{"id": "OPENVAS:1361412562310867905", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for kernel FEDORA-2014-7426", "description": "The remote host is missing an update for the ", "published": "2014-06-23T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867905", "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "references": ["2014-7426", "https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134647.html"], "cvelist": ["CVE-2014-3122", "CVE-2013-2234", "CVE-2014-3940", "CVE-2013-4345", "CVE-2014-0155", "CVE-2013-2894", "CVE-2014-0131", "CVE-2013-2896", "CVE-2014-0100", "CVE-2014-1737", "CVE-2013-6378", "CVE-2014-1874", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2014-1738", "CVE-2014-2568", "CVE-2013-1059", "CVE-2014-3145", "CVE-2014-1446", "CVE-2014-4014", "CVE-2013-2897", "CVE-2013-6368", "CVE-2014-3917", "CVE-2013-2232", "CVE-2014-2851", "CVE-2014-2309", "CVE-2014-2678", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4563", "CVE-2013-4579", "CVE-2014-3144", "CVE-2014-0102", "CVE-2013-6405", "CVE-2013-2899", "CVE-2014-3153", "CVE-2014-2580", "CVE-2013-4125", "CVE-2013-6367", "CVE-2014-0049", "CVE-2013-4387", "CVE-2013-6376", "CVE-2014-0055", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2014-0077", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2014-2523", "CVE-2013-2888", "CVE-2014-0101", "CVE-2014-0069", "CVE-2013-2889", "CVE-2013-2893"], "lastseen": "2019-05-29T18:37:21", "viewCount": 5, "enchantments": {"dependencies": {"references": [{"type": "fedora", "idList": ["FEDORA:E6C59213CA", "FEDORA:DB49F219DE", "FEDORA:9FA6021249", "FEDORA:1DA3D221C6", "FEDORA:30991220A7", "FEDORA:6A93C20D15", "FEDORA:756F822091", "FEDORA:D69CC24B48", "FEDORA:0960721640", "FEDORA:30C5820E79"]}, {"type": "openvas", "idList": ["OPENVAS:867651", "OPENVAS:867240", "OPENVAS:1361412562310867857", "OPENVAS:867546", "OPENVAS:1361412562310867651", "OPENVAS:867682", "OPENVAS:1361412562310867240", "OPENVAS:1361412562310867546", "OPENVAS:867183", "OPENVAS:1361412562310867682"]}, {"type": "ubuntu", "idList": ["USN-2019-1", "USN-2022-1", "USN-2024-1"]}, {"type": "nessus", "idList": ["UBUNTU_USN-2019-1.NASL"]}, {"type": "cve", "idList": ["CVE-2014-7426"]}], "modified": "2019-05-29T18:37:21", "rev": 2}, "score": {"value": 6.2, "vector": "NONE", "modified": "2019-05-29T18:37:21", "rev": 2}, "vulnersScore": 6.2}, "pluginID": "1361412562310867905", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-7426\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867905\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-23 10:57:15 +0530 (Mon, 23 Jun 2014)\");\n script_cve_id(\"CVE-2014-4014\", \"CVE-2014-3153\", \"CVE-2014-3940\", \"CVE-2014-3917\",\n \"CVE-2014-3144\", \"CVE-2014-3145\", \"CVE-2014-1738\", \"CVE-2014-1737\",\n \"CVE-2014-3122\", \"CVE-2014-2851\", \"CVE-2014-0155\", \"CVE-2014-2678\",\n \"CVE-2014-2580\", \"CVE-2014-0077\", \"CVE-2014-0055\", \"CVE-2014-2568\",\n \"CVE-2014-0131\", \"CVE-2014-2523\", \"CVE-2014-2309\", \"CVE-2014-0100\",\n \"CVE-2014-0101\", \"CVE-2014-0049\", \"CVE-2014-0102\", \"CVE-2014-2039\",\n \"CVE-2014-0069\", \"CVE-2014-1874\", \"CVE-2014-1446\", \"CVE-2014-1438\",\n \"CVE-2013-4579\", \"CVE-2013-4587\", \"CVE-2013-6376\", \"CVE-2013-6368\",\n \"CVE-2013-6367\", \"CVE-2013-6405\", \"CVE-2013-6382\", \"CVE-2013-6380\",\n \"CVE-2013-6378\", \"CVE-2013-4563\", \"CVE-2013-4348\", \"CVE-2013-4470\",\n \"CVE-2013-4387\", \"CVE-2013-4345\", \"CVE-2013-4350\", \"CVE-2013-4343\",\n \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2891\", \"CVE-2013-2892\",\n \"CVE-2013-2893\", \"CVE-2013-2894\", \"CVE-2013-2895\", \"CVE-2013-2896\",\n \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-0343\", \"CVE-2013-4254\",\n \"CVE-2013-4125\", \"CVE-2013-2232\", \"CVE-2013-1059\", \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-7426\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-7426\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134647.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.14.8~100.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-0049", "CVE-2014-0055", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-0102", "CVE-2014-0131", "CVE-2014-0155", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2568", "CVE-2014-2580", "CVE-2014-2678", "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153", "CVE-2014-3917", "CVE-2014-3940", "CVE-2014-4014"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-06-22T23:55:11", "published": "2014-06-22T23:55:11", "id": "FEDORA:0960721640", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.14.8-100.fc19", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-0049", "CVE-2014-0055", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-0102", "CVE-2014-0131", "CVE-2014-0155", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1737", "CVE-2014-1738", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2568", "CVE-2014-2580", "CVE-2014-2678", "CVE-2014-2851", "CVE-2014-3122", "CVE-2014-3144", "CVE-2014-3145", "CVE-2014-3153", "CVE-2014-3917", "CVE-2014-3940"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-06-16T23:30:19", "published": "2014-06-16T23:30:19", "id": "FEDORA:D69CC24B48", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.14.7-100.fc19", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-0069", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1874", "CVE-2014-2039"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-03-01T14:05:05", "published": "2014-03-01T14:05:05", "id": "FEDORA:1DA3D221C6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.13.5-101.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-1438", "CVE-2014-1446"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-01-20T03:04:41", "published": "2014-01-20T03:04:41", "id": "FEDORA:30C5820E79", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.12.8-200.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-0049", "CVE-2014-0069", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-0102", "CVE-2014-0131", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-03-28T03:18:14", "published": "2014-03-28T03:18:14", "id": "FEDORA:9FA6021249", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.13.7-100.fc19", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-0049", "CVE-2014-0055", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-0102", "CVE-2014-0131", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2568", "CVE-2014-2580", "CVE-2014-2678"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-04-09T00:51:54", "published": "2014-04-09T00:51:54", "id": "FEDORA:DB49F219DE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.13.9-100.fc19", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2013-12-21T02:15:01", "published": "2013-12-21T02:15:01", "id": "FEDORA:30991220A7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.12.5-200.