{"id": "OPENVAS:1361412562310872293", "bulletinFamily": "scanner", "title": "Fedora Update for kernel FEDORA-2017-e6012e74b6", "description": "Check the version of kernel", "published": "2017-01-24T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872293", "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "references": ["2017-e6012e74b6", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E"], "cvelist": ["CVE-2017-2583"], "type": "openvas", "lastseen": "2018-09-01T23:44:15", "history": [{"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2017-2583"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Check the version of kernel", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "a58befabaece428115a2a289c7ddd434d51e9f5a09cc3590ea4d3b0c4f29f91b", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "035982e88d94ddba60eadc6b538bf968", "key": "pluginID"}, {"hash": "13b8d2a524b964854209481fef41bf1e", "key": "href"}, {"hash": "70dcb71514eaeee72a0da0a6587afbc4", "key": "title"}, {"hash": "fd584abae6a960e09ce8a23bab1ea2b2", "key": "references"}, {"hash": "11f7c513624d71e37f73710e87660a12", "key": "sourceData"}, {"hash": "e7abf60a84a5ac895309f72a03411643", "key": "description"}, {"hash": "d96a6d49b4046e481d5c996d74c702d2", "key": "published"}, {"hash": "b22c2eef85d6da3d8ab303390b3e55b3", "key": "cvelist"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "0d134bf170d66438eb1e01173ee0187f", "key": "modified"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872293", "id": "OPENVAS:1361412562310872293", "lastseen": "2018-08-30T19:20:11", "modified": "2017-07-10T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310872293", "published": "2017-01-24T00:00:00", "references": ["2017-e6012e74b6", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-e6012e74b6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872293\");\n script_version(\"$Revision: 6634 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 09:32:24 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:37 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2017-2583\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-e6012e74b6\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel meta package\");\n script_tag(name: \"affected\", value: \"kernel on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2017-e6012e74b6\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.5~200.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for kernel FEDORA-2017-e6012e74b6", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T19:20:11"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2017-2583"], "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check the version of kernel", "edition": 1, "enchantments": {}, "hash": "f14854ef2cc276ca46999c286beb6c6fc0a9b2d152d7415efed48ae84b5cebc0", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "035982e88d94ddba60eadc6b538bf968", "key": "pluginID"}, {"hash": "13b8d2a524b964854209481fef41bf1e", "key": "href"}, {"hash": "70dcb71514eaeee72a0da0a6587afbc4", "key": "title"}, {"hash": "fd584abae6a960e09ce8a23bab1ea2b2", "key": "references"}, {"hash": "f48b2af0bd81c0460d2e005d8c33ee02", "key": "modified"}, {"hash": "46bfbe8ad123e1445d76dda394454e2e", "key": "sourceData"}, {"hash": "e7abf60a84a5ac895309f72a03411643", "key": "description"}, {"hash": "d96a6d49b4046e481d5c996d74c702d2", "key": "published"}, {"hash": "b22c2eef85d6da3d8ab303390b3e55b3", "key": "cvelist"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "292f2e293571b0e70e3182b615982dad", "key": "cvss"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872293", "id": "OPENVAS:1361412562310872293", "lastseen": "2017-07-02T21:14:35", "modified": "2017-02-16T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310872293", "published": "2017-01-24T00:00:00", "references": ["2017-e6012e74b6", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-e6012e74b6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872293\");\n script_version(\"$Revision: 5305 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-02-16 09:56:57 +0100 (Thu, 16 Feb 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:37 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2017-2583\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-e6012e74b6\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel meta package\");\n script_tag(name: \"affected\", value: \"kernel on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2017-e6012e74b6\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"HostDetails/OS/cpe:/o:fedoraproject:fedora\", \"login/SSH/success\", \"ssh/login/release\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.5~200.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for kernel FEDORA-2017-e6012e74b6", "type": "openvas", "viewCount": 0}, "differentElements": ["modified", "sourceData"], "edition": 1, "lastseen": "2017-07-02T21:14:35"}, {"bulletin": {"bulletinFamily": "scanner", "cvelist": ["CVE-2017-2583"], "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "Check the version of kernel", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "2b4793ccc525051663b372571c1d616130756c19a08290d52505c1a5399885c1", "hashmap": [{"hash": "a2323bbbec1269474bb5afba0147298f", "key": "reporter"}, {"hash": "035982e88d94ddba60eadc6b538bf968", "key": "pluginID"}, {"hash": "13b8d2a524b964854209481fef41bf1e", "key": "href"}, {"hash": "70dcb71514eaeee72a0da0a6587afbc4", "key": "title"}, {"hash": "fd584abae6a960e09ce8a23bab1ea2b2", "key": "references"}, {"hash": "11f7c513624d71e37f73710e87660a12", "key": "sourceData"}, {"hash": "e7abf60a84a5ac895309f72a03411643", "key": "description"}, {"hash": "d96a6d49b4046e481d5c996d74c702d2", "key": "published"}, {"hash": "b22c2eef85d6da3d8ab303390b3e55b3", "key": "cvelist"}, {"hash": "47c1f692ea47a21f716dad07043ade01", "key": "type"}, {"hash": "bbdaea376f500d25f6b0c1050311dd07", "key": "bulletinFamily"}, {"hash": "be931514784f88df80712740ad2723e7", "key": "naslFamily"}, {"hash": "292f2e293571b0e70e3182b615982dad", "key": "cvss"}, {"hash": "0d134bf170d66438eb1e01173ee0187f", "key": "modified"}], "history": [], "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872293", "id": "OPENVAS:1361412562310872293", "lastseen": "2017-07-25T10:57:45", "modified": "2017-07-10T00:00:00", "naslFamily": "Fedora Local Security Checks", "objectVersion": "1.3", "pluginID": "1361412562310872293", "published": "2017-01-24T00:00:00", "references": ["2017-e6012e74b6", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E"], "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-e6012e74b6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872293\");\n script_version(\"$Revision: 6634 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 09:32:24 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:37 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2017-2583\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-e6012e74b6\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel meta package\");\n script_tag(name: \"affected\", value: \"kernel on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2017-e6012e74b6\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.5~200.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "title": "Fedora Update for kernel FEDORA-2017-e6012e74b6", "type": "openvas", "viewCount": 0}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2017-07-25T10:57:45"}], "edition": 4, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "b22c2eef85d6da3d8ab303390b3e55b3"}, {"key": "cvss", "hash": "292f2e293571b0e70e3182b615982dad"}, {"key": "description", "hash": "e7abf60a84a5ac895309f72a03411643"}, {"key": "href", "hash": "13b8d2a524b964854209481fef41bf1e"}, {"key": "modified", "hash": "0d134bf170d66438eb1e01173ee0187f"}, {"key": "naslFamily", "hash": "be931514784f88df80712740ad2723e7"}, {"key": "pluginID", "hash": "035982e88d94ddba60eadc6b538bf968"}, {"key": "published", "hash": "d96a6d49b4046e481d5c996d74c702d2"}, {"key": "references", "hash": "fd584abae6a960e09ce8a23bab1ea2b2"}, {"key": "reporter", "hash": "a2323bbbec1269474bb5afba0147298f"}, {"key": "sourceData", "hash": "11f7c513624d71e37f73710e87660a12"}, {"key": "title", "hash": "70dcb71514eaeee72a0da0a6587afbc4"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "2b4793ccc525051663b372571c1d616130756c19a08290d52505c1a5399885c1", "viewCount": 0, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-e6012e74b6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872293\");\n script_version(\"$Revision: 6634 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 09:32:24 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:37 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2017-2583\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-e6012e74b6\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel meta package\");\n script_tag(name: \"affected\", value: \"kernel on Fedora 25\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2017-e6012e74b6\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMA2BR5OTCZDLNZ3L57425PCTUCUHO7E\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.5~200.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "pluginID": "1361412562310872293"}

{"cve": [{"lastseen": "2018-08-25T10:50:24", "references": ["https://github.com/torvalds/linux/commit/33ab91103b3415e12457e3104f0e4517ce12d0f3", "https://usn.ubuntu.com/3754-1/", "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=33ab91103b3415e12457e3104f0e4517ce12d0f3", "https://access.redhat.com/errata/RHSA-2017:1615", "http://www.securityfocus.com/bid/95673", "https://bugzilla.redhat.com/show_bug.cgi?id=1414735", "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.5", "http://www.debian.org/security/2017/dsa-3791", "https://access.redhat.com/errata/RHSA-2017:1616", "http://www.openwall.com/lists/oss-security/2017/01/19/2"], "description": "The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a \"MOV SS, NULL selector\" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.", "edition": 6, "reporter": "NVD", "published": "2017-02-06T01:59:00", "title": "CVE-2017-2583", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 9.3}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2017-2583"], "scanner": [], "modified": "2018-08-24T06:29:02", "cpe": ["cpe:/o:linux:linux_kernel:4.9.4"], "id": "CVE-2017-2583", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-2583", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "f5": [{"lastseen": "2017-07-19T02:20:05", "references": [], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP AAM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP ASM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP DNS| None| 13.0.0 \n12.0.0 - 12.1.2| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1| Not vulnerable| None \nBIG-IP GTM| None| 11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP Link Controller| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP PEM| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.4.1 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.1| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1| Not vulnerable| None \nBIG-IP WebSafe| None| 13.0.0 \n12.0.0 - 12.1.2 \n11.6.0 - 11.6.1| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nBIG-IQ Cloud| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.4.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 - 5.3.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0 - 2.2.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.2| Not vulnerable| None \nTraffix SDC| None| 5.0.0 - 5.1.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "edition": 1, "reporter": "f5", "published": "2017-07-19T00:57:00", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "title": "Linux kernel vulnerability CVE-2017-2583", "type": "f5", "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2017-2583"], "modified": "2017-07-19T00:57:00", "href": "https://support.f5.com/csp/article/K81172534", "id": "F5:K81172534", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2018-09-01T23:45:04", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2017-e6012e74b6"], "pluginID": "96708", "description": "The 4.9.5 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2017-01-24T00:00:00", "title": "Fedora 25 : kernel (2017-e6012e74b6)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-2583"], "modified": "2017-02-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2017-E6012E74B6.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96708", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-e6012e74b6.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96708);\n script_version(\"$Revision: 3.3 $\");\n script_cvs_date(\"$Date: 2017/02/21 14:37:42 $\");\n\n script_cve_id(\"CVE-2017-2583\");\n script_xref(name:\"FEDORA\", value:\"2017-e6012e74b6\");\n\n script_name(english:\"Fedora 25 : kernel (2017-e6012e74b6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.9.5 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-e6012e74b6\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"kernel-4.9.5-200.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:32:36", "references": ["https://bodhi.fedoraproject.org/updates/FEDORA-2017-18ce368ba3"], "pluginID": "96705", "description": "The 4.9.5 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 7, "reporter": "Tenable", "published": "2017-01-24T00:00:00", "title": "Fedora 24 : kernel (2017-18ce368ba3)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 2.1}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-2583"], "modified": "2017-02-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2017-18CE368BA3.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=96705", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2017-18ce368ba3.