 1.0.7 (Mike Christie) [740096]\n- [scsi] bnx2fc: Handle bnx2fc_map_sg failure (Mike Christie) [740096]\n- [scsi] bnx2fc: Replace scsi_dma_map() with dma_map_sg() (Mike Christie) [740096]\n- [x86] acpi: Prevent acpiphp from deadlocking on PCI-to-PCI bridge remove (Prarit Bhargava) [732706]\n- [x86] UV2: add missing kABI bits (George Beshers) [741432]\n- [ppc] pci: Check devices status property when scanning OF tree (Steve Best) [738450]\n- [drm] radeon/kms: reject video mode that would go over bandwidth limit on RN50 (Jerome Glisse) [729976]\n- [fs] deal with races in /proc/*/syscall, stack, personality (Johannes Weiner) [692039]\n- [fs] proc: enable writing to /proc/pid/mem (Johannes Weiner) [692039]\n- [fs] proc: make check_mem_permission() return an mm_struct on success (Johannes Weiner) [692039]\n- [fs] proc: hold cred_guard_mutex in check_mem_permission() (Johannes Weiner) [692039]\n- [fs] proc: disable mem_write after exec (Johannes Weiner) [692039]\n- [mm] implement access_remote_vm (Johannes Weiner) [692039]\n- [mm] factor out main logic of access_process_vm (Johannes Weiner) [692039]\n- [mm] use mm_struct to resolve gate vmas in __get_user_pages (Johannes Weiner) [692039]\n- [mm] rename in_gate_area_no_task to in_gate_area_no_mm (Johannes Weiner) [692039]\n- [mm] make in_gate_area take an mm_struct instead of a task_struct (Johannes Weiner) [692039]\n- [mm] make get_gate_vma take an mm_struct instead of a task_struct (Johannes Weiner) [692039]\n- [x86] mark associated mm when running a task in 32 bit compatibility mode (Johannes Weiner) [692039]\n- [x86] add context tag to mark mm when running a task in 32-bit compatibility mode (Johannes Weiner) [692039]\n- [fs] auxv: require the target to be tracable (or yourself) (Johannes Weiner) [692039]\n- [fs] close race in /proc/*/environ (Johannes Weiner) [692039]\n- [fs] report errors in /proc/*/*map* sanely (Johannes Weiner) [692039]\n- [fs] pagemap: close races with suid execve (Johannes Weiner) [692039]\n- [fs] make sessionid permissions in /proc/*/task/* match those in /proc/* (Johannes Weiner) [692039] {CVE-2011-1020}\n[2.6.32-206.el6]\n- [ppc] ibmveth: Fix leak when recycling skb and hypervisor returns error (Steve Best) [740548]\n- [fs] nfs: Do not allow multiple mounts on same mountpoint when using -o noac (Sachin Prabhu) [584768]\n- [scsi] megaraid: fix FastPath and update to v5.40 (Tomas Henzl) [726225]\n- [acpi] APEI: set enable bit for OSC call (Matthew Garrett) [734509]\n- [block] Whitelist symbols for dm-switch multipathing driver (Shyam Iyer) [714992]\n- [x86] Missing 'unregister_cpu_notifier' in powernow-k8.c (Prarit Bhargava) [741302]\n- [virt] xen-netfront: fix MTU reset after migration (Paolo Bonzini) [733651]\n[2.6.32-205.el6]\n- [mm] add extra free kbytes tunable (Rik van Riel) [696395]\n- [build] Makefile: include RHEL_RELEASE in version.h (Aristeu Rozanski)\n- [ppc] Fix bogus it_blocksize in VIO iommu code (Steve Best) [738449]\n- [ppc] hvcs: Ensure page aligned partner info buffer (Steve Best) [739749]\n- [virt] KVM: Enable RDRAND feature support for KVM (Don Dugger) [721131]\n- [virt] x86, cpu: Add CPU flags for F16C and RDRND (Don Dugger) [721131]\n- [mm] zram: prevent accessing an unallocated table when init fails early (Jerome Marchand) [732707]\n- [mm] zram: fix zram locking (Jerome Marchand) [732707]\n- [ppc] eeh: Display eeh error location for bus and device (Steve Best) [707843]\n- [ppc] pseries/eeh: Handle functional reset on non-PCIe device (Steve