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-0049", "CVE-2014-0069", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-0102", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1874", "CVE-2014-2039"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-03-09T04:38:45", "published": "2014-03-09T04:38:45", "id": "FEDORA:6A93C20D15", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.13.5-103.fc19", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-0069", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1874"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-02-17T21:02:31", "published": "2014-02-17T21:02:31", "id": "FEDORA:E6C59213CA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.12.11-201.fc19", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2013-0343", "CVE-2013-1059", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2891", "CVE-2013-2892", "CVE-2013-2893", "CVE-2013-2894", "CVE-2013-2895", "CVE-2013-2896", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-4254", "CVE-2013-4343", "CVE-2013-4345", "CVE-2013-4348", "CVE-2013-4350", "CVE-2013-4387", "CVE-2013-4470", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-4587", "CVE-2013-6367", "CVE-2013-6368", "CVE-2013-6376", "CVE-2013-6378", "CVE-2013-6380", "CVE-2013-6382", "CVE-2013-6405", "CVE-2014-0049", "CVE-2014-0055", "CVE-2014-0069", "CVE-2014-0077", "CVE-2014-0100", "CVE-2014-0101", "CVE-2014-0102", "CVE-2014-0131", "CVE-2014-0155", "CVE-2014-1438", "CVE-2014-1446", "CVE-2014-1874", "CVE-2014-2039", "CVE-2014-2309", "CVE-2014-2523", "CVE-2014-2568", "CVE-2014-2580", "CVE-2014-2678", "CVE-2014-2851"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2014-05-06T03:31:53", "published": "2014-05-06T03:31:53", "id": "FEDORA:756F822091", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: kernel-3.13.11-100.fc19", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:37:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-3122", "CVE-2013-2234", "CVE-2014-3940", "CVE-2013-4345", "CVE-2014-0155", "CVE-2013-2894", "CVE-2014-0131", "CVE-2013-2896", "CVE-2014-0100", "CVE-2014-1737", "CVE-2013-6378", "CVE-2014-1874", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2014-1738", "CVE-2014-2568", "CVE-2013-1059", "CVE-2014-3145", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2014-3917", "CVE-2013-2232", "CVE-2014-2851", "CVE-2014-2309", "CVE-2014-2678", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4563", "CVE-2013-4579", "CVE-2014-3144", "CVE-2014-0102", "CVE-2013-6405", "CVE-2013-2899", "CVE-2014-3153", "CVE-2014-2580", "CVE-2013-4125", "CVE-2013-6367", "CVE-2014-0049", "CVE-2013-4387", "CVE-2013-6376", "CVE-2014-0055", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2014-0077", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2014-2523", "CVE-2013-2888", "CVE-2014-0101", "CVE-2014-0069", "CVE-2013-2889", "CVE-2013-2893"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-06-17T00:00:00", "id": "OPENVAS:1361412562310867857", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867857", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-7320", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-7320\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867857\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-17 09:45:41 +0530 (Tue, 17 Jun 2014)\");\n script_cve_id(\"CVE-2014-3153\", \"CVE-2014-3940\", \"CVE-2014-3917\", \"CVE-2014-3144\",\n \"CVE-2014-3145\", \"CVE-2014-1738\", \"CVE-2014-1737\", \"CVE-2014-3122\",\n \"CVE-2014-2851\", \"CVE-2014-0155\", \"CVE-2014-2678\", \"CVE-2014-2580\",\n \"CVE-2014-0077\", \"CVE-2014-0055\", \"CVE-2014-2568\", \"CVE-2014-0131\",\n \"CVE-2014-2523\", \"CVE-2014-2309\", \"CVE-2014-0100\", \"CVE-2014-0101\",\n \"CVE-2014-0049\", \"CVE-2014-0102\", \"CVE-2014-2039\", \"CVE-2014-0069\",\n \"CVE-2014-1874\", \"CVE-2014-1446\", \"CVE-2014-1438\", \"CVE-2013-4579\",\n \"CVE-2013-4587\", \"CVE-2013-6376\", \"CVE-2013-6368\", \"CVE-2013-6367\",\n \"CVE-2013-6405\", \"CVE-2013-6382\", \"CVE-2013-6380\", \"CVE-2013-6378\",\n \"CVE-2013-4563\", \"CVE-2013-4348\", \"CVE-2013-4470\", \"CVE-2013-4387\",\n \"CVE-2013-4345\", \"CVE-2013-4350\", \"CVE-2013-4343\", \"CVE-2013-2888\",\n \"CVE-2013-2889\", \"CVE-2013-2891\", \"CVE-2013-2892\", \"CVE-2013-2893\",\n \"CVE-2013-2894\", \"CVE-2013-2895\", \"CVE-2013-2896\", \"CVE-2013-2897\",\n \"CVE-2013-2899\", \"CVE-2013-0343\", \"CVE-2013-4254\", \"CVE-2013-4125\",\n \"CVE-2013-2232\", \"CVE-2013-1059\", \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-7320\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-7320\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-June/134404.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.14.7~100.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:48:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2013-2896", "CVE-2013-6378", "CVE-2014-1874", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2013-1059", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-6405", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-6367", "CVE-2013-4387", "CVE-2013-6376", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2013-2888", "CVE-2014-0069", "CVE-2013-2889", "CVE-2013-2893"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2014-03-04T00:00:00", "id": "OPENVAS:867546", "href": "http://plugins.openvas.org/nasl.php?oid=867546", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-2887", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-2887\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867546);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-04 10:32:46 +0530 (Tue, 04 Mar 2014)\");\n script_cve_id(\"CVE-2014-2039\", \"CVE-2014-0069\", \"CVE-2014-1874\", \"CVE-2014-1446\",\n \"CVE-2014-1438\", \"CVE-2013-4579\", \"CVE-2013-4587\", \"CVE-2013-6376\",\n \"CVE-2013-6368\", \"CVE-2013-6367\", \"CVE-2013-6405\", \"CVE-2013-6382\",\n \"CVE-2013-6380\", \"CVE-2013-6378\", \"CVE-2013-4563\", \"CVE-2013-4348\",\n \"CVE-2013-4470\", \"CVE-2013-4387\", \"CVE-2013-4345\", \"CVE-2013-4350\",\n \"CVE-2013-4343\", \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2891\",\n \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2894\", \"CVE-2013-2895\",\n \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-0343\",\n \"CVE-2013-4254\", \"CVE-2013-4125\", \"CVE-2013-2232\", \"CVE-2013-1059\",\n \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-2887\");\n\n tag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\nLinux operating system. The kernel handles the basic functions\nof the operating system: memory allocation, process allocation, device\ninput and output, etc.