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(96705);\n script_version(\"$Revision: 3.3 $\");\n script_cvs_date(\"$Date: 2017/02/21 14:37:42 $\");\n\n script_cve_id(\"CVE-2017-2583\");\n script_xref(name:\"FEDORA\", value:\"2017-18ce368ba3\");\n\n script_name(english:\"Fedora 24 : kernel (2017-18ce368ba3)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.9.5 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2017-18ce368ba3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"kernel-4.9.5-100.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-02T00:08:32", "references": ["http://www.nessus.org/u?7af5a350", "https://help.virtuozzo.com/customer/portal/articles/2734643", "http://www.nessus.org/u?84a60371", "http://www.nessus.org/u?2dca61ae"], "pluginID": "97976", "description": "According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities :\n\n - Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support is vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user/process inside guest could use this flaw to crash the guest resulting in DoS or potentially escalate their privileges inside guest.\n\n - arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "edition": 15, "reporter": "Tenable", "published": "2017-03-27T00:00:00", "title": "Virtuozzo 7 : readykernel-patch (VZA-2017-004)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Virtuozzo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-2584", "CVE-2017-2583"], "modified": "2018-07-17T00:00:00", "cpe": ["cpe:/o:virtuozzo:virtuozzo:7", "p-cpe:/a:virtuozzo:virtuozzo:readykernel"], "id": "VIRTUOZZO_VZA-2017-004.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=97976", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(97976);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/17 12:00:07\");\n\n script_cve_id(\n \"CVE-2017-2583\",\n \"CVE-2017-2584\"\n );\n\n script_name(english:\"Virtuozzo 7 : readykernel-patch (VZA-2017-004)\");\n script_summary(english:\"Checks the readykernel output for the updated patch.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the vzkernel package and the\nreadykernel-patch installed, the Virtuozzo installation on the remote\nhost is affected by the following vulnerabilities :\n\n - Linux kernel built with the Kernel-based Virtual\n Machine (CONFIG_KVM) support is vulnerable to an\n incorrect segment selector(SS) value error. The error\n could occur while loading values into the SS register\n in long mode. A user/process inside guest could use\n this flaw to crash the guest resulting in DoS or\n potentially escalate their privileges inside guest.\n\n - arch/x86/kvm/emulate.c in the Linux kernel through\n 4.9.3 allows local users to obtain sensitive\n information from kernel memory or cause a denial of\n service (use-after-free) via a crafted application that\n leverages instruction emulation for fxrstor, fxsave,\n sgdt, and sidt.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2734643\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-15.2-10.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84a60371\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-18.7-10.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2dca61ae\");\n # https://readykernel.com/patch/Virtuozzo-7/readykernel-patch-20.18-10.0-1.vl7/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7af5a350\");\n script_set_attribute(attribute:\"solution\", value:\"Update the readykernel patch.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/02/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:readykernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/03/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\", \"Host/readykernel-info\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"readykernel.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nrk_info = get_kb_item(\"Host/readykernel-info\");\nif (empty_or_null(rk_info)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\n\nchecks = make_list2(\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.18.2.vz7.15.2\",\n \"patch\",\"readykernel-patch-15.2-10.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.18.7\",\n \"patch\",\"readykernel-patch-18.7-10.0-1.vl7\"\n ),\n make_array(\n \"kernel\",\"vzkernel-3.10.0-327.36.1.vz7.20.18\",\n \"patch\",\"readykernel-patch-20.18-10.0-1.vl7\"\n )\n);\nreadykernel_execute_checks(checks:checks, severity:SECURITY_WARNING, release:\"Virtuozzo-7\");\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-11-11T12:44:24", "references": ["http://www.nessus.org/u?327ae90b"], "pluginID": "101120", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process could use this flaw to potentially escalate their privilege on a system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server.\nThese encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel (denial of service). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest.\n(CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. (CVE-2017-6214, Moderate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and Xiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es) :\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow no longer occurs. (BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the NFS client could restart the directory listing multiple times.\nConsequently, the performance of listing the directory was sub-optimal. With this update, the restarting of the directory listing happens less frequently. As a result, the performance of listing the directory while it is being modified has improved. (BZ#1450851)\n\n* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed to reboot. This update fixes the qla2xxx driver, and FCoE adapter now reboots as expected. (BZ#1446246)\n\n* When a VM with Virtual Function I/O (VFIO) device was rebooted, the QEMU process occasionally terminated unexpectedly due to a failed VFIO Direct Memory Access (DMA) map request. This update fixes the vfio driver and QEMU no longer crashes in the described situation.\n(BZ#1450855)\n\n* When the operating system was booted with the in-box lpfc driver, a kernel panic occurred on the little-endian variant of IBM Power Systems. This update fixes lpfc, and the kernel no longer panics in the described situation. (BZ#1452044)\n\n* When creating or destroying a VM with Virtual Function I/O (VFIO) devices with 'Hugepages' feature enabled, errors in Direct Memory Access (DMA) page table entry (PTE) mappings occurred, and QEMU memory usage behaved unpredictably. This update fixes range computation when making room for large pages in Input/Output Memory Management Unit (IOMMU). As a result, errors in DMA PTE mappings no longer occur, and QEMU has a predictable memory usage in the described situation.\n(BZ#1450856)", "edition": 10, "reporter": "Tenable", "published": "2017-06-30T00:00:00", "title": "CentOS 7 : kernel (CESA-2017:1615)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "p-cpe:/a:centos:centos:kernel-doc", "cpe:/o:centos:centos:7", "p-cpe:/a:centos:centos:kernel-tools-libs-devel", "p-cpe:/a:centos:centos:kernel-tools", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-tools-libs", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-abi-whitelists", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2017-1615.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101120", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1615 and \n# CentOS Errata and Security Advisory 2017:1615 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101120);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2018/11/10 11:49:32\");\n\n script_cve_id(\"CVE-2017-2583\", \"CVE-2017-6214\", \"CVE-2017-7477\", \"CVE-2017-7645\", \"CVE-2017-7895\");\n script_xref(name:\"RHSA\", value:\"2017:1615\");\n\n script_name(english:\"CentOS 7 : kernel (CESA-2017:1615)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way Linux kernel allocates heap memory to\nbuild the scattergather list from a fragment\nlist(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The\nheap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and\n'NETIF_F_FRAGLIST' feature were used together. A remote user or\nprocess could use this flaw to potentially escalate their privilege on\na system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server.\nThese encoded arguments are stored in an array of memory pages, and\naccessed using pointer variables. Arbitrarily long arguments could\nmake these pointers point outside the array and cause an out-of-bounds\nmemory access. A remote user or program could use this flaw to crash\nthe kernel (denial of service). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel\nthrough 4.10.13 lacked certain checks for the end of a buffer. A\nremote attacker could trigger a pointer-arithmetic error or possibly\ncause other unspecified impacts using crafted requests related to\nfs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine\n(CONFIG_KVM) support was vulnerable to an incorrect segment\nselector(SS) value error. The error could occur while loading values\ninto the SS register in long mode. A user or process inside a guest\ncould use this flaw to crash the guest, resulting in DoS or\npotentially escalate their privileges inside the guest.\n(CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the\nURG flag. Applications using the splice() and tcp_splice_read()\nfunctionality could allow a remote attacker to force the kernel to\nenter a condition in which it could loop indefinitely. (CVE-2017-6214,\nModerate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and\nXiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es) :\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger\nthan the total-pages counter (HugePages_Total) in the /proc/meminfo\nfile, and HugePages_Rsvd underflowed. With this update, the HugeTLB\nfeature of the Linux kernel has been fixed, and HugePages_Rsvd\nunderflow no longer occurs. (BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the\nNFS client could restart the directory listing multiple times.\nConsequently, the performance of listing the directory was\nsub-optimal. With this update, the restarting of the directory listing\nhappens less frequently. As a result, the performance of listing the\ndirectory while it is being modified has improved. (BZ#1450851)\n\n* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed\nto reboot. This update fixes the qla2xxx driver, and FCoE adapter now\nreboots as expected. (BZ#1446246)\n\n* When a VM with Virtual Function I/O (VFIO) device was rebooted, the\nQEMU process occasionally terminated unexpectedly due to a failed VFIO\nDirect Memory Access (DMA) map request. This update fixes the vfio\ndriver and QEMU no longer crashes in the described situation.\n(BZ#1450855)\n\n* When the operating system was booted with the in-box lpfc driver, a\nkernel panic occurred on the little-endian variant of IBM Power\nSystems. This update fixes lpfc, and the kernel no longer panics in\nthe described situation. (BZ#1452044)\n\n* When creating or destroying a VM with Virtual Function I/O (VFIO)\ndevices with 'Hugepages' feature enabled, errors in Direct Memory\nAccess (DMA) page table entry (PTE) mappings occurred, and QEMU memory\nusage behaved unpredictably. This update fixes range computation when\nmaking room for large pages in Input/Output Memory Management Unit\n(IOMMU). As a result, errors in DMA PTE mappings no longer occur, and\nQEMU has a predictable memory usage in the described situation.\n(BZ#1450856)\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2017-June/022489.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?327ae90b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.26.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:37:25", "references": ["http://www.nessus.org/u?05a0f886"], "pluginID": "101105", "description": "Security Fix(es) :\n\n - A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS\n\n - 1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process could use this flaw to potentially escalate their privilege on a system.\n (CVE-2017-7477, Important)\n\n - The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel (denial of service). (CVE-2017-7645, Important)\n\n - The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n - The Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest.\n (CVE-2017-2583, Moderate)\n\n - A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely.\n (CVE-2017-6214, Moderate)\n\nBug Fix(es) :\n\n - Previously, the reserved-pages counter (HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow no longer occurs.\n\n - If a directory on a NFS client was modified while being listed, the NFS client could restart the directory listing multiple times. Consequently, the performance of listing the directory was sub-optimal. With this update, the restarting of the directory listing happens less frequently. As a result, the performance of listing the directory while it is being modified has improved.\n\n - The Fibre Channel over Ethernet (FCoE) adapter in some cases failed to reboot. This update fixes the qla2xxx driver, and FCoE adapter now reboots as expected.\n\n - When a VM with Virtual Function I/O (VFIO) device was rebooted, the QEMU process occasionally terminated unexpectedly due to a failed VFIO Direct Memory Access (DMA) map request. This update fixes the vfio driver and QEMU no longer crashes in the described situation.\n\n - When the operating system was booted with the in-box lpfc driver, a kernel panic occurred on the little-endian variant of IBM Power Systems. This update fixes lpfc, and the kernel no longer panics in the described situation.