Best) [707843]\n- [ppc] pseries/eeh: Propagate needs_freset flag to device at PE (Steve Best) [707843]\n- [ppc] eeh: Add support for ibm, configure-pe RTAS call (Steve Best) [707843]\n- [scsi] isci: initial sgpio write support (David Milburn) [735318]\n- [scsi] isci: fix sgpio register definitions (David Milburn) [735318]\n- [scsi] libsas: sgpio write support (David Milburn) [735318]\n- [drm] i915: set GFX_MODE to pre-Ivybridge default value even on Ivybridge (Adam Jackson) [695793]\n[2.6.32-204.el6]\n- [netdrv] firmware: add bnx2x FW 7.0.23 (Michal Schmidt) [733693]\n- [netdrv] bnx2x: Add new PHY BCM54616 (Michal Schmidt) [733888]\n- [netdrv] bnx2x: fixes from upstream 3.1-rc (Michal Schmidt) [733693]\n- [netdrv] bnx2x: driver-side changes for firmware 7.0.23 (Michal Schmidt) [733693]\n- [netdrv] bnx2x: add missing DCB callbacks (Michal Schmidt) [733693]\n- [scsi] scan: dont fail scans when host is in recovery (Mike Christie) [713682]\n- [usb] dont let errors prevent system sleep (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] dont let the hub driver prevent system sleep (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] xhci: Reject double add of active endpoints (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] Free bandwidth when usb_disable_device is called (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] disable endpoints after unbinding interfaces, not before (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] xhci: Dont warn about zeroed bMaxBurst descriptor field (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] xHCI 1.0: Force Stopped Event(FSE) (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] xHCI 1.0: introduce Incompatible Device Error (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] xhci: Add reset on resume quirk for asrock p67 host (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] xhci: Always set urb->status to zero for isoc endpoints (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] Fix up URB error codes to reflect implementation (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] config: use proper endian access for wMaxPacketSize (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] xhci: fix OS want to own HC (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] xhci: Dont submit commands or URBs to halted hosts (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] usbcore: warm reset USB3 port in SS.Inactive state (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] Refine USB3.0 device suspend and resume (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] fix system suspend with USB3.0 device connected to USB3.0 hub (Don Zickus) [732457 732909 735048 735050 735263]\n- [usb] Clear 'warm' port reset change (Don Zickus) [732457 732909 735048 735050 735263]\n- [netdrv] b43: allocate receive buffers big enough for max frame len + offset (RuiRui Yang) [738205] {CVE-2011-3359}\n- [netdrv] tg3: call netif_carrier_off to initialize operstate value (John Feeney) [727330]\n- [fs] fuse: check size of FUSE_NOTIFY_INVAL_ENTRY message (RuiRui Yang) [736765] {CVE-2011-3353}\n- [fs] cifs: fix possible memory corruption in CIFSFindNext (Jeff Layton) [730354] {CVE-2011-3191}\n- [fs] nfsd4: fix open downgrade, again (J. Bruce Fields) [729176]\n- [fs] jbd[2]: Use WRITE_SYNC_PLUG in journal_commit_transaction (Jeff Moyer) [720918]\n- [fs] mbcache: Limit the maximum number of cache entries (Eric Sandeen) [731585]\n- [netdrv] netxen: Add firmware version 