\n\";\n\n tag_affected = \"kernel on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-2887\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-March/129241.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.13.5~101.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2013-2896", "CVE-2013-6378", "CVE-2014-1874", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2013-1059", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-6405", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-6367", "CVE-2013-4387", "CVE-2013-6376", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2013-2888", "CVE-2014-0069", "CVE-2013-2889", "CVE-2013-2893"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-03-04T00:00:00", "id": "OPENVAS:1361412562310867546", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867546", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-2887", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-2887\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867546\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-04 10:32:46 +0530 (Tue, 04 Mar 2014)\");\n script_cve_id(\"CVE-2014-2039\", \"CVE-2014-0069\", \"CVE-2014-1874\", \"CVE-2014-1446\",\n \"CVE-2014-1438\", \"CVE-2013-4579\", \"CVE-2013-4587\", \"CVE-2013-6376\",\n \"CVE-2013-6368\", \"CVE-2013-6367\", \"CVE-2013-6405\", \"CVE-2013-6382\",\n \"CVE-2013-6380\", \"CVE-2013-6378\", \"CVE-2013-4563\", \"CVE-2013-4348\",\n \"CVE-2013-4470\", \"CVE-2013-4387\", \"CVE-2013-4345\", \"CVE-2013-4350\",\n \"CVE-2013-4343\", \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2891\",\n \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2894\", \"CVE-2013-2895\",\n \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-0343\",\n \"CVE-2013-4254\", \"CVE-2013-4125\", \"CVE-2013-2232\", \"CVE-2013-1059\",\n \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-2887\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-2887\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-March/129241.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.13.5~101.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2013-2896", "CVE-2013-6378", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2013-1059", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2013-6382", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-6405", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-6367", "CVE-2013-4387", "CVE-2013-6376", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2893"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-01-20T00:00:00", "id": "OPENVAS:1361412562310867240", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867240", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-1072", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-1072\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867240\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-20 09:48:03 +0530 (Mon, 20 Jan 2014)\");\n script_cve_id(\"CVE-2014-1446\", \"CVE-2014-1438\", \"CVE-2013-4579\", \"CVE-2013-4587\",\n \"CVE-2013-6376\", \"CVE-2013-6368\", \"CVE-2013-6367\", \"CVE-2013-6405\",\n \"CVE-2013-6382\", \"CVE-2013-6380\", \"CVE-2013-6378\", \"CVE-2013-4563\",\n \"CVE-2013-4348\", \"CVE-2013-4470\", \"CVE-2013-4387\", \"CVE-2013-4345\",\n \"CVE-2013-4350\", \"CVE-2013-4343\", \"CVE-2013-2888\", \"CVE-2013-2889\",\n \"CVE-2013-2891\", \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2894\",\n \"CVE-2013-2895\", \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\",\n \"CVE-2013-0343\", \"CVE-2013-4254\", \"CVE-2013-4125\", \"CVE-2013-2232\",\n \"CVE-2013-1059\", \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-1072\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-1072\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.12.8~200.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2017-07-25T10:48:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2013-2896", "CVE-2013-6378", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2013-1059", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2013-6382", "CVE-2013-4563", "CVE-2013-4579", "CVE-2013-6405", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-6367", "CVE-2013-4387", "CVE-2013-6376", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2893"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2014-01-20T00:00:00", "id": "OPENVAS:867240", "href": "http://plugins.openvas.org/nasl.php?oid=867240", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-1072", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-1072\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867240);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-20 09:48:03 +0530 (Mon, 20 Jan 2014)\");\n script_cve_id(\"CVE-2014-1446\", \"CVE-2014-1438\", \"CVE-2013-4579\", \"CVE-2013-4587\",\n \"CVE-2013-6376\", \"CVE-2013-6368\", \"CVE-2013-6367\", \"CVE-2013-6405\",\n \"CVE-2013-6382\", \"CVE-2013-6380\", \"CVE-2013-6378\", \"CVE-2013-4563\",\n \"CVE-2013-4348\", \"CVE-2013-4470\", \"CVE-2013-4387\", \"CVE-2013-4345\",\n \"CVE-2013-4350\", \"CVE-2013-4343\", \"CVE-2013-2888\", \"CVE-2013-2889\",\n \"CVE-2013-2891\", \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2894\",\n \"CVE-2013-2895\", \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\",\n \"CVE-2013-0343\", \"CVE-2013-4254\", \"CVE-2013-4125\", \"CVE-2013-2232\",\n \"CVE-2013-1059\", \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-1072\");\n\n tag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\nLinux operating system. The kernel handles the basic functions\nof the operating system: memory allocation, process allocation, device\ninput and output, etc.\n\";\n\n tag_affected = \"kernel on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-1072\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/126858.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.12.8~200.