\n\n - When creating or destroying a VM with Virtual Function I/O (VFIO) devices with 'Hugepages' feature enabled, errors in Direct Memory Access (DMA) page table entry (PTE) mappings occurred, and QEMU memory usage behaved unpredictably. This update fixes range computation when making room for large pages in Input/Output Memory Management Unit (IOMMU). As a result, errors in DMA PTE mappings no longer occur, and QEMU has a predictable memory usage in the described situation.", "edition": 5, "reporter": "Tenable", "published": "2017-06-29T00:00:00", "title": "Scientific Linux Security Update : kernel on SL7.x x86_64", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Scientific Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477"], "modified": "2018-01-26T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170628_KERNEL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101105", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101105);\n script_version(\"$Revision: 3.2 $\");\n script_cvs_date(\"$Date: 2018/01/26 17:50:30 $\");\n\n script_cve_id(\"CVE-2017-2583\", \"CVE-2017-6214\", \"CVE-2017-7477\", \"CVE-2017-7645\", \"CVE-2017-7895\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL7.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A flaw was found in the way Linux kernel allocates heap\n memory to build the scattergather list from a fragment\n list(skb_shinfo(skb)->frag_list) in the socket\n buffer(skb_buff). The heap overflow occurred if\n 'MAX_SKB_FRAGS\n\n - 1' parameter and 'NETIF_F_FRAGLIST' feature were used\n together. A remote user or process could use this flaw\n to potentially escalate their privilege on a system.\n (CVE-2017-7477, Important)\n\n - The NFS2/3 RPC client could send long arguments to the\n NFS server. These encoded arguments are stored in an\n array of memory pages, and accessed using pointer\n variables. Arbitrarily long arguments could make these\n pointers point outside the array and cause an\n out-of-bounds memory access. A remote user or program\n could use this flaw to crash the kernel (denial of\n service). (CVE-2017-7645, Important)\n\n - The NFSv2 and NFSv3 server implementations in the Linux\n kernel through 4.10.13 lacked certain checks for the end\n of a buffer. A remote attacker could trigger a\n pointer-arithmetic error or possibly cause other\n unspecified impacts using crafted requests related to\n fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895,\n Important)\n\n - The Linux kernel built with the Kernel-based Virtual\n Machine (CONFIG_KVM) support was vulnerable to an\n incorrect segment selector(SS) value error. The error\n could occur while loading values into the SS register in\n long mode. A user or process inside a guest could use\n this flaw to crash the guest, resulting in DoS or\n potentially escalate their privileges inside the guest.\n (CVE-2017-2583, Moderate)\n\n - A flaw was found in the Linux kernel's handling of\n packets with the URG flag. Applications using the\n splice() and tcp_splice_read() functionality could allow\n a remote attacker to force the kernel to enter a\n condition in which it could loop indefinitely.\n (CVE-2017-6214, Moderate)\n\nBug Fix(es) :\n\n - Previously, the reserved-pages counter (HugePages_Rsvd)\n was bigger than the total-pages counter\n (HugePages_Total) in the /proc/meminfo file, and\n HugePages_Rsvd underflowed. With this update, the\n HugeTLB feature of the Linux kernel has been fixed, and\n HugePages_Rsvd underflow no longer occurs.\n\n - If a directory on a NFS client was modified while being\n listed, the NFS client could restart the directory\n listing multiple times. Consequently, the performance of\n listing the directory was sub-optimal. With this update,\n the restarting of the directory listing happens less\n frequently. As a result, the performance of listing the\n directory while it is being modified has improved.\n\n - The Fibre Channel over Ethernet (FCoE) adapter in some\n cases failed to reboot. This update fixes the qla2xxx\n driver, and FCoE adapter now reboots as expected.\n\n - When a VM with Virtual Function I/O (VFIO) device was\n rebooted, the QEMU process occasionally terminated\n unexpectedly due to a failed VFIO Direct Memory Access\n (DMA) map request. This update fixes the vfio driver and\n QEMU no longer crashes in the described situation.\n\n - When the operating system was booted with the in-box\n lpfc driver, a kernel panic occurred on the\n little-endian variant of IBM Power Systems. This update\n fixes lpfc, and the kernel no longer panics in the\n described situation.\n\n - When creating or destroying a VM with Virtual Function\n I/O (VFIO) devices with 'Hugepages' feature enabled,\n errors in Direct Memory Access (DMA) page table entry\n (PTE) mappings occurred, and QEMU memory usage behaved\n unpredictably. This update fixes range computation when\n making room for large pages in Input/Output Memory\n Management Unit (IOMMU). As a result, errors in DMA PTE\n mappings no longer occur, and QEMU has a predictable\n memory usage in the described situation.\"\n );\n # http://listserv.fnal.gov/scripts/wa.exe?A2=ind1706&L=scientific-linux-errata&F=&S=&P=6811\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?05a0f886\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-abi-whitelists-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-doc-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:04:28", "references": ["https://oss.oracle.com/pipermail/el-errata/2017-June/007022.html"], "pluginID": "101139", "description": "From Red Hat Security Advisory 2017:1615 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process could use this flaw to potentially escalate their privilege on a system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server.\nThese encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel (denial of service). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest.\n(CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. (CVE-2017-6214, Moderate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and Xiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es) :\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow no longer occurs. (BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the NFS client could restart the directory listing multiple times.\nConsequently, the performance of listing the directory was sub-optimal. With this update, the restarting of the directory listing happens less frequently. As a result, the performance of listing the directory while it is being modified has improved. (BZ#1450851)\n\n* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed to reboot. This update fixes the qla2xxx driver, and FCoE adapter now reboots as expected. (BZ#1446246)\n\n* When a VM with Virtual Function I/O (VFIO) device was rebooted, the QEMU process occasionally terminated unexpectedly due to a failed VFIO Direct Memory Access (DMA) map request. This update fixes the vfio driver and QEMU no longer crashes in the described situation.\n(BZ#1450855)\n\n* When the operating system was booted with the in-box lpfc driver, a kernel panic occurred on the little-endian variant of IBM Power Systems. This update fixes lpfc, and the kernel no longer panics in the described situation. (BZ#1452044)\n\n* When creating or destroying a VM with Virtual Function I/O (VFIO) devices with 'Hugepages' feature enabled, errors in Direct Memory Access (DMA) page table entry (PTE) mappings occurred, and QEMU memory usage behaved unpredictably. This update fixes range computation when making room for large pages in Input/Output Memory Management Unit (IOMMU). As a result, errors in DMA PTE mappings no longer occur, and QEMU has a predictable memory usage in the described situation.\n(BZ#1450856)", "edition": 8, "reporter": "Tenable", "published": "2017-06-30T00:00:00", "title": "Oracle Linux 7 : kernel (ELSA-2017-1615)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477"], "modified": "2018-07-24T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2017-1615.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101139", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2017:1615 and \n# Oracle Linux Security Advisory ELSA-2017-1615 respectively.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101139);\n script_version(\"3.5\");\n script_cvs_date(\"Date: 2018/07/24 18:56:12\");\n\n script_cve_id(\"CVE-2017-2583\", \"CVE-2017-6214\", \"CVE-2017-7477\", \"CVE-2017-7645\", \"CVE-2017-7895\");\n script_xref(name:\"RHSA\", value:\"2017:1615\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2017-1615)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2017:1615 :\n\nAn update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way Linux kernel allocates heap memory to\nbuild the scattergather list from a fragment\nlist(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The\nheap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and\n'NETIF_F_FRAGLIST' feature were used together. A remote user or\nprocess could use this flaw to potentially escalate their privilege on\na system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server.\nThese encoded arguments are stored in an array of memory pages, and\naccessed using pointer variables. Arbitrarily long arguments could\nmake these pointers point outside the array and cause an out-of-bounds\nmemory access. A remote user or program could use this flaw to crash\nthe kernel (denial of service). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel\nthrough 4.10.13 lacked certain checks for the end of a buffer. A\nremote attacker could trigger a pointer-arithmetic error or possibly\ncause other unspecified impacts using crafted requests related to\nfs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine\n(CONFIG_KVM) support was vulnerable to an incorrect segment\nselector(SS) value error. The error could occur while loading values\ninto the SS register in long mode. A user or process inside a guest\ncould use this flaw to crash the guest, resulting in DoS or\npotentially escalate their privileges inside the guest.\n(CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the\nURG flag. Applications using the splice() and tcp_splice_read()\nfunctionality could allow a remote attacker to force the kernel to\nenter a condition in which it could loop indefinitely. (CVE-2017-6214,\nModerate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and\nXiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es) :\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger\nthan the total-pages counter (HugePages_Total) in the /proc/meminfo\nfile, and HugePages_Rsvd underflowed. With this update, the HugeTLB\nfeature of the Linux kernel has been fixed, and HugePages_Rsvd\nunderflow no longer occurs. (BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the\nNFS client could restart the directory listing multiple times.\nConsequently, the performance of listing the directory was\nsub-optimal. With this update, the restarting of the directory listing\nhappens less frequently. As a result, the performance of listing the\ndirectory while it is being modified has improved. (BZ#1450851)\n\n* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed\nto reboot. This update fixes the qla2xxx driver, and FCoE adapter now\nreboots as expected. (BZ#1446246)\n\n* When a VM with Virtual Function I/O (VFIO) device was rebooted, the\nQEMU process occasionally terminated unexpectedly due to a failed VFIO\nDirect Memory Access (DMA) map request. This update fixes the vfio\ndriver and QEMU no longer crashes in the described situation.\n(BZ#1450855)\n\n* When the operating system was booted with the in-box lpfc driver, a\nkernel panic occurred on the little-endian variant of IBM Power\nSystems. This update fixes lpfc, and the kernel no longer panics in\nthe described situation. (BZ#1452044)\n\n* When creating or destroying a VM with Virtual Function I/O (VFIO)\ndevices with 'Hugepages' feature enabled, errors in Direct Memory\nAccess (DMA) page table entry (PTE) mappings occurred, and QEMU memory\nusage behaved unpredictably. This update fixes range computation when\nmaking room for large pages in Input/Output Memory Management Unit\n(IOMMU). As a result, errors in DMA PTE mappings no longer occur, and\nQEMU has a predictable memory usage in the described situation.\n(BZ#1450856)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-June/007022.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-abi-whitelists-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-doc-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-headers-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.26.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.26.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:55:54", "references": ["https://access.redhat.com/articles/3090941", "https://access.redhat.com/security/cve/cve-2017-2583", "https://access.redhat.com/errata/RHSA-2017:1615", "https://access.redhat.com/security/cve/cve-2017-6214", "https://access.redhat.com/security/cve/cve-2017-7895", "https://access.redhat.com/security/cve/cve-2017-7645", "https://access.redhat.com/security/cve/cve-2017-7477"], "pluginID": "101101", "description": "An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process could use this flaw to potentially escalate their privilege on a system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server.\nThese encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel (denial of service). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest.\n(CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. (CVE-2017-6214, Moderate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and Xiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es) :\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow no longer occurs. (BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the NFS client could restart the directory listing multiple times.