4.0.557[579]. (Chad Dupuis) [741776]\n- [netdrv] netxen: Add pcie workaround (Chad Dupuis) [741774]\n- [netdrv] netxen: add vlan LRO support (Chad Dupuis) [741774]\n- [netdrv] netxen: add fw version compatibility check (Chad Dupuis) [741774]\n- [netdrv] netxen: drivers/net: Remove casts of void * (Chad Dupuis) [741774]\n- [netdrv] netxen: fix race in skb->len access (Chad Dupuis) [741774]\n- [netdrv] netxen: drivers/net: Remove unnecessary semicolons (Chad Dupuis) [741774]\n- [netdrv] netxen: ethtool: cosmetic: Use ethtool ethtool_cmd_speed API (Chad Dupuis) [741774]\n- [netdrv] netxen: ethtool: Use full 32 bit speed range in ethtools set_settings (Chad Dupuis) [741774]\n[2.6.32-203.el6]\n- [fs] xfs: avoid direct I/O write vs buffered I/O race (Dave Chinner) [732976]\n- [fs] xfs: dont serialise adjacent concurrent direct IO appending writes (Dave Chinner) [732976]\n- [fs] xfs: dont serialise direct IO reads on page cache checks (Dave Chinner) [732976]\n- [fs] gfs2: Ignore buffers with wrong state during fsync (Abhijith Das) [740066]\n- [fs] GFS2: balance pages on gfs2_fallocate. (Benjamin Marzinski) [737989]\n- [fs] xfs: avoid synchronous transactions when deleting attr blocks (Dave Chinner) [740312]\n- [fs] GFS2: large file delete/unlink is slow (Robert S Peterson) [739987]\n- [fs] ext4: optimize ext4_check_dir_entry() (Eric Sandeen) [714007]\n- [fs] Fix do_lookup false negative. (David Howells) [693841]\n- [netdrv] tg3: Fix VLAN creation problem (John Feeney) [731268 732769]\n- [netdrv] ixgbe: fix improper check of dma address for NULL (Neil Horman) [683611]\n- [netdrv] e1000: dont enable dma receives until after dma address has been setup (Dean Nelson) [703357]\n- [net] sctp: deal with multiple COOKIE_ECHO chunks (Max Matveev) [729220]\n[2.6.32-202.el6]\n- [net] br_multicast: Ensure to initialize BR_INPUT_SKB_CB(skb)->mrouters_only. (Herbert Xu) [738110]\n[2.6.32-201.el6]\n- [x86] Add rh_kabi.c and protect struct alt_instr under KABI (Prarit Bhargava) [737753]\n- [x86] Fix module alt_instr KABI breakage (Prarit Bhargava) [737753]\n[2.6.32-200.el6]\n- [build] Makefile: update RHEL_MINOR to 2 (Aristeu Rozanski)\n- [scsi] scsi_lib: pause between error retries (Rob Evers) [736812]\n- [kernel] perf tools: do not look at ./config for configuration (Jiri Benc) [730204] {CVE-2011-2905}\n- [scsi] Fix out of spec CD-ROM problem with media change (Rob Evers) [703366]\n- [netdrv] bna: Driver Version changed to 3.0.2.0 (Ivan Vecera) [701486]\n- [netdrv] bna: Remove Obsolete Files (Ivan Vecera) [701486]\n- [netdrv] bna: Remove Unused Code (Ivan Vecera) [701486]\n- [netdrv] bna: ENET and Tx Rx Redesign Enablement (Ivan Vecera) [701486]\n- [netdrv] bna: Add New HW Defs (Ivan Vecera) [701486]\n- [netdrv] bna: Tx and Rx Redesign (Ivan Vecera) [701486]\n- [netdrv] bna: Introduce ENET as New Driver and FW Interface (Ivan Vecera) [701486]\n- [netdrv] bna: MSGQ Implementation (Ivan Vecera) [701486]\n- [netdrv] bna: Remove Obsolete File bfi_ctreg.h (Ivan Vecera) [701486]\n- [netdrv] bna: Consolidated HW Registers for Supported HWs (Ivan Vecera) [701486]\n- [netdrv] bna: Remove get_regs Ethtool Support (Ivan Vecera) [701486]\n- [netdrv] bna: HW Interface Init Update (Ivan Vecera) [701486]\n- [netdrv] bna: Remove Unnecessary CNA Check (Ivan Vecera) [701486]\n- [netdrv] bna: Header File Consolidation (Ivan Vecera) [701486]\n- [netdrv] bna: HW Error Counter Fix (Ivan Vecera) [701486]\n- [netdrv] bna: Add HW Semaphore Unlock Logic (Ivan Vecera) [701486]\n- [netdrv] bna: IOC Event Name Change (Ivan Vecera) [701486]\n- [netdrv] bna: Mboxq Flush When IOC Disabled (Ivan Vecera) [701486]\n- [netdrv] bna: Minor IRQ Index and Definition Change (Ivan Vecera) [701486]\n- [netdrv] bna: State Machine Fault Handling Cleanup (Ivan Vecera) [701486]\n- [netdrv] bna: IOC Event Notification Enhancement (Ivan Vecera) [701486]\n- [netdrv] bna: CheckPatch Cleanup (Ivan Vecera) [701486]\n- [netdrv] bna: Print Driver Version (Ivan Vecera) [701486]\n- [netdrv] bna: use netdev_alloc_skb_ip_align() (Ivan Vecera) [701486]\n- [netdrv] bna: ethtool: cosmetic: Use ethtool ethtool_cmd_speed API (Ivan Vecera) [701486]\n- [netdrv] bna: ethtool: Use full 32 bit speed range in ethtools set_settings (Ivan Vecera) [701486]\n- [net] bna: fix compile warning of bfa_ioc_smem_pgoff defined but not used (Ivan Vecera) [701486]\n- [netdrv] bna: Fix set-but-unused variables. (Ivan Vecera) [701486]\n- [netdrv] bna: use device model DMA API (Ivan Vecera) [701486]\n- [netdrv] bna: Remove unnecessary memset(,0,) (Ivan Vecera) [701486]\n[2.6.32-199.el6]\n- [scsi] libfcoe: fix compilation when fcoe.ko is not used (Mike Christie) [727304]\n- [scsi] bnx2fc: Bumped version to 1.0.6 (Mike Christie) [727304]\n- [scsi] bnx2fc: Fix FW assert during RSCN stress tests (Mike Christie) [727304]\n- [scsi] bnx2fc: Fix panic caused because of incorrect errror handling in create() (Mike Christie) [727304]\n- [scsi] bnx2fc: Avoid calling bnx2fc_if_destroy with unnecessary locks (Mike Christie) [727304]\n- [scsi] bnx2fc: Validate vlan id in NETDEV_UNREGISTER handler (Mike Christie) [727304]\n- [scsi] bnx2fc: No abort issued for REC when it times out (Mike Christie) [727304]\n- [scsi] bnx2fc: Send solicitation only after vlan discovery is complete (Mike Christie) [727304]\n- [scsi] bnx2fc: Reset max receive frame size during link up (Mike Christie) [727304]\n- [scsi] bnx2fc: Do not use HBA_DBG macro when lport is not available (Mike Christie) [727304]\n- [scsi] bnx2fc: increase cleanup wait time (Mike Christie) [727304]\n- [scsi] bnx2fc: Bump version to 1.0.5 (Mike Christie) [727304]\n- [scsi] bnx2fc: Prevent creating of NPIV port with duplicate WWN (Mike Christie) [727304]\n- [scsi] bnx2fc: Obtain WWNN/WWPN from the shared memory (Mike Christie) [727304]\n- [scsi] fcoe: Move common functions to fcoe_transport library (Mike Christie) [727304]\n- [scsi] bnx2fc: Drop incoming ABTS (Mike Christie) [727304]\n- [scsi] bnx2fc: code cleanup in bnx2fc_offload_session (Mike Christie) [727304]\n- [scsi] bnx2fc: Fix NULL pointer deref during arm_cq (Mike Christie) [727304]\n- [scsi] bnx2fc: Do not reuse the fcoe connection id immediately (Mike Christie) [727304]\n- [scsi] bnx2fc: Clear DESTROY_CMPL flag after firmware destroy (Mike Christie) [727304]\n- [scsi] bnx2fc: Handle NETDEV_UNREGISTER for vlan devices (Mike Christie) [727304]\n- [scsi] bnx2fc: Reorganize cleanup code between interface_cleanup and if_destroy (Mike Christie) [727304]\n- [scsi] bnx2fc: Change function names of bnx2fc_netdev_setup/bnx2fc_netdev_cleanup (Mike Christie) [727304]\n- [scsi] bnx2fc: Do not attempt destroying NPIV port twice (Mike Christie) [727304]\n- [scsi] bnx2fc: Remove erroneous kref_get on IO request (Mike Christie) [727304]\n- [scsi] bnx2fc: Enable bsg_request support for bnx2fc (Mike Christie) [727304]\n- [scsi] bnx2fc: Bug fixes in percpu_thread_create/destroy (Mike Christie) [727304]\n- [scsi] bnx2fc: Reset the max receive frame size (Mike Christie) [727304]\n- [netdrv] cnic: Wait for