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2014-0131", "CVE-2013-2896", "CVE-2014-0100", "CVE-2013-6378", "CVE-2014-1874", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2013-1059", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2014-2309", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4563", "CVE-2013-4579", "CVE-2014-0102", "CVE-2013-6405", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-6367", "CVE-2014-0049", "CVE-2013-4387", "CVE-2013-6376", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2014-2523", "CVE-2013-2888", "CVE-2014-0101", "CVE-2014-0069", "CVE-2013-2889", "CVE-2013-2893"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-04-03T00:00:00", "id": "OPENVAS:1361412562310867651", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867651", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-4360", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-4360\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867651\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-03 10:08:26 +0530 (Thu, 03 Apr 2014)\");\n script_cve_id(\"CVE-2014-0131\", \"CVE-2014-2523\", \"CVE-2014-2309\", \"CVE-2014-0100\",\n \"CVE-2014-0101\", \"CVE-2014-0049\", \"CVE-2014-0102\", \"CVE-2014-2039\",\n \"CVE-2014-0069\", \"CVE-2014-1874\", \"CVE-2014-1446\", \"CVE-2014-1438\",\n \"CVE-2013-4579\", \"CVE-2013-4587\", \"CVE-2013-6376\", \"CVE-2013-6368\",\n \"CVE-2013-6367\", \"CVE-2013-6405\", \"CVE-2013-6382\", \"CVE-2013-6380\",\n \"CVE-2013-6378\", \"CVE-2013-4563\", \"CVE-2013-4348\", \"CVE-2013-4470\",\n \"CVE-2013-4387\", \"CVE-2013-4345\", \"CVE-2013-4350\", \"CVE-2013-4343\",\n \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2891\", \"CVE-2013-2892\",\n \"CVE-2013-2893\", \"CVE-2013-2894\", \"CVE-2013-2895\", \"CVE-2013-2896\",\n \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-0343\", \"CVE-2013-4254\",\n \"CVE-2013-4125\", \"CVE-2013-2232\", \"CVE-2013-1059\", \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-4360\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-4360\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-March/130710.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.13.7~100.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:49:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2014-0131", "CVE-2013-2896", "CVE-2014-0100", "CVE-2013-6378", "CVE-2014-1874", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2013-1059", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2014-2309", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4563", "CVE-2013-4579", "CVE-2014-0102", "CVE-2013-6405", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-6367", "CVE-2014-0049", "CVE-2013-4387", "CVE-2013-6376", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2014-2523", "CVE-2013-2888", "CVE-2014-0101", "CVE-2014-0069", "CVE-2013-2889", "CVE-2013-2893"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2014-04-03T00:00:00", "id": "OPENVAS:867651", "href": "http://plugins.openvas.org/nasl.php?oid=867651", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-4360", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-4360\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867651);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-03 10:08:26 +0530 (Thu, 03 Apr 2014)\");\n script_cve_id(\"CVE-2014-0131\", \"CVE-2014-2523\", \"CVE-2014-2309\", \"CVE-2014-0100\",\n \"CVE-2014-0101\", \"CVE-2014-0049\", \"CVE-2014-0102\", \"CVE-2014-2039\",\n \"CVE-2014-0069\", \"CVE-2014-1874\", \"CVE-2014-1446\", \"CVE-2014-1438\",\n \"CVE-2013-4579\", \"CVE-2013-4587\", \"CVE-2013-6376\", \"CVE-2013-6368\",\n \"CVE-2013-6367\", \"CVE-2013-6405\", \"CVE-2013-6382\", \"CVE-2013-6380\",\n \"CVE-2013-6378\", \"CVE-2013-4563\", \"CVE-2013-4348\", \"CVE-2013-4470\",\n \"CVE-2013-4387\", \"CVE-2013-4345\", \"CVE-2013-4350\", \"CVE-2013-4343\",\n \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2891\", \"CVE-2013-2892\",\n \"CVE-2013-2893\", \"CVE-2013-2894\", \"CVE-2013-2895\", \"CVE-2013-2896\",\n \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-0343\", \"CVE-2013-4254\",\n \"CVE-2013-4125\", \"CVE-2013-2232\", \"CVE-2013-1059\", \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-4360\");\n\n tag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\nLinux operating system. The kernel handles the basic functions\nof the operating system: memory allocation, process allocation, device\ninput and output, etc.\n\";\n\n tag_affected = \"kernel on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4360\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-March/130710.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.13.7~100.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2014-0131", "CVE-2013-2896", "CVE-2014-0100", "CVE-2013-6378", "CVE-2014-1874", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2014-2568", "CVE-2013-1059", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2014-2309", "CVE-2014-2678", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4563", "CVE-2013-4579", "CVE-2014-0102", "CVE-2013-6405", "CVE-2013-2899", "CVE-2014-2580", "CVE-2013-4125", "CVE-2013-6367", "CVE-2014-0049", "CVE-2013-4387", "CVE-2013-6376", "CVE-2014-0055", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2014-0077", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2014-2523", "CVE-2013-2888", "CVE-2014-0101", "CVE-2014-0069", "CVE-2013-2889", "CVE-2013-2893"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-04-10T00:00:00", "id": "OPENVAS:1361412562310867682", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867682", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-4849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-4849\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867682\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:22:25 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-2580\", \"CVE-2014-0077\", \"CVE-2014-0055\",\n \"CVE-2014-2568\", \"CVE-2014-0131\", \"CVE-2014-2523\", \"CVE-2014-2309\",\n \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-0049\", \"CVE-2014-0102\",\n \"CVE-2014-2039\", \"CVE-2014-0069\", \"CVE-2014-1874\", \"CVE-2014-1446\",\n \"CVE-2014-1438\", \"CVE-2013-4579\", \"CVE-2013-4587\", \"CVE-2013-6376\",\n \"CVE-2013-6368\", \"CVE-2013-6367\", \"CVE-2013-6405\", \"CVE-2013-6382\",\n \"CVE-2013-6380\", \"CVE-2013-6378\", \"CVE-2013-4563\", \"CVE-2013-4348\",\n \"CVE-2013-4470\", \"CVE-2013-4387\", \"CVE-2013-4345\", \"CVE-2013-4350\",\n \"CVE-2013-4343\", \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2891\",\n \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2894\", \"CVE-2013-2895\",\n \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-0343\",\n \"CVE-2013-4254\", \"CVE-2013-4125\", \"CVE-2013-2232\", \"CVE-2013-1059\",\n \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-4849\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-4849\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131224.