\nConsequently, the performance of listing the directory was sub-optimal. With this update, the restarting of the directory listing happens less frequently. As a result, the performance of listing the directory while it is being modified has improved. (BZ#1450851)\n\n* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed to reboot. This update fixes the qla2xxx driver, and FCoE adapter now reboots as expected. (BZ#1446246)\n\n* When a VM with Virtual Function I/O (VFIO) device was rebooted, the QEMU process occasionally terminated unexpectedly due to a failed VFIO Direct Memory Access (DMA) map request. This update fixes the vfio driver and QEMU no longer crashes in the described situation.\n(BZ#1450855)\n\n* When the operating system was booted with the in-box lpfc driver, a kernel panic occurred on the little-endian variant of IBM Power Systems. This update fixes lpfc, and the kernel no longer panics in the described situation. (BZ#1452044)\n\n* When creating or destroying a VM with Virtual Function I/O (VFIO) devices with 'Hugepages' feature enabled, errors in Direct Memory Access (DMA) page table entry (PTE) mappings occurred, and QEMU memory usage behaved unpredictably. This update fixes range computation when making room for large pages in Input/Output Memory Management Unit (IOMMU). As a result, errors in DMA PTE mappings no longer occur, and QEMU has a predictable memory usage in the described situation.\n(BZ#1450856)", "edition": 11, "reporter": "Tenable", "published": "2017-06-29T00:00:00", "title": "RHEL 7 : kernel (RHSA-2017:1615)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "cpe:/o:redhat:enterprise_linux:7.4", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "cpe:/o:redhat:enterprise_linux:7.5", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "cpe:/o:redhat:enterprise_linux:7.3", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel", "cpe:/o:redhat:enterprise_linux:7.6", "p-cpe:/a:redhat:enterprise_linux:python-perf", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc"], "id": "REDHAT-RHSA-2017-1615.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101101", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1615. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101101);\n script_version(\"3.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:56\");\n\n script_cve_id(\"CVE-2017-2583\", \"CVE-2017-6214\", \"CVE-2017-7477\", \"CVE-2017-7645\", \"CVE-2017-7895\");\n script_xref(name:\"RHSA\", value:\"2017:1615\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2017:1615)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way Linux kernel allocates heap memory to\nbuild the scattergather list from a fragment\nlist(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The\nheap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and\n'NETIF_F_FRAGLIST' feature were used together. A remote user or\nprocess could use this flaw to potentially escalate their privilege on\na system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server.\nThese encoded arguments are stored in an array of memory pages, and\naccessed using pointer variables. Arbitrarily long arguments could\nmake these pointers point outside the array and cause an out-of-bounds\nmemory access. A remote user or program could use this flaw to crash\nthe kernel (denial of service). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel\nthrough 4.10.13 lacked certain checks for the end of a buffer. A\nremote attacker could trigger a pointer-arithmetic error or possibly\ncause other unspecified impacts using crafted requests related to\nfs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine\n(CONFIG_KVM) support was vulnerable to an incorrect segment\nselector(SS) value error. The error could occur while loading values\ninto the SS register in long mode. A user or process inside a guest\ncould use this flaw to crash the guest, resulting in DoS or\npotentially escalate their privileges inside the guest.\n(CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the\nURG flag. Applications using the splice() and tcp_splice_read()\nfunctionality could allow a remote attacker to force the kernel to\nenter a condition in which it could loop indefinitely. (CVE-2017-6214,\nModerate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and\nXiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es) :\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger\nthan the total-pages counter (HugePages_Total) in the /proc/meminfo\nfile, and HugePages_Rsvd underflowed. With this update, the HugeTLB\nfeature of the Linux kernel has been fixed, and HugePages_Rsvd\nunderflow no longer occurs. (BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the\nNFS client could restart the directory listing multiple times.\nConsequently, the performance of listing the directory was\nsub-optimal. With this update, the restarting of the directory listing\nhappens less frequently. As a result, the performance of listing the\ndirectory while it is being modified has improved. (BZ#1450851)\n\n* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed\nto reboot. This update fixes the qla2xxx driver, and FCoE adapter now\nreboots as expected. (BZ#1446246)\n\n* When a VM with Virtual Function I/O (VFIO) device was rebooted, the\nQEMU process occasionally terminated unexpectedly due to a failed VFIO\nDirect Memory Access (DMA) map request. This update fixes the vfio\ndriver and QEMU no longer crashes in the described situation.\n(BZ#1450855)\n\n* When the operating system was booted with the in-box lpfc driver, a\nkernel panic occurred on the little-endian variant of IBM Power\nSystems. This update fixes lpfc, and the kernel no longer panics in\nthe described situation. (BZ#1452044)\n\n* When creating or destroying a VM with Virtual Function I/O (VFIO)\ndevices with 'Hugepages' feature enabled, errors in Direct Memory\nAccess (DMA) page table entry (PTE) mappings occurred, and QEMU memory\nusage behaved unpredictably. This update fixes range computation when\nmaking room for large pages in Input/Output Memory Management Unit\n(IOMMU). As a result, errors in DMA PTE mappings no longer occur, and\nQEMU has a predictable memory usage in the described situation.\n(BZ#1450856)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/articles/3090941\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1615\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-2583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-6214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7477\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7895\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1615\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-abi-whitelists-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debug-devel-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-devel-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-doc-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-headers-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"kernel-kdump-devel-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"perf-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"s390x\", reference:\"python-perf-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-514.26.1.el7\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:47:24", "references": ["https://oss.oracle.com/pipermail/el-errata/2017-June/007023.html"], "pluginID": "101138", "description": "Description of changes:\n\n- [3.10.0-514.26.1.0.1.el7.OL7]\n- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug 22552377]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(<A HREF='https://oss.oracle.com/mailman/listinfo/el-errata'>alexey.petrenko at oracle.com</A>)\n- Update x509.genkey [bug 24817676]\n\n[3.10.0-514.26.1.el7]\n- [mm] enlarge stack guard gap (Larry Woodman) [1452732 1452733] {CVE-2017-1000364}\n- Revert: [md] dm mirror: use all available legs on multiple failures (Mike Snitzer) [1449176 1383444]\n\n[3.10.0-514.25.1.el7]\n- [lib] kobject: grab an extra reference on kobject->sd to allow duplicate deletes (Aristeu Rozanski) [1454851 1427252]\n- [kernel] module: When modifying a module's text ignore modules which are going away too (Aaron Tomlin) [1454684 1386313]\n- [kernel] module: Ensure a module's state is set accordingly during module coming cleanup code (Aaron Tomlin) [1454684 1386313]\n- [net] vxlan: do not output confusing error message (Jiri Benc) [1454636 1445054]\n- [net] vxlan: correctly handle ipv6.disable module parameter (Jiri Benc) [1454636 1445054]\n- [iommu] vt-d: fix range computation when making room for large pages (Alex Williamson) [1450856 1435612]\n- [fs] nfsd: stricter decoding of write-like NFSv2/v3 ops ('J. Bruce Fields') [1449282 1443204] {CVE-2017-7895}\n- [fs] nfsd4: minor NFSv2/v3 write decoding cleanup ('J. Bruce Fields') [1449282 1443204] {CVE-2017-7895}\n- [md] dm mirror: use all available legs on multiple failures (Mike Snitzer) [1449176 1383444]\n- [fs] nfsd: check for oversized NFSv2/v3 arguments ('J. Bruce Fields') [1447642 1442407] {CVE-2017-7645}\n- [scsi] ses: don't get power status of SES device slot on probe (Gustavo Duarte) [1446650 1434768]\n- [scsi] ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (Steve Best) [1446649 1441747]\n- [net] macsec: dynamically allocate space for sglist (Sabrina Dubroca) [1445546 1445545] {CVE-2017-7477}\n- [net] macsec: avoid heap overflow in skb_to_sgvec (Sabrina Dubroca) [1445546 1445545] {CVE-2017-7477}\n- [fs] gfs2: Allow glocks to be unlocked after withdraw (Robert S Peterson) [1433882 1404005]\n- [net] tcp: avoid infinite loop in tcp_splice_read() (Davide Caratti) [1430579 1430580] {CVE-2017-6214}\n- [mm] vma_merge: correct false positive from \n__vma_unlink->validate_mm_rb (Andrea Arcangeli) [1428840 1374548]\n- [mm] vma_merge: fix race vm_page_prot race condition against rmap_walk (Andrea Arcangeli) [1428840 1374548]\n- [mm] fix use-after-free if memory allocation failed in vma_adjust() (Andrea Arcangeli) [1428840 1374548]\n- [x86] kvm: x86: fix emulation of 'MOV SS, null selector' (Radim Krcmar) [1414742 1414743] {CVE-2017-2583}\n- [powerpc] prom: Increase minimum RMA size to 512MB (Gustavo Duarte) [1450041 1411321]\n- [pci] pciehp: Prioritize data-link event over presence detect (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Don't re-read Slot Status when queuing hotplug event (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Process all hotplug events before looking for new ones (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Rename pcie_isr() locals for clarity (Myron Stowe) [1450124 1435818]\n\n[3.10.0-514.24.1.el7]\n- [scsi] lpfc: Fix panic on BFS configuration (Maurizio Lombardi) [1452044 1443116]\n- [vfio] type1: Reduce repetitive calls in vfio_pin_pages_remote() (Alex Williamson) [1450855 1438403]\n- [vfio] type1: Remove locked page accounting workqueue (Alex Williamson) [1450855 1438403]\n- [fs] nfs: Allow getattr to also report readdirplus cache hits (Dave Wysochanski) [1450851 1442068]\n- [fs] nfs: Be more targeted about readdirplus use when doing lookup/revalidation (Dave Wysochanski) [1450851 1442068]\n- [fs] nfs: Fix a performance regression in readdir (Dave Wysochanski) [1450851 1442068]\n- [x86] xen: do not re-use pirq number cached in pci device msi msg data (Vitaly Kuznetsov) [1450037 1433831]\n- [powerpc] mm: Add missing global TLB invalidate if cxl is active (Steve Best) [1449178 1440776]\n- [powerpc] boot: Fix zImage TOC alignment (Gustavo Duarte) [1444343 1395838]\n\n[3.10.0-514.23.1.el7]\n- [scsi] qla2xxx: Defer marking device lost when receiving an RSCN (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Fix typo in driver (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Avoid that issuing a LIP triggers a kernel crash (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Add fix to read correct register value for ISP82xx (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Disable the adapter and skip error recovery in case of register disconnect (Himanshu Madhani) [1446246 1436940]\n\n[3.10.0-514.22.1.el7]\n- [mm] hugetlb: don't use reserved during VM_SHARED mapping cow (Larry Woodman) [1445184 1385473]", "edition": 5, "reporter": "Tenable", "published": "2017-06-30T00:00:00", "title": "Oracle Linux 7 : kernel (ELSA-2017-1615-1) (Stack Clash)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Oracle Linux Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-1000364", "CVE-2017-7477"], "modified": "2017-10-06T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:kernel-tools", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-tools-libs", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel-abi-whitelists", "p-cpe:/a:oracle:linux:kernel", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-tools-libs-devel", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2017-1615-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101138", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-1615-1.