all Context IDs to be deleted before sending FCOE_DESTROY_FUNC (Mike Christie) [727304]\n- [netdrv] cnic: Fix Context ID space calculation (Mike Christie) [727304]\n- [netdrv] cnic: Return proper error code if we fail to send netlink message (Mike Christie) [727304]\n- [netdrv] cnic: Fix ring setup/shutdown code (Mike Christie) [727304]\n- [netdrv] cnic: Fix port_mode setting (Mike Christie) [727304]\n- [netdrv] cnic: Replace get_random_bytes() with random32() (Mike Christie) [727304]\n- [scsi] cnic, bnx2i: Add support for new devices - 57800, 57810, and 57840 (Mike Christie) [727304]\n- [netdrv] cnic: Add VLAN ID as a parameter during netevent upcall (Mike Christie) [727304]\n- [x86] mm: Fix pgd_lock deadlock (Andrew Jones) [691310]\n- [mm] pdpte registers are not flushed when PGD entry is changed in x86 PAE mode (Andrew Jones) [691310]\n- [mm] Revert 'fix pgd_lock deadlock' (Andrew Jones) [691310]\n- [scsi] libfc: fix referencing to fc_fcp_pkt from the frame pointer via fr_fsp() (Mike Christie) [734961]\n- [scsi] libfc: block SCSI eh thread for blocked rports (Mike Christie) [734961]\n- [scsi] libfc: fix fc_eh_host_reset (Mike Christie) [734961]\n- [scsi] fcoe: Fix deadlock between fips recv_work and rtnl (Mike Christie) [734961]\n- [scsi] fcoe: add fip retry to avoid missing critical keep alive (Mike Christie) [734961]\n- [scsi] libfc: fix warn on in lport retry (Mike Christie) [734961]\n- [scsi] libfc: Remove the reference to FCP packet from scsi_cmnd in case of error (Mike Christie) [734961]\n- [scsi] libfc: cleanup sending SRR request (Mike Christie) [734961]\n- [scsi] libfc: two minor changes in comments (Mike Christie) [734961]\n- [scsi] libfc, fcoe: ignore rx frame with wrong xid info (Mike Christie) [734961]\n- [scsi] libfc: release exchg cache (Mike Christie) [734961]\n- [scsi] libfc: use FC_MAX_ERROR_CNT (Mike Christie) [734961]\n- [scsi] fcoe: remove unused ptype field in fcoe_rcv_info (Mike Christie) [734961]\n- [scsi] fcoe: Rearrange fcoe port and NPIV port cleanup (Mike Christie) [734961]\n- [x86] intel_idle: Fix mismerge (Matthew Garrett) [733730]\n- [x86] x2apic: enable the bios request for x2apic optout (Prarit Bhargava) [696902]\n- [x86] ACPI: fix ioremap failure regression (Stanislaw Gruszka) [731546]\n[2.6.32-198.el6]\n- [fs] corrupted GUID partition tables can cause kernel oops (Jerome Marchand) [695982] {CVE-2011-1577}\n- [x86] perf: Fix Intel fixed counters base initialization (Don Zickus) [736284] {CVE-2011-2521}\n- [netdrv] iwlagn: use 6000g2b uCode for 130 series devices (Stanislaw Gruszka) [737185]\n- [block] Missing portions of DM/MD RAID1 plugging patch (Jonathan E Brassow) [735124]\n- [net] Compute protocol sequence numbers and fragment IDs using MD5. (Jiri Pirko) [732665] {CVE-2011-3188}\n- [crypto] Move md5_transform to lib/md5.c (Jiri Pirko) [732665] {CVE-2011-3188}\n[2.6.32-197.el6]\n- [block] blktrace: fix handling of requests with SYNC and META flags (Mike Snitzer) [726437]\n- [block] blktrace: add FLUSH/FUA support (Mike Snitzer) [726437]\n- [kernel] Restore max mqueue message size to its previous RHEL 5 value (Doug Ledford) [730632]\n[2.6.32-196.el6]\n- [scsi] qla4xxx: updated device id check for BFS (Chad Dupuis) [732622]\n- [fs] nfsd4: return nfserr_symlink on v4 OPEN of non-regular file (J. Bruce Fields) [697659]\n- [netdrv] bnx2: Fix some late breaking bnx2 bugs (Neil Horman) [728328]\n- [netdrv] e1000: save skb counts in TX to avoid cache misses (Dean Nelson) [690780]\n- [netdrv] bonding: reset