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.13.9~100.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:48:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2014-0131", "CVE-2013-2896", "CVE-2014-0100", "CVE-2013-6378", "CVE-2014-1874", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2014-2568", "CVE-2013-1059", "CVE-2014-1446", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2014-2309", "CVE-2014-2678", "CVE-2013-6382", "CVE-2014-2039", "CVE-2013-4563", "CVE-2013-4579", "CVE-2014-0102", "CVE-2013-6405", "CVE-2013-2899", "CVE-2014-2580", "CVE-2013-4125", "CVE-2013-6367", "CVE-2014-0049", "CVE-2013-4387", "CVE-2013-6376", "CVE-2014-0055", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2014-1438", "CVE-2014-0077", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2014-2523", "CVE-2013-2888", "CVE-2014-0101", "CVE-2014-0069", "CVE-2013-2889", "CVE-2013-2893"], "description": "Check for the Version of kernel", "modified": "2017-07-10T00:00:00", "published": "2014-04-10T00:00:00", "id": "OPENVAS:867682", "href": "http://plugins.openvas.org/nasl.php?oid=867682", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2014-4849", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2014-4849\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867682);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-04-10 13:22:25 +0530 (Thu, 10 Apr 2014)\");\n script_cve_id(\"CVE-2014-2678\", \"CVE-2014-2580\", \"CVE-2014-0077\", \"CVE-2014-0055\",\n \"CVE-2014-2568\", \"CVE-2014-0131\", \"CVE-2014-2523\", \"CVE-2014-2309\",\n \"CVE-2014-0100\", \"CVE-2014-0101\", \"CVE-2014-0049\", \"CVE-2014-0102\",\n \"CVE-2014-2039\", \"CVE-2014-0069\", \"CVE-2014-1874\", \"CVE-2014-1446\",\n \"CVE-2014-1438\", \"CVE-2013-4579\", \"CVE-2013-4587\", \"CVE-2013-6376\",\n \"CVE-2013-6368\", \"CVE-2013-6367\", \"CVE-2013-6405\", \"CVE-2013-6382\",\n \"CVE-2013-6380\", \"CVE-2013-6378\", \"CVE-2013-4563\", \"CVE-2013-4348\",\n \"CVE-2013-4470\", \"CVE-2013-4387\", \"CVE-2013-4345\", \"CVE-2013-4350\",\n \"CVE-2013-4343\", \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2891\",\n \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2894\", \"CVE-2013-2895\",\n \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-0343\",\n \"CVE-2013-4254\", \"CVE-2013-4125\", \"CVE-2013-2232\", \"CVE-2013-1059\",\n \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2014-4849\");\n\n tag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\nLinux operating system. The kernel handles the basic functions\nof the operating system: memory allocation, process allocation, device\ninput and output, etc.\n\";\n\n tag_affected = \"kernel on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-4849\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131224.html\");\n script_summary(\"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.13.9~100.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2234", "CVE-2013-4345", "CVE-2013-2894", "CVE-2013-2896", "CVE-2013-6378", "CVE-2013-2891", "CVE-2013-4254", "CVE-2013-2892", "CVE-2013-1059", "CVE-2013-2897", "CVE-2013-6368", "CVE-2013-2232", "CVE-2013-6382", "CVE-2013-4563", "CVE-2013-6405", "CVE-2013-2899", "CVE-2013-4125", "CVE-2013-6367", "CVE-2013-4387", "CVE-2013-6376", "CVE-2013-4350", "CVE-2013-6380", "CVE-2013-0343", "CVE-2013-4587", "CVE-2013-2895", "CVE-2013-4348", "CVE-2013-4470", "CVE-2013-4343", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2893"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2013-12-23T00:00:00", "id": "OPENVAS:1361412562310867183", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867183", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2013-23653", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2013-23653\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867183\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-23 11:13:59 +0530 (Mon, 23 Dec 2013)\");\n script_cve_id(\"CVE-2013-4587\", \"CVE-2013-6376\", \"CVE-2013-6368\", \"CVE-2013-6367\",\n \"CVE-2013-6405\", \"CVE-2013-6382\", \"CVE-2013-6380\", \"CVE-2013-6378\",\n \"CVE-2013-4563\", \"CVE-2013-4348\", \"CVE-2013-4470\", \"CVE-2013-4387\",\n \"CVE-2013-4345\", \"CVE-2013-4350\", \"CVE-2013-4343\", \"CVE-2013-2888\",\n \"CVE-2013-2889\", \"CVE-2013-2891\", \"CVE-2013-2892\", \"CVE-2013-2893\",\n \"CVE-2013-2894\", \"CVE-2013-2895\", \"CVE-2013-2896\", \"CVE-2013-2897\",\n \"CVE-2013-2899\", \"CVE-2013-0343\", \"CVE-2013-4254\", \"CVE-2013-4125\",\n \"CVE-2013-2232\", \"CVE-2013-1059\", \"CVE-2013-2234\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_name(\"Fedora Update for kernel FEDORA-2013-23653\");\n\n\n script_tag(name:\"affected\", value:\"kernel on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-23653\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124751.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.12.5~200.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-02-01T07:17:42", "description": "An information leak was discovered in the handling of ICMPv6 Router\nAdvertisement (RA) messages in the Linux kernel's IPv6 network stack.\nA remote attacker could exploit this flaw to cause a denial of service\n(excessive retries and address-generation outage), and consequently\nobtain sensitive information. (CVE-2013-0343)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel. A physically proximate attacker could\nexploit this flaw to execute arbitrary code or cause a denial of\nservice (heap memory corruption) via a specially crafted device that\nprovides an invalid Report ID. (CVE-2013-2888)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate\nattacker could leverage this flaw to cause a denial of service via a\nspecially crafted device. (CVE-2013-2889)\n\nKees Cook discovered a flaw in the Human Interface Device (HID)\nsubsystem of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled.\nA physically proximate attacker could cause a denial of service (heap\nout-of-bounds write) via a specially crafted device. (CVE-2013-2892)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially\nproximate attacker can leverage this flaw to cause a denial of service\nvias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled.\nA physically proximate attacker could cause a denial of service (OOPS)\nor obtain sensitive information from kernel memory via a specially\ncrafted device. (CVE-2013-2895)\n\nKees Cook discovered a vulnerability in the Linux Kernel's Human\nInterface Device (HID) subsystem's support for N-Trig touch screens. A\nphysically proximate attacker could exploit this flaw to cause a\ndenial of service (OOPS) via a specially crafted device.