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101138);\n script_version(\"$Revision: 3.3 $\");\n script_cvs_date(\"$Date: 2017/10/06 17:14:34 $\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-2583\", \"CVE-2017-6214\", \"CVE-2017-7477\", \"CVE-2017-7645\", \"CVE-2017-7895\");\n script_xref(name:\"IAVA\", value:\"2017-A-0288\");\n\n script_name(english:\"Oracle Linux 7 : kernel (ELSA-2017-1615-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n- [3.10.0-514.26.1.0.1.el7.OL7]\n- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug \n22552377]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel \n(olkmod_signing_key.x509)(<A HREF='https://oss.oracle.com/mailman/listinfo/el-errata'>alexey.petrenko at oracle.com</A>)\n- Update x509.genkey [bug 24817676]\n\n[3.10.0-514.26.1.el7]\n- [mm] enlarge stack guard gap (Larry Woodman) [1452732 1452733] \n{CVE-2017-1000364}\n- Revert: [md] dm mirror: use all available legs on multiple failures \n(Mike Snitzer) [1449176 1383444]\n\n[3.10.0-514.25.1.el7]\n- [lib] kobject: grab an extra reference on kobject->sd to allow \nduplicate deletes (Aristeu Rozanski) [1454851 1427252]\n- [kernel] module: When modifying a module's text ignore modules which \nare going away too (Aaron Tomlin) [1454684 1386313]\n- [kernel] module: Ensure a module's state is set accordingly during \nmodule coming cleanup code (Aaron Tomlin) [1454684 1386313]\n- [net] vxlan: do not output confusing error message (Jiri Benc) \n[1454636 1445054]\n- [net] vxlan: correctly handle ipv6.disable module parameter (Jiri \nBenc) [1454636 1445054]\n- [iommu] vt-d: fix range computation when making room for large pages \n(Alex Williamson) [1450856 1435612]\n- [fs] nfsd: stricter decoding of write-like NFSv2/v3 ops ('J. Bruce \nFields') [1449282 1443204] {CVE-2017-7895}\n- [fs] nfsd4: minor NFSv2/v3 write decoding cleanup ('J. Bruce Fields') \n[1449282 1443204] {CVE-2017-7895}\n- [md] dm mirror: use all available legs on multiple failures (Mike \nSnitzer) [1449176 1383444]\n- [fs] nfsd: check for oversized NFSv2/v3 arguments ('J. Bruce Fields') \n[1447642 1442407] {CVE-2017-7645}\n- [scsi] ses: don't get power status of SES device slot on probe \n(Gustavo Duarte) [1446650 1434768]\n- [scsi] ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (Steve Best) \n[1446649 1441747]\n- [net] macsec: dynamically allocate space for sglist (Sabrina Dubroca) \n[1445546 1445545] {CVE-2017-7477}\n- [net] macsec: avoid heap overflow in skb_to_sgvec (Sabrina Dubroca) \n[1445546 1445545] {CVE-2017-7477}\n- [fs] gfs2: Allow glocks to be unlocked after withdraw (Robert S \nPeterson) [1433882 1404005]\n- [net] tcp: avoid infinite loop in tcp_splice_read() (Davide Caratti) \n[1430579 1430580] {CVE-2017-6214}\n- [mm] vma_merge: correct false positive from \n__vma_unlink->validate_mm_rb (Andrea Arcangeli) [1428840 1374548]\n- [mm] vma_merge: fix race vm_page_prot race condition against rmap_walk \n(Andrea Arcangeli) [1428840 1374548]\n- [mm] fix use-after-free if memory allocation failed in vma_adjust() \n(Andrea Arcangeli) [1428840 1374548]\n- [x86] kvm: x86: fix emulation of 'MOV SS, null selector' (Radim \nKrcmar) [1414742 1414743] {CVE-2017-2583}\n- [powerpc] prom: Increase minimum RMA size to 512MB (Gustavo Duarte) \n[1450041 1411321]\n- [pci] pciehp: Prioritize data-link event over presence detect (Myron \nStowe) [1450124 1435818]\n- [pci] pciehp: Don't re-read Slot Status when queuing hotplug event \n(Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Process all hotplug events before looking for new ones \n(Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Rename pcie_isr() locals for clarity (Myron Stowe) \n[1450124 1435818]\n\n[3.10.0-514.24.1.el7]\n- [scsi] lpfc: Fix panic on BFS configuration (Maurizio Lombardi) \n[1452044 1443116]\n- [vfio] type1: Reduce repetitive calls in vfio_pin_pages_remote() (Alex \nWilliamson) [1450855 1438403]\n- [vfio] type1: Remove locked page accounting workqueue (Alex \nWilliamson) [1450855 1438403]\n- [fs] nfs: Allow getattr to also report readdirplus cache hits (Dave \nWysochanski) [1450851 1442068]\n- [fs] nfs: Be more targeted about readdirplus use when doing \nlookup/revalidation (Dave Wysochanski) [1450851 1442068]\n- [fs] nfs: Fix a performance regression in readdir (Dave Wysochanski) \n[1450851 1442068]\n- [x86] xen: do not re-use pirq number cached in pci device msi msg data \n(Vitaly Kuznetsov) [1450037 1433831]\n- [powerpc] mm: Add missing global TLB invalidate if cxl is active \n(Steve Best) [1449178 1440776]\n- [powerpc] boot: Fix zImage TOC alignment (Gustavo Duarte) [1444343 \n1395838]\n\n[3.10.0-514.23.1.el7]\n- [scsi] qla2xxx: Defer marking device lost when receiving an RSCN \n(Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Fix typo in driver (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr (Himanshu \nMadhani) [1446246 1436940]\n- [scsi] qla2xxx: Avoid that issuing a LIP triggers a kernel crash \n(Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Add fix to read correct register value for ISP82xx \n(Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Disable the adapter and skip error recovery in case of \nregister disconnect (Himanshu Madhani) [1446246 1436940]\n\n[3.10.0-514.22.1.el7]\n- [mm] hugetlb: don't use reserved during VM_SHARED mapping cow (Larry \nWoodman) [1445184 1385473]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-June/007023.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages. Note that the updated package may\nnot be immediately available from the package repository or its\nmirrors.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/29\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/30\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-abi-whitelists-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-abi-whitelists-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-debug-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-doc-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-doc-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-headers-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_exists(release:\"EL7\", rpm:\"kernel-tools-libs-devel-3.10.0\") && rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.26.1.0.1.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.26.1.0.1.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-13T16:45:26", "references": ["https://access.redhat.com/security/cve/cve-2017-2583", "https://access.redhat.com/security/cve/cve-2017-1000364", "https://access.redhat.com/security/cve/cve-2017-1000379", "https://access.redhat.com/security/cve/cve-2017-6214", "https://access.redhat.com/security/cve/cve-2017-7895", "https://access.redhat.com/security/cve/cve-2017-7645", "https://access.redhat.com/security/cve/cve-2017-7477", "https://access.redhat.com/errata/RHSA-2017:1616"], "pluginID": "101102", "description": "An update for kernel-rt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.\n(CVE-2017-1000364, Important)\n\n* A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature are both used together. A remote user or process could use this flaw to potentially escalate their privilege on a system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server.\nThese encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel, resulting in denial of service. (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest.\n(CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. (CVE-2017-6214, Moderate)\n\nRed Hat would like to thank Qualys Research Labs for reporting CVE-2017-1000364; Ari Kauppi for reporting CVE-2017-7895; and Xiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es) :\n\n* The kernel-rt packages have been upgraded to the 3.10.0-514.25.2 source tree, which provides a number of bug fixes over the previous version. (BZ# 1452742)\n\n* Previously, a local lock acquisition around the ip_send_unicast_reply() function was incorrectly terminated.\nConsequently, a list corruption occurred that led to a kernel panic.\nThis update adds locking functions around calls to ip_send_unicast_reply(). As a result, neither list corruption nor kernel panic occur under the described circumstances. (BZ# 1455239)", "edition": 12, "reporter": "Tenable", "published": "2017-06-29T00:00:00", "title": "RHEL 7 : kernel-rt (RHSA-2017:1616) (Stack Clash)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-1000379", "CVE-2017-6214", "CVE-2017-1000364", "CVE-2017-7477"], "modified": "2018-11-10T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo"], "id": "REDHAT-RHSA-2017-1616.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=101102", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1616. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101102);\n script_version(\"3.9\");\n script_cvs_date(\"Date: 2018/11/10 11:49:56\");\n\n script_cve_id(\"CVE-2017-1000364\", \"CVE-2017-1000379\", \"CVE-2017-2583\", \"CVE-2017-6214\", \"CVE-2017-7477\", \"CVE-2017-7645\", \"CVE-2017-7895\");\n script_xref(name:\"RHSA\", value:\"2017:1616\");\n\n script_name(english:\"RHEL 7 : kernel-rt (RHSA-2017:1616) (Stack Clash)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel-rt is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel-rt packages provide the Real Time Linux Kernel, which\nenables fine-tuning for systems with extremely high determinism\nrequirements.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way memory was being allocated on the stack\nfor user space binaries. If heap (or different memory region) and\nstack memory regions were adjacent to each other, an attacker could\nuse this flaw to jump over the stack guard gap, cause controlled\nmemory corruption on process stack or the adjacent memory region, and\nthus increase their privileges on the system. This is a kernel-side\nmitigation which increases the stack guard gap size from one page to 1\nMiB to make successful exploitation of this issue more difficult.\n(CVE-2017-1000364, Important)\n\n* A flaw was found in the way Linux kernel allocates heap memory to\nbuild the scattergather list from a fragment\nlist(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The\nheap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and\n'NETIF_F_FRAGLIST' feature are both used together. A remote user or\nprocess could use this flaw to potentially escalate their privilege on\na system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server.\nThese encoded arguments are stored in an array of memory pages, and\naccessed using pointer variables. Arbitrarily long arguments could\nmake these pointers point outside the array and cause an out-of-bounds\nmemory access. A remote user or program could use this flaw to crash\nthe kernel, resulting in denial of service. (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel\nthrough 4.10.13 lacked certain checks for the end of a buffer. A\nremote attacker could trigger a pointer-arithmetic error or possibly\ncause other unspecified impacts using crafted requests related to\nfs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* Linux kernel built with the Kernel-based Virtual Machine\n(CONFIG_KVM) support was vulnerable to an incorrect segment\nselector(SS) value error. The error could occur while loading values\ninto the SS register in long mode. A user or process inside a guest\ncould use this flaw to crash the guest, resulting in DoS or\npotentially escalate their privileges inside the guest.\n(CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the\nURG flag. Applications using the splice() and tcp_splice_read()\nfunctionality could allow a remote attacker to force the kernel to\nenter a condition in which it could loop indefinitely. (CVE-2017-6214,\nModerate)\n\nRed Hat would like to thank Qualys Research Labs for reporting\nCVE-2017-1000364; Ari Kauppi for reporting CVE-2017-7895; and Xiaohan\nZhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es) :\n\n* The kernel-rt packages have been upgraded to the 3.10.0-514.25.2\nsource tree, which provides a number of bug fixes over the previous\nversion. (BZ# 1452742)\n\n* Previously, a local lock acquisition around the\nip_send_unicast_reply() function was incorrectly terminated.\nConsequently, a list corruption occurred that led to a kernel panic.\nThis update adds locking functions around calls to\nip_send_unicast_reply(). As a result, neither list corruption nor\nkernel panic occur under the described circumstances. (BZ# 1455239)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2017:1616\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-1000364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-1000379\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-2583\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-6214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7477\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7645\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2017-7895\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1616\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-debuginfo-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-devel-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debug-kvm-debuginfo-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-debuginfo-common-x86_64-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-devel-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", reference:\"kernel-rt-doc-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-kvm-debuginfo-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-debuginfo-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-devel-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-kvm-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"kernel-rt-trace-kvm-debuginfo-3.10.0-514.26.1.rt56.442.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-rt / kernel-rt-debug / kernel-rt-debug-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:01:33", "references": ["http://www.nessus.org/u?d24288bf"], "pluginID": "99392", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug:\n 25698171]\n\n - ksplice: add sysctls for determining Ksplice features.\n (Jamie Iles) \n\n - signal: protect SIGNAL_UNKILLABLE from unintentional clearing. (Jamie Iles) [Orabug: 25698171]\n\n - KVM: x86: fix emulation of 'MOV SS, null selector' (Paolo Bonzini) [Orabug: 25719659] (CVE-2017-2583) (CVE-2017-2583)\n\n - ext4: store checksum seed in superblock (Darrick J.