queue mapping prior to transmission (Neil Horman) [726688]\n- [netdrv] e1000e: update to upstream version 1.4.4 (Andy Gospodarek) [730607]\n- [netdrv] bonding: add missing xmit_hash_policy=layer2+3 info (Weiping Pan) [706018]\n- [net] vlan: do not transfer real_num_tx_queues (Weiping Pan) [735015]\n- [mm] thp: tail page refcounting fix (Andrea Arcangeli) [732986]\n- [virt] xen: x86_32: do not enable iterrupts when returning from exception in interrupt context (Igor Mammedov) [713399]\n- [mm] oom: task->mm == NULL doesnt mean the memory was freed (Frantisek Hrbata) [734732]\n- [scsi] scsi_dh_rdac: Associate HBA and storage in rdac_controller to support partitions in storage (Mike Snitzer) [733763]\n- [scsi] scsi_dh_rdac: Use WWID from C8 page instead of Subsystem id from C4 page to identify storage (Mike Snitzer) [733763]\n- [scsi] lpfc: Update lpfc version for 8.3.5.45.3p driver release (Rob Evers) [733500]\n- [scsi] lpfc: Fix compiler warning due to uninitialized local variable (Rob Evers) [733500]\n- [scsi] lpfc: Fix bus reset handler fails with bad failure code (Rob Evers) [733500]\n- [scsi] lpfc: Fix proper error code return value for management API (Rob Evers) [733500]\n- [scsi] lpfc: Fixed ctlreg write bug (Rob Evers) [733500]\n- [scsi] lpfc: Fix default adapter name for the OCe15100 (Rob Evers) [733500]\n- [scsi] lpfc: Fix cable pull failure on interface type 2 SLI-4 adapters (Rob Evers) [733500]\n- [scsi] lpfc: Fixed not able to perform firmware reset through sysfs board_mode attribute (Rob Evers) [733500]\n- [scsi] lpfc: Fixed SLI4 device firmware reset with SR-IOV virtual functions (Rob Evers) [733500]\n- [scsi] lpfc: Fixed not recovering SLI port in handling error attention with RN bit set (Rob Evers) [733500]\n- [scsi] lpfc: Fix two crashes when unsolicted ELS ECHO_CMD is received (Rob Evers) [733500]\n- [scsi] lpfc: Fix direct connect does not come up for SLI4 FC ports (Rob Evers) [733500]\n- [scsi] lpfc: Fixed long wait when firmware reset to a SLI port without required privilege (Rob Evers) [733500]\n- [scsi] lpfc: Fix request firmware support for little endian systems (Rob Evers) [733500]\n[2.6.32-195.el6]\n- [drm] radeon/kms: set a default max_pixel_clock (Dave Airlie) [729545]\n- [pci] pciehp: change wait time for valid configuration access (Myron Stowe) [727720]\n- [pci] ACPI: Report ASPM support to BIOS if not disabled from command line (Myron Stowe) [732501]\n- [ppc] pci: Add calls to set_pcie_port_type() and set_pcie_hotplug_bridge() (Steve Best) [734192]\n- [ppc] pci: Add missing hookup to pci_slot (Steve Best) [734192]\n- [ppc] pci: Add missing call to header fixup (Steve Best) [734192]\n- [virt] xen events: implement mask_ack (Andrew Jones) [733672]\n- [virt] Revert '[virt] xen/events: change to using fasteoi' (Andrew Jones) [733672]\n- [scsi] be2iscsi: Add pci_disable device (Mike Christie) [688076]\n- [scsi] be2iscsi: Adding a shutdown Routine (Mike Christie) [688076]\n- [net] ipv6: make fragment identifications less predictable (Jiri Pirko) [723433] {CVE-2011-2699}\n- [fs] Ecryptfs: Add mount option to check uid of device being mounted = expect uid (Eric Sandeen) [731176] {CVE-2011-1833}", "edition": 73, "modified": "2011-12-14T00:00:00", "published": "2011-12-14T00:00:00", "id": "ELSA-2011-1530", "href": "http://linux.oracle.com/errata/ELSA-2011-1530.html", "title": "Oracle Linux 6 kernel security, bug fix and enhancement update", "type": "oraclelinux", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}]}