\n(CVE-2013-2896)\n\nKees Cook discovered yet another flaw in the Human Interface Device\n(HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is\nenabled. A physically proximate attacker could leverage this flaw to\ncause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nKees Cook discovered a flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel whe CONFIG_HID_PICOLCD is enabled. A\nphysically proximate attacker could exploit this flaw to cause a\ndenial of service (OOPS) via a specially crafted device.\n(CVE-2013-2899)\n\nAlan Chester reported a flaw in the IPv6 Stream Control Transmission\nProtocol (SCTP) of the Linux kernel. A remote attacker could exploit\nthis flaw to obtain sensitive information by sniffing network traffic.\n(CVE-2013-4350)\n\nDmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6\nUDP Fragmentation Offload (UFO) processing. A remote attacker could\nleverage this flaw to cause a denial of service (system crash).\n(CVE-2013-4387).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2013-11-09T00:00:00", "title": "Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2019-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2896", "CVE-2013-2892", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4387", "CVE-2013-4350", "CVE-2013-0343", "CVE-2013-2895", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2893"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2019-1.NASL", "href": "https://www.tenable.com/plugins/nessus/70802", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2019-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70802);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2895\", \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-4350\", \"CVE-2013-4387\");\n script_xref(name:\"USN\", value:\"2019-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-quantal vulnerabilities (USN-2019-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in the handling of ICMPv6 Router\nAdvertisement (RA) messages in the Linux kernel's IPv6 network stack.\nA remote attacker could exploit this flaw to cause a denial of service\n(excessive retries and address-generation outage), and consequently\nobtain sensitive information. (CVE-2013-0343)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel. A physically proximate attacker could\nexploit this flaw to execute arbitrary code or cause a denial of\nservice (heap memory corruption) via a specially crafted device that\nprovides an invalid Report ID. (CVE-2013-2888)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate\nattacker could leverage this flaw to cause a denial of service via a\nspecially crafted device. (CVE-2013-2889)\n\nKees Cook discovered a flaw in the Human Interface Device (HID)\nsubsystem of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled.\nA physically proximate attacker could cause a denial of service (heap\nout-of-bounds write) via a specially crafted device. (CVE-2013-2892)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially\nproximate attacker can leverage this flaw to cause a denial of service\nvias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled.\nA physically proximate attacker could cause a denial of service (OOPS)\nor obtain sensitive information from kernel memory via a specially\ncrafted device. (CVE-2013-2895)\n\nKees Cook discovered a vulnerability in the Linux Kernel's Human\nInterface Device (HID) subsystem's support for N-Trig touch screens. A\nphysically proximate attacker could exploit this flaw to cause a\ndenial of service (OOPS) via a specially crafted device.\n(CVE-2013-2896)\n\nKees Cook discovered yet another flaw in the Human Interface Device\n(HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is\nenabled. A physically proximate attacker could leverage this flaw to\ncause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nKees Cook discovered a flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel whe CONFIG_HID_PICOLCD is enabled. A\nphysically proximate attacker could exploit this flaw to cause a\ndenial of service (OOPS) via a specially crafted device.\n(CVE-2013-2899)\n\nAlan Chester reported a flaw in the IPv6 Stream Control Transmission\nProtocol (SCTP) of the Linux kernel. A remote attacker could exploit\nthis flaw to obtain sensitive information by sniffing network traffic.\n(CVE-2013-4350)\n\nDmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6\nUDP Fragmentation Offload (UFO) processing. A remote attacker could\nleverage this flaw to cause a denial of service (system crash).\n(CVE-2013-4387).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2019-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected linux-image-3.5-generic package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-0343\", \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2895\", \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-4350\", \"CVE-2013-4387\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2019-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.5.0-43-generic\", pkgver:\"3.5.0-43.66~precise1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic\");\n}\n", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T07:17:43", "description": "An information leak was discovered in the handling of ICMPv6 Router\nAdvertisement (RA) messages in the Linux kernel's IPv6 network stack.\nA remote attacker could exploit this flaw to cause a denial of service\n(excessive retries and address-generation outage), and consequently\nobtain sensitive information. (CVE-2013-0343)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel. A physically proximate attacker could\nexploit this flaw to execute arbitrary code or cause a denial of\nservice (heap memory corruption) via a specially crafted device that\nprovides an invalid Report ID. (CVE-2013-2888)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate\nattacker could leverage this flaw to cause a denial of service via a\nspecially crafted device. (CVE-2013-2889)\n\nKees Cook discovered a flaw in the Human Interface Device (HID)\nsubsystem of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled.\nA physically proximate attacker could cause a denial of service (heap\nout-of-bounds write) via a specially crafted device. (CVE-2013-2892)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially\nproximate attacker can leverage this flaw to cause a denial of service\nvias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled.\nA physically proximate attacker could cause a denial of service (OOPS)\nor obtain sensitive information from kernel memory via a specially\ncrafted device. (CVE-2013-2895)\n\nKees Cook discovered a vulnerability in the Linux Kernel's Human\nInterface Device (HID) subsystem's support for N-Trig touch screens. A\nphysically proximate attacker could exploit this flaw to cause a\ndenial of service (OOPS) via a specially crafted device.\n(CVE-2013-2896)\n\nKees Cook discovered yet another flaw in the Human Interface Device\n(HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is\nenabled. A physically proximate attacker could leverage this flaw to\ncause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nKees Cook discovered a flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel whe CONFIG_HID_PICOLCD is enabled. A\nphysically proximate attacker could exploit this flaw to cause a\ndenial of service (OOPS) via a specially crafted device.\n(CVE-2013-2899)\n\nAlan Chester reported a flaw in the IPv6 Stream Control Transmission\nProtocol (SCTP) of the Linux kernel. A remote attacker could exploit\nthis flaw to obtain sensitive information by sniffing network traffic.\n(CVE-2013-4350)\n\nDmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6\nUDP Fragmentation Offload (UFO) processing. A remote attacker could\nleverage this flaw to cause a denial of service (system crash).\n(CVE-2013-4387).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 27, "published": "2013-11-09T00:00:00", "title": "Ubuntu 12.10 : linux vulnerabilities (USN-2021-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2013-2896", "CVE-2013-2892", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4387", "CVE-2013-4350", "CVE-2013-0343", "CVE-2013-2895", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2893"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank", "cpe:/o:canonical:ubuntu_linux:12.10", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic"], "id": "UBUNTU_USN-2021-1.NASL", "href": "https://www.tenable.com/plugins/nessus/70804", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2021-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(70804);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-0343\", \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2895\", \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-4350\", \"CVE-2013-4387\");\n script_xref(name:\"USN\", value:\"2021-1\");\n\n script_name(english:\"Ubuntu 12.10 : linux vulnerabilities (USN-2021-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An information leak was discovered in the handling of ICMPv6 Router\nAdvertisement (RA) messages in the Linux kernel's IPv6 network stack.\nA remote attacker could exploit this flaw to cause a denial of service\n(excessive retries and address-generation outage), and consequently\nobtain sensitive information. (CVE-2013-0343)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel. A physically proximate attacker could\nexploit this flaw to execute arbitrary code or cause a denial of\nservice (heap memory corruption) via a specially crafted device that\nprovides an invalid Report ID. (CVE-2013-2888)\n\nKees Cook discovered flaw in the Human Interface Device (HID)\nsubsystem when CONFIG_HID_ZEROPLUS is enabled. A physically proximate\nattacker could leverage this flaw to cause a denial of service via a\nspecially crafted device. (CVE-2013-2889)\n\nKees Cook discovered a flaw in the Human Interface Device (HID)\nsubsystem of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled.\nA physically proximate attacker could cause a denial of service (heap\nout-of-bounds write) via a specially crafted device. (CVE-2013-2892)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF,\nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially\nproximate attacker can leverage this flaw to cause a denial of service\nvias a specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered another flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled.\nA physically proximate attacker could cause a denial of service (OOPS)\nor obtain sensitive information from kernel memory via a specially\ncrafted device. (CVE-2013-2895)\n\nKees Cook discovered a vulnerability in the Linux Kernel's Human\nInterface Device (HID) subsystem's support for N-Trig touch screens. A\nphysically proximate attacker could exploit this flaw to cause a\ndenial of service (OOPS) via a specially crafted device.\n(CVE-2013-2896)\n\nKees Cook discovered yet another flaw in the Human Interface Device\n(HID) subsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is\nenabled. A physically proximate attacker could leverage this flaw to\ncause a denial of service (OOPS) via a specially crafted device.\n(CVE-2013-2897)\n\nKees Cook discovered a flaw in the Human Interface Device (HID)\nsubsystem of the Linux kernel whe CONFIG_HID_PICOLCD is enabled. A\nphysically proximate attacker could exploit this flaw to cause a\ndenial of service (OOPS) via a specially crafted device.\n(CVE-2013-2899)\n\nAlan Chester reported a flaw in the IPv6 Stream Control Transmission\nProtocol (SCTP) of the Linux kernel. A remote attacker could exploit\nthis flaw to obtain sensitive information by sniffing network traffic.\n(CVE-2013-4350)\n\nDmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6\nUDP Fragmentation Offload (UFO) processing. A remote attacker could\nleverage this flaw to cause a denial of service (system crash).\n(CVE-2013-4387).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2021-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-3.5-generic and / or\nlinux-image-3.5-highbank packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.5-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/11/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2013-0343\", \"CVE-2013-2888\", \"CVE-2013-2889\", \"CVE-2013-2892\", \"CVE-2013-2893\", \"CVE-2013-2895\", \"CVE-2013-2896\", \"CVE-2013-2897\", \"CVE-2013-2899\", \"CVE-2013-4350\", \"CVE-2013-4387\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2021-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-43-generic\", pkgver:\"3.5.0-43.66\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"linux-image-3.5.0-43-highbank\", pkgver:\"3.5.0-43.66\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.5-generic / linux-image-3.5-highbank\");\n}\n", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:33:08", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2896", "CVE-2013-2892", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4387", "CVE-2013-4350", "CVE-2013-0343", "CVE-2013-2895", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2893"], "description": "An