\n Wong) [Orabug: 25719728] (CVE-2016-10208)\n\n - ext4: reserve code points for the project quota feature (Theodore Ts'o) [Orabug: 25719728] (CVE-2016-10208)\n\n - ext4: validate s_first_meta_bg at mount time (Eryu Guan) [Orabug: 25719728] (CVE-2016-10208)\n\n - ext4: clean up feature test macros with predicate functions (Darrick J. Wong) [Orabug: 25719728] (CVE-2016-10208)\n\n - sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo Ricardo Leitner) [Orabug: 25719793] (CVE-2017-5986)\n\n - tcp: avoid infinite loop in tcp_splice_read (Eric Dumazet) [Orabug: 25720805] (CVE-2017-6214)\n\n - ip: fix IP_CHECKSUM handling (Paolo Abeni) [Orabug:\n 25720839] (CVE-2017-6347)\n\n - udp: fix IP_CHECKSUM handling (Eric Dumazet) [Orabug:\n 25720839] (CVE-2017-6347)\n\n - udp: do not expect udp headers in recv cmsg IP_CMSG_CHECKSUM (Willem de Bruijn) [Orabug: 25720839] (CVE-2017-6347)\n\n - xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Andy Whitcroft) [Orabug: 25814641] (CVE-2017-7184)\n\n - xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Andy Whitcroft) [Orabug: 25814641] (CVE-2017-7184)\n\n - block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877509] (CVE-2016-7910)", "edition": 5, "reporter": "Tenable", "published": "2017-04-14T00:00:00", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0062)", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "OracleVM Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10208", "CVE-2017-7184", "CVE-2016-7910", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-5986", "CVE-2017-6347"], "modified": "2018-07-24T00:00:00", "cpe": ["cpe:/o:oracle:vm_server:3.4", "p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware"], "id": "ORACLEVM_OVMSA-2017-0062.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=99392", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2017-0062.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(99392);\n script_version(\"3.2\");\n script_cvs_date(\"Date: 2018/07/24 18:56:11\");\n\n script_cve_id(\"CVE-2016-10208\", \"CVE-2016-7910\", \"CVE-2017-2583\", \"CVE-2017-5986\", \"CVE-2017-6214\", \"CVE-2017-6347\", \"CVE-2017-7184\");\n\n script_name(english:\"OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0062)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug:\n 25698171]\n\n - ksplice: add sysctls for determining Ksplice features.\n (Jamie Iles) \n\n - signal: protect SIGNAL_UNKILLABLE from unintentional\n clearing. (Jamie Iles) [Orabug: 25698171]\n\n - KVM: x86: fix emulation of 'MOV SS, null selector'\n (Paolo Bonzini) [Orabug: 25719659] (CVE-2017-2583)\n (CVE-2017-2583)\n\n - ext4: store checksum seed in superblock (Darrick J.\n Wong) [Orabug: 25719728] (CVE-2016-10208)\n\n - ext4: reserve code points for the project quota feature\n (Theodore Ts'o) [Orabug: 25719728] (CVE-2016-10208)\n\n - ext4: validate s_first_meta_bg at mount time (Eryu Guan)\n [Orabug: 25719728] (CVE-2016-10208)\n\n - ext4: clean up feature test macros with predicate\n functions (Darrick J. Wong) [Orabug: 25719728]\n (CVE-2016-10208)\n\n - sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo\n Ricardo Leitner) [Orabug: 25719793] (CVE-2017-5986)\n\n - tcp: avoid infinite loop in tcp_splice_read (Eric\n Dumazet) [Orabug: 25720805] (CVE-2017-6214)\n\n - ip: fix IP_CHECKSUM handling (Paolo Abeni) [Orabug:\n 25720839] (CVE-2017-6347)\n\n - udp: fix IP_CHECKSUM handling (Eric Dumazet) [Orabug:\n 25720839] (CVE-2017-6347)\n\n - udp: do not expect udp headers in recv cmsg\n IP_CMSG_CHECKSUM (Willem de Bruijn) [Orabug: 25720839]\n (CVE-2017-6347)\n\n - xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size\n harder (Andy Whitcroft) [Orabug: 25814641]\n (CVE-2017-7184)\n\n - xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL\n replay_window (Andy Whitcroft) [Orabug: 25814641]\n (CVE-2017-7184)\n\n - block: fix use-after-free in seq file (Vegard Nossum)\n [Orabug: 25877509] (CVE-2016-7910)\"\n );\n # https://oss.oracle.com/pipermail/oraclevm-errata/2017-April/000678.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d24288bf\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/04/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2018 Tenable Network Security, Inc.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! ereg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-4.1.12-61.1.34.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-firmware-4.1.12-61.1.34.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-09-01T23:40:36", "references": ["2017-18ce368ba3", "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUP3VSS5T3CHVQKRLRAY7DBGZG3GODOT"], "pluginID": "1361412562310872292", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-01-24T00:00:00", "title": "Fedora Update for kernel FEDORA-2017-18ce368ba3", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Fedora Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-2583"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310872292", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872292", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2017-18ce368ba3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872292\");\n script_version(\"$Revision: 6634 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 09:32:24 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-01-24 10:21:36 +0100 (Tue, 24 Jan 2017)\");\n script_cve_id(\"CVE-2017-2583\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for kernel FEDORA-2017-18ce368ba3\");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel meta package\n\");\n script_tag(name: \"affected\", value: \"kernel on Fedora 24\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"FEDORA\", value: \"2017-18ce368ba3\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUP3VSS5T3CHVQKRLRAY7DBGZG3GODOT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.9.5~100.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.6, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:44:06", "references": ["http://lists.centos.org/pipermail/centos-announce/2017-June/022489.html", "2017:1615"], "pluginID": "1361412562310882747", "description": "Check the version of kernel", "edition": 4, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-06-30T00:00:00", "title": "CentOS Update for kernel CESA-2017:1615 centos7 ", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "CentOS Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:1361412562310882747", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882747", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2017:1615 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882747\");\n script_version(\"$Revision: 6659 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:52:22 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-30 05:12:15 +0200 (Fri, 30 Jun 2017)\");\n script_cve_id(\"CVE-2017-2583\", \"CVE-2017-6214\", \"CVE-2017-7477\", \"CVE-2017-7645\", \"CVE-2017-7895\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for kernel CESA-2017:1615 centos7 \");\n script_tag(name: \"summary\", value: \"Check the version of kernel\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help \nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"The kernel packages contain the Linux \nkernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way Linux kernel allocates heap memory to build\nthe scattergather list from a fragment list(skb_shinfo(skb)- frag_list) in\nthe socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS +\n1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A\nremote user or process could use this flaw to potentially escalate their\nprivilege on a system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server. These\nencoded arguments are stored in an array of memory pages, and accessed\nusing pointer variables. Arbitrarily long arguments could make these\npointers point outside the array and cause an out-of-bounds memory access.\nA remote user or program could use this flaw to crash the kernel (denial of\nservice). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel through\n4.10.13 lacked certain checks for the end of a buffer. A remote attacker\ncould trigger a pointer-arithmetic error or possibly cause other\nunspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and\nfs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM)\nsupport was vulnerable to an incorrect segment selector(SS) value error.\nThe error could occur while loading values into the SS register in long\nmode. A user or process inside a guest could use this flaw to crash the\nguest, resulting in DoS or potentially escalate their privileges inside the\nguest. (CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the URG\nflag. Applications using the splice() and tcp_splice_read() functionality\ncould allow a remote attacker to force the kernel to enter a condition in\nwhich it could loop indefinitely. (CVE-2017-6214, Moderate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and\nXiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es):\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger than\nthe total-pages counter (HugePages_Total) in the /proc/meminfo file, and\nHugePages_Rsvd underflowed. With this update, the HugeTLB feature of the\nLinux kernel has been fixed, and HugePages_Rsvd underflow no longer occurs.\n(BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the NFS\nclient could restart the directory listing multiple times. Consequently,\nthe performance of listing the directory was sub-optimal. With this update,\nthe restarting of the di ... \n\n Description truncated, for more information please check the Reference URL\");\n script_tag(name: \"affected\", value: \"kernel on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n\n script_xref(name: \"CESA\", value: \"2017:1615\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2017-June/022489.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~514.26.1.el7\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-23T15:07:26", "references": ["2017:1615-01", "https://www.redhat.com/archives/rhsa-announce/2017-June/msg00060.html"], "pluginID": "1361412562310871838", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-06-29T00:00:00", "title": "RedHat Update for kernel RHSA-2017:1615-01", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Red Hat Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310871838", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871838", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2017:1615-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871838\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-06-29 05:10:09 +0200 (Thu, 29 Jun 2017)\");\n script_cve_id(\"CVE-2017-2583\", \"CVE-2017-6214\", \"CVE-2017-7477\", \"CVE-2017-7645\",\n \"CVE-2017-7895\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for kernel RHSA-2017:1615-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux\n kernel, the core of any Linux operating system. Security Fix(es): * A flaw was\n found in the way Linux kernel allocates heap memory to build the scattergather\n list from a fragment list(skb_shinfo(skb)- frag_list) in the socket\n buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter\n and 'NETIF_F_FRAGLIST' feature were used together. A remote user or process\n could use this flaw to potentially escalate their privilege on a system.\n (CVE-2017-7477, Important) * The NFS2/3 RPC client could send long arguments to\n the NFS server. These encoded arguments are stored in an array of memory pages,\n and accessed using pointer variables. Arbitrarily long arguments could make\n these pointers point outside the array and cause an out-of-bounds memory access.\n A remote user or program could use this flaw to crash the kernel (denial of\n service). (CVE-2017-7645, Important) * The NFSv2 and NFSv3 server\n implementations in the Linux kernel through 4.10.13 lacked certain checks for\n the end of a buffer. A remote attacker could trigger a pointer-arithmetic error\n or possibly cause other unspecified impacts using crafted requests related to\n fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important) * The Linux\n kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was\n vulnerable to an incorrect segment selector(SS) value error. The error could\n occur while loading values into the SS register in long mode. A user or process\n inside a guest could use this flaw to crash the guest, resulting in DoS or\n potentially escalate their privileges inside the guest. (CVE-2017-2583,\n Moderate) * A flaw was found in the Linux kernel's handling of packets with the\n URG flag. Applications using the splice() and tcp_splice_read() functionality\n could allow a remote attacker to force the kernel to enter a condition in which\n it could loop indefinitely. (CVE-2017-6214, Moderate) Red Hat would like to\n thank Ari Kauppi for reporting CVE-2017-7895 and Xiaohan Zhang (Huawei Inc.) for\n reporting CVE-2017-2583. Bug Fix(es): * Previously, the reserved-pages counter\n (HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in\n the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the\n HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow\n no longer occurs. (BZ#1445184) * If a directory on a NFS client was modified\n while being listed, the NFS client could restart the directory listing multiple\n times. Consequently, the performance of listing the directory was sub-optimal.\n With this up ... Description truncated, for more information please check the\n Reference URL\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Server (v. 7)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"RHSA\", value:\"2017:1615-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2017-June/msg00060.