information leak was discovered in the handling of ICMPv6 Router \nAdvertisement (RA) messages in the Linux kernel's IPv6 network stack. A \nremote attacker could exploit this flaw to cause a denial of service \n(excessive retries and address-generation outage), and consequently obtain \nsensitive information. (CVE-2013-0343)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem of \nthe Linux kernel. A physically proximate attacker could exploit this flaw \nto execute arbitrary code or cause a denial of service (heap memory \ncorruption) via a specially crafted device that provides an invalid Report \nID. (CVE-2013-2888)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem \nwhen CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could \nleverage this flaw to cause a denial of service via a specially crafted \ndevice. (CVE-2013-2889)\n\nKees Cook discovered a flaw in the Human Interface Device (HID) subsystem \nof the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled. A physically \nproximate attacker could cause a denial of service (heap out-of-bounds \nwrite) via a specially crafted device. (CVE-2013-2892)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, \nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially \nproximate attacker can leverage this flaw to cause a denial of service vias \na specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled. A \nphysically proximate attacker could cause a denial of service (OOPS) or \nobtain sensitive information from kernel memory via a specially crafted \ndevice. (CVE-2013-2895)\n\nKees Cook discovered a vulnerability in the Linux Kernel's Human Interface \nDevice (HID) subsystem's support for N-Trig touch screens. A physically \nproximate attacker could exploit this flaw to cause a denial of service \n(OOPS) via a specially crafted device. (CVE-2013-2896)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A \nphysically proximate attacker could leverage this flaw to cause a denial of \nservice (OOPS) via a specially crafted device. (CVE-2013-2897)\n\nKees Cook discovered a flaw in the Human Interface Device (HID) subsystem \nof the Linux kernel whe CONFIG_HID_PICOLCD is enabled. A physically \nproximate attacker could exploit this flaw to cause a denial of service \n(OOPS) via a specially crafted device. (CVE-2013-2899)\n\nAlan Chester reported a flaw in the IPv6 Stream Control Transmission \nProtocol (SCTP) of the Linux kernel. A remote attacker could exploit this \nflaw to obtain sensitive information by sniffing network traffic. \n(CVE-2013-4350)\n\nDmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6 UDP \nFragmentation Offload (UFO) processing. A remote attacker could leverage \nthis flaw to cause a denial of service (system crash). (CVE-2013-4387)", "edition": 5, "modified": "2013-11-08T00:00:00", "published": "2013-11-08T00:00:00", "id": "USN-2021-1", "href": "https://ubuntu.com/security/notices/USN-2021-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:36:32", "bulletinFamily": "unix", "cvelist": ["CVE-2013-2896", "CVE-2013-2892", "CVE-2013-2897", "CVE-2013-2899", "CVE-2013-4387", "CVE-2013-4350", "CVE-2013-0343", "CVE-2013-2895", "CVE-2013-2888", "CVE-2013-2889", "CVE-2013-2893"], "description": "An information leak was discovered in the handling of ICMPv6 Router \nAdvertisement (RA) messages in the Linux kernel's IPv6 network stack. A \nremote attacker could exploit this flaw to cause a denial of service \n(excessive retries and address-generation outage), and consequently obtain \nsensitive information. (CVE-2013-0343)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem of \nthe Linux kernel. A physically proximate attacker could exploit this flaw \nto execute arbitrary code or cause a denial of service (heap memory \ncorruption) via a specially crafted device that provides an invalid Report \nID. (CVE-2013-2888)\n\nKees Cook discovered flaw in the Human Interface Device (HID) subsystem \nwhen CONFIG_HID_ZEROPLUS is enabled. A physically proximate attacker could \nleverage this flaw to cause a denial of service via a specially crafted \ndevice. (CVE-2013-2889)\n\nKees Cook discovered a flaw in the Human Interface Device (HID) subsystem \nof the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled. A physically \nproximate attacker could cause a denial of service (heap out-of-bounds \nwrite) via a specially crafted device. (CVE-2013-2892)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when any of CONFIG_LOGITECH_FF, \nCONFIG_LOGIG940_FF, or CONFIG_LOGIWHEELS_FF are enabled. A physcially \nproximate attacker can leverage this flaw to cause a denial of service vias \na specially crafted device. (CVE-2013-2893)\n\nKees Cook discovered another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when CONFIG_HID_LOGITECH_DJ is enabled. A \nphysically proximate attacker could cause a denial of service (OOPS) or \nobtain sensitive information from kernel memory via a specially crafted \ndevice. (CVE-2013-2895)\n\nKees Cook discovered a vulnerability in the Linux Kernel's Human Interface \nDevice (HID) subsystem's support for N-Trig touch screens. A physically \nproximate attacker could exploit this flaw to cause a denial of service \n(OOPS) via a specially crafted device. (CVE-2013-2896)\n\nKees Cook discovered yet another flaw in the Human Interface Device (HID) \nsubsystem of the Linux kernel when CONFIG_HID_MULTITOUCH is enabled. A \nphysically proximate attacker could leverage this flaw to cause a denial of \nservice (OOPS) via a specially crafted device. (CVE-2013-2897)\n\nKees Cook discovered a flaw in the Human Interface Device (HID) subsystem \nof the Linux kernel whe CONFIG_HID_PICOLCD is enabled. A physically \nproximate attacker could exploit this flaw to cause a denial of service \n(OOPS) via a specially crafted device. (CVE-2013-2899)\n\nAlan Chester reported a flaw in the IPv6 Stream Control Transmission \nProtocol (SCTP) of the Linux kernel. A remote attacker could exploit this \nflaw to obtain sensitive information by sniffing network traffic. \n(CVE-2013-4350)\n\nDmitry Vyukov reported a flaw in the Linux kernel's handling of IPv6 UDP \nFragmentation Offload (UFO) processing. A remote attacker could leverage \nthis flaw to cause a denial of service (system crash). (CVE-2013-4387)", "edition": 5, "modified": "2013-11-08T00:00:00", "published": "2013-11-08T00:00:00", "id": "USN-2022-1", "href": "https://ubuntu.com/security/notices/USN-2022-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}]}