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_7\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_7\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-abi-whitelists\", rpm:\"kernel-abi-whitelists~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-debuginfo\", rpm:\"kernel-tools-debuginfo~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf-debuginfo\", rpm:\"python-perf-debuginfo~3.10.0~514.26.1.el7\", rls:\"RHENT_7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T12:57:26", "references": ["http://www.ubuntu.com/usn/usn-3208-2/", "3208-2"], "pluginID": "1361412562310843062", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-02-22T00:00:00", "title": "Ubuntu Update for linux-lts-xenial USN-3208-2", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2016-10088", "CVE-2017-2583", "CVE-2016-9588", "CVE-2017-5549"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310843062", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843062", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-xenial USN-3208-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843062\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-22 15:14:53 +0100 (Wed, 22 Feb 2017)\");\n script_cve_id(\"CVE-2016-10088\", \"CVE-2016-9191\", \"CVE-2016-9588\", \"CVE-2017-2583\",\n \"CVE-2017-2584\", \"CVE-2017-5549\", \"CVE-2017-6074\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-xenial USN-3208-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-xenial'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nIt was discovered that the generic SCSI block layer in the Linux kernel did\nnot properly restrict write operations in certain situations. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain administrative privileges. (CVE-2016-10088)\n\nCAI Qian discovered that the sysctl implementation in the Linux kernel did\nnot properly perform reference counting in some situations. An unprivileged\nattacker could use this to cause a denial of service (system hang).\n(CVE-2016-9191)\n\nJim Mattson discovered that the KVM implementation in the Linux kernel\nmismanages the #BP and #OF exceptions. A local attacker in a guest virtual\nmachine could use this to cause a denial of service (guest OS crash).\n(CVE-2016-9588)\n\nAndy Lutomirski and Willy Tarreau discovered that the KVM implementation in\nthe Linux kernel did not properly emulate instructions on the SS segment\nregister. A local attacker in a guest virtual machine could use this to\ncause a denial of service (guest OS crash) or possibly gain administrative\nprivileges in the guest OS. (CVE-2017-2583)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel\nimproperly emulated certain instructions. A local attacker could use this\nto obtain sensitive information (kernel memory). (CVE-2017-2584)\n\nIt was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in\nthe Linux kernel did not properly initialize memory related to logging. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2017-5549)\n\nAndrey Konovalov discovered a use-after-free vulnerability in the DCCP\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly gain administrative\nprivileges. (CVE-2017-6074)\");\n script_tag(name:\"affected\", value:\"linux-lts-xenial on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3208-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3208-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-generic\", ver:\"4.4.0-64.85~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-generic-lpae\", ver:\"4.4.0-64.85~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-lowlatency\", ver:\"4.4.0-64.85~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-powerpc-e500mc\", ver:\"4.4.0-64.85~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-powerpc-smp\", ver:\"4.4.0-64.85~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-powerpc64-emb\", ver:\"4.4.0-64.85~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-powerpc64-smp\", ver:\"4.4.0-64.85~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-xenial\", ver:\"4.4.0.64.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-xenial\", ver:\"4.4.0.64.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-lts-xenial\", ver:\"4.4.0.64.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc-lts-xenial\", ver:\"4.4.0.64.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp-lts-xenial\", ver:\"4.4.0.64.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb-lts-xenial\", ver:\"4.4.0.64.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp-lts-xenial\", ver:\"4.4.0.64.50\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T12:58:09", "references": ["3208-1", "http://www.ubuntu.com/usn/usn-3208-1/"], "pluginID": "1361412562310843061", "description": "The remote host is missing an update for the ", "edition": 7, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-02-22T00:00:00", "title": "Ubuntu Update for linux USN-3208-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2016-10088", "CVE-2017-2583", "CVE-2016-9588", "CVE-2017-5549"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310843061", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843061", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3208-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843061\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-22 15:14:45 +0100 (Wed, 22 Feb 2017)\");\n script_cve_id(\"CVE-2016-10088\", \"CVE-2016-9191\", \"CVE-2016-9588\", \"CVE-2017-2583\",\n \"CVE-2017-2584\", \"CVE-2017-5549\", \"CVE-2017-6074\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3208-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the generic SCSI block layer in the Linux kernel did\nnot properly restrict write operations in certain situations. A local\nattacker could use this to cause a denial of service (system crash) or\npossibly gain administrative privileges. (CVE-2016-10088)\n\nCAI Qian discovered that the sysctl implementation in the Linux kernel did\nnot properly perform reference counting in some situations. An unprivileged\nattacker could use this to cause a denial of service (system hang).\n(CVE-2016-9191)\n\nJim Mattson discovered that the KVM implementation in the Linux kernel\nmismanages the #BP and #OF exceptions. A local attacker in a guest virtual\nmachine could use this to cause a denial of service (guest OS crash).\n(CVE-2016-9588)\n\nAndy Lutomirski and Willy Tarreau discovered that the KVM implementation in\nthe Linux kernel did not properly emulate instructions on the SS segment\nregister. A local attacker in a guest virtual machine could use this to\ncause a denial of service (guest OS crash) or possibly gain administrative\nprivileges in the guest OS. (CVE-2017-2583)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel\nimproperly emulated certain instructions. A local attacker could use this\nto obtain sensitive information (kernel memory). (CVE-2017-2584)\n\nIt was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in\nthe Linux kernel did not properly initialize memory related to logging. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2017-5549)\n\nAndrey Konovalov discovered a use-after-free vulnerability in the DCCP\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash) or possibly gain administrative\nprivileges. (CVE-2017-6074)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3208-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3208-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1048-snapdragon\", ver:\"4.4.0-1048.52\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-generic\", ver:\"4.4.0-64.85\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-generic-lpae\", ver:\"4.4.0-64.85\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-lowlatency\", ver:\"4.4.0-64.85\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-powerpc-e500mc\", ver:\"4.4.0-64.85\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-powerpc-smp\", ver:\"4.4.0-64.85\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-powerpc64-emb\", ver:\"4.4.0-64.85\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-64-powerpc64-smp\", ver:\"4.4.0-64.85\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.64.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.64.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.64.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.64.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.64.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.64.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.64.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1048.40\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T12:57:45", "references": ["2017:0456_1"], "pluginID": "1361412562310851506", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-02-22T00:00:00", "title": "SuSE Update for the openSUSE-SU-2017:0456-1 (Linux Kernel)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-5576", "CVE-2016-9806", "CVE-2017-2584", "CVE-2016-7117", "CVE-2016-9793", "CVE-2017-5577", "CVE-2017-5551", "CVE-2017-2583", "CVE-2016-9919", "CVE-2015-8709", "CVE-2016-8645"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310851506", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851506", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2017_0456_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for Linux Kernel openSUSE-SU-2017:0456-1 (Linux Kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851506\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-02-22 15:16:41 +0100 (Wed, 22 Feb 2017)\");\n script_cve_id(\"CVE-2015-8709\", \"CVE-2016-7117\", \"CVE-2016-8645\", \"CVE-2016-9793\",\n \"CVE-2016-9806\", \"CVE-2016-9919\", \"CVE-2017-2583\", \"CVE-2017-2584\",\n \"CVE-2017-5551\", \"CVE-2017-5576\", \"CVE-2017-5577\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for the openSUSE-SU-2017:0456-1 (Linux Kernel)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'Linux Kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The openSUSE 42.2 kernel was updated to\n 4.4.42 stable release.\n\n The following security bugs were fixed:\n\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n is mishandled during error processing (bnc#1003077 1003253).\n\n - CVE-2017-5576, CVE-2017-5577: A buffer overflow in the VC4_SUBMIT_CL\n IOCTL in the VideoCore DRM driver for Raspberry Pi was fixed.\n (bsc#1021294)\n\n - CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set\n setgid bits on files they don't down. (bsc#1021258).\n\n - CVE-2017-2583: A Linux kernel built with the Kernel-based Virtual\n Machine (CONFIG_KVM) support was vulnerable to an incorrect segment\n selector(SS) value error. A user/process inside guest could have used\n this flaw to crash the guest resulting in DoS or potentially escalate\n their privileges inside guest. (bsc#1020602).\n\n - CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local\n users to obtain sensitive information from kernel memory or cause a\n denial of service (use-after-free) via a crafted application that\n leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt\n (bnc#1019851).\n\n - CVE-2015-8709: ** DISPUTED ** kernel/ptrace.c in the Linux kernel\n mishandled uid and gid mappings, which allowed local users to gain\n privileges by establishing a user namespace, waiting for a root process\n to enter that namespace with an unsafe uid or gid, and then using the\n ptrace system call. NOTE: the vendor states 'there is no kernel bug\n here (bnc#959709 bsc#960561).\n\n - CVE-2016-9806: Race condition in the netlink_dump function in\n net/netlink/af_netlink.c in the Linux kernel allowed local users to\n cause a denial of service (double free) or possibly have unspecified\n other impact via a crafted application that made sendmsg system calls,\n leading to a free operation associated with a new dump that started\n earlier than anticipated (bnc#1013540 1017589).\n\n - CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb\n truncation, which allowed local users to cause a denial of service\n (system crash) via a crafted application that made sendto system calls,\n related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c (bnc#1009969).\n\n - CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the\n Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf,\n which allowed local users to cause a denial of service (memory\n corruption and system crash) or possibly hav ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"Linux Kernel on openSUSE Leap 42.2\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:0456_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.2\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSELeap42.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base\", rpm:\"kernel-vanilla-base~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-base-debuginfo\", rpm:\"kernel-vanilla-base-debuginfo~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.4.46~11.3\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.4.46~11.3\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.4.46~11.3\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.4.46~11.1\", rls:\"openSUSELeap42.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:57:34", "references": ["http://www.debian.org/security/2017/dsa-3791.html"], "pluginID": "703791", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-6786 / CVE-2016-6787It was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3CVE-2016-8405 \nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2016-9191 \nCAI Qian discovered that reference counting is not properly handled\nwithin proc_sys_readdir in the sysctl implementation, allowing a\nlocal denial of service (system hang) or possibly privilege\nescalation.\n\nCVE-2017-2583 \nXiaohan Zhang reported that KVM for amd64 does not correctly\nemulate loading of a null stack selector. This can be used by a\nuser in a guest VM for denial of service (on an Intel CPU) or to\nescalate privileges within the VM (on an AMD CPU).\n\nCVE-2017-2584 \nDmitry Vyukov reported that KVM for x86 does not correctly emulate\nmemory access by the SGDT and SIDT instructions, which can result\nin a use-after-free and information leak.\n\nCVE-2017-2596 \nDmitry Vyukov reported that KVM leaks page references when\nemulating a VMON for a nested hypervisor. This can be used by a\nprivileged user in a guest VM for denial of service or possibly\nto gain privileges in the host.\n\nCVE-2017-2618 \nIt was discovered that an off-by-one in the handling of SELinux\nattributes in /proc/pid/attr could result in local denial of\nservice.\n\nCVE-2017-5549 \nIt was discovered that the KLSI KL5KUSB105 serial USB device\ndriver could log the contents of uninitialised kernel memory,\nresulting in an information leak.\n\nCVE-2017-5551 \nJan Kara found that changing the POSIX ACL of a file on tmpfs never\ncleared its set-group-ID flag, which should be done if the user\nchanging it is not a member of the group-owner. In some cases, this\nwould allow the user-owner of an executable to gain the privileges\nof the group-owner.\n\nCVE-2017-5897 \nAndrey Konovalov discovered an out-of-bounds read flaw in the\nip6gre_err function in the IPv6 networking code.\n\nCVE-2017-5970 \nAndrey Konovalov discovered a denial-of-service flaw in the IPv4\nnetworking code. This can be triggered by a local or remote\nattacker if a local UDP or raw socket has the IP_RETOPTS option\nenabled.\n\nCVE-2017-6001Di Shen discovered a race condition between concurrent calls to\nthe performance events subsystem, allowing a local attacker to\nescalate privileges. This flaw exists because of an incomplete fix\nof CVE-2016-6786.\nThis can be mitigated by disabling unprivileged use of performance\nevents: sysctl kernel.perf_event_paranoid=3CVE-2017-6074Andrey Konovalov discovered a use-after-free vulnerability in the\nDCCP networking code, which could result in denial of service or\nlocal privilege escalation. On systems that do not already have\nthe dccp module loaded, this can be mitigated by disabling it:\necho>> /etc/modprobe.d/disable-dccp.conf install dccp false", "edition": 2, "reporter": "Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net", "published": "2017-02-22T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "Debian Security Advisory DSA 3791-1 (linux - security update)", "type": "openvas", "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6787", "CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2017-6001", "CVE-2017-5970", "CVE-2017-5551", "CVE-2017-2583", "CVE-2016-8405", "CVE-2017-2596", "CVE-2016-6786", "CVE-2017-2618", "CVE-2017-5897", "CVE-2017-5549"], "modified": "2017-07-07T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703791", "id": "OPENVAS:703791", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3791.nasl 6607 2017-07-07 12:04:25Z cfischer $\n# Auto-generated from advisory DSA 3791-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703791);\n script_version(\"$Revision: 6607 $\");\n script_cve_id(\"CVE-2016-6786\", \"CVE-2016-6787\", \"CVE-2016-8405\", \"CVE-2016-9191\", \"CVE-2017-2583\", \"CVE-2017-2584\", \"CVE-2017-2596\", \"CVE-2017-2618\", \"CVE-2017-5549\", \"CVE-2017-5551\", \"CVE-2017-5897\", \"CVE-2017-5970\", \"CVE-2017-6001\", \"CVE-2017-6074\");\n script_name(\"Debian Security Advisory DSA 3791-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:04:25 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2017-02-22 00:00:00 +0100 (Wed, 22 Feb 2017)\");\n script_tag(name: \"cvss_base\", value: \"10.0\");\n script_tag(name: \"cvss_base_vector\", value: \"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3791.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"linux on Debian Linux\");\n script_tag(name: \"insight\", value: \"The Linux kernel is the core of the Linux operating system.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 3.16.39-1+deb8u1.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-6786 / CVE-2016-6787It was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3CVE-2016-8405 \nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2016-9191 \nCAI Qian discovered that reference counting is not properly handled\nwithin proc_sys_readdir in the sysctl implementation, allowing a\nlocal denial of service (system hang) or possibly privilege\nescalation.\n\nCVE-2017-2583 \nXiaohan Zhang reported that KVM for amd64 does not correctly\nemulate loading of a null stack selector. This can be used by a\nuser in a guest VM for denial of service (on an Intel CPU) or to\nescalate privileges within the VM (on an AMD CPU).\n\nCVE-2017-2584 \nDmitry Vyukov reported that KVM for x86 does not correctly emulate\nmemory access by the SGDT and SIDT instructions, which can result\nin a use-after-free and information leak.\n\nCVE-2017-2596 \nDmitry Vyukov reported that KVM leaks page references when\nemulating a VMON for a nested hypervisor. This can be used by a\nprivileged user in a guest VM for denial of service or possibly\nto gain privileges in the host.\n\nCVE-2017-2618 \nIt was discovered that an off-by-one in the handling of SELinux\nattributes in /proc/pid/attr could result in local denial of\nservice.\n\nCVE-2017-5549 \nIt was discovered that the KLSI KL5KUSB105 serial USB device\ndriver could log the contents of uninitialised kernel memory,\nresulting in an information leak.\n\nCVE-2017-5551 \nJan Kara found that changing the POSIX ACL of a file on tmpfs never\ncleared its set-group-ID flag, which should be done if the user\nchanging it is not a member of the group-owner. In some cases, this\nwould allow the user-owner of an executable to gain the privileges\nof the group-owner.\n\nCVE-2017-5897 \nAndrey Konovalov discovered an out-of-bounds read flaw in the\nip6gre_err function in the IPv6 networking code.\n\nCVE-2017-5970 \nAndrey Konovalov discovered a denial-of-service flaw in the IPv4\nnetworking code. This can be triggered by a local or remote\nattacker if a local UDP or raw socket has the IP_RETOPTS option\nenabled.\n\nCVE-2017-6001Di Shen discovered a race condition between concurrent calls to\nthe performance events subsystem, allowing a local attacker to\nescalate privileges. This flaw exists because of an incomplete fix\nof CVE-2016-6786.\nThis can be mitigated by disabling unprivileged use of performance\nevents: sysctl kernel.perf_event_paranoid=3CVE-2017-6074Andrey Konovalov discovered a use-after-free vulnerability in the\nDCCP networking code, which could result in denial of service or\nlocal privilege escalation. On systems that do not already have\nthe dccp module loaded, this can be mitigated by disabling it:\necho>> /etc/modprobe.d/disable-dccp.conf install dccp false\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-s390\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mips\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mipsel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-ppc64el\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2e\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-3\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc-smp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64le\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2e\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-3\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc-smp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64le\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T12:58:00", "references": ["2017:0906_1"], "pluginID": "1361412562310851529", "description": "The remote host is missing an update for the ", "edition": 8, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-04-02T00:00:00", "title": "SuSE Update for Kernel openSUSE-SU-2017:0906-1 (Kernel)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "SuSE Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10208", "CVE-2017-7184", "CVE-2017-2584", "CVE-2016-10200", "CVE-2017-2636", "CVE-2017-6348", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-6345", "CVE-2017-5669", "CVE-2017-5986", "CVE-2017-6346", "CVE-2017-2596", "CVE-2017-6353", "CVE-2016-2117", "CVE-2017-6347"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310851529", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310851529", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_suse_2017_0906_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# SuSE Update for Kernel openSUSE-SU-2017:0906-1 (Kernel)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.851529\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-04-02 06:31:35 +0200 (Sun, 02 Apr 2017)\");\n script_cve_id(\"CVE-2016-10200\", \"CVE-2016-10208\", \"CVE-2016-2117\", \"CVE-2017-2583\",\n \"CVE-2017-2584\", \"CVE-2017-2596\", \"CVE-2017-2636\", \"CVE-2017-5669\",\n \"CVE-2017-6214\", \"CVE-2017-6345\", \"CVE-2017-6346\", \"CVE-2017-6347\",\n \"CVE-2017-6348\", \"CVE-2017-6353\", \"CVE-2017-7184\", \"CVE-2017-5986\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SuSE Update for Kernel openSUSE-SU-2017:0906-1 (Kernel)\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'the Kernel'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Still left to do:\n\n - Check CVE descriptions. They need to be written in the past tense. They\n are processed automatically, THERE CAN BE ERRORS IN THERE!\n\n - Remove version numbers from the CVE descriptions\n\n - Check the capitalization of the subsystems, then sort again\n\n - For each CVE: Check the corresponding bug if everything is okay\n\n - If you remove CVEs or bugs: Do not forget to change the meta information\n\n - Determine which of the bugs after the CVE lines is the right one\n\n ======================================================================\n\n The openSUSE Leap 42.1 kernel was updated to 4.1.39 to receive various\n security and bugfixes.\n\n The following security bugs were fixed:\n\n - CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel\n did not restrict the address calculated by a certain rounding operation,\n which allowed local users to map page zero, and consequently bypass a\n protection mechanism that exists for the mmap system call, by making\n crafted shmget and shmat system calls in a privileged context\n (bnc#1026914).\n\n - CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the\n Linux kernel improperly manages lock dropping, which allowed local users\n to cause a denial of service (deadlock) via crafted operations on IrDA\n devices (bnc#1027178).\n\n - CVE-2017-7184: The xfrm_replay_verify_len function in\n net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size\n data after an XFRM_MSG_NEWAE update, which allowed local users to obtain\n root privileges or cause a denial of service (heap-based out-of-bounds\n access) by leveraging the CAP_NET_ADMIN capability, as demonstrated\n during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10\n linux-image-* package 4.8.0.41.52 (bnc#1030573).\n\n - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in\n the Linux kernel allowed local users to gain privileges or cause a\n denial of service (use-after-free) by making multiple bind system calls\n without properly ascertaining whether a socket has the SOCK_ZAPPED\n status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c\n (bnc#1028415).\n\n - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux\n kernel allowed local users to gain privileges or cause a denial of\n service (double free) by setting the HDLC line discipline (bnc#1027565).\n\n - CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that\n a certain destructor exists in required circumstances, which allowed\n local users to cause a denial ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"affected\", value:\"Kernel on openSUSE Leap 42.1\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2017:0906_1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.1\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\nres = \"\";\n\nif(release == \"openSUSELeap42.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base\", rpm:\"kernel-default-base~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-base-debuginfo\", rpm:\"kernel-default-base-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debuginfo\", rpm:\"kernel-default-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-debugsource\", rpm:\"kernel-default-debugsource~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-default-devel\", rpm:\"kernel-default-devel~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-obs-build\", rpm:\"kernel-obs-build~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-obs-build-debugsource\", rpm:\"kernel-obs-build-debugsource~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-obs-qa\", rpm:\"kernel-obs-qa~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base\", rpm:\"kernel-debug-base~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-base-debuginfo\", rpm:\"kernel-debug-base-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debugsource\", rpm:\"kernel-debug-debugsource~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel-debuginfo\", rpm:\"kernel-debug-devel-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2\", rpm:\"kernel-ec2~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base\", rpm:\"kernel-ec2-base~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-base-debuginfo\", rpm:\"kernel-ec2-base-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-debuginfo\", rpm:\"kernel-ec2-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-debugsource\", rpm:\"kernel-ec2-debugsource~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-ec2-devel\", rpm:\"kernel-ec2-devel~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pv\", rpm:\"kernel-pv~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pv-base\", rpm:\"kernel-pv-base~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pv-base-debuginfo\", rpm:\"kernel-pv-base-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pv-debuginfo\", rpm:\"kernel-pv-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pv-debugsource\", rpm:\"kernel-pv-debugsource~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pv-devel\", rpm:\"kernel-pv-devel~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla\", rpm:\"kernel-vanilla~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debuginfo\", rpm:\"kernel-vanilla-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-debugsource\", rpm:\"kernel-vanilla-debugsource~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-vanilla-devel\", rpm:\"kernel-vanilla-devel~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base\", rpm:\"kernel-xen-base~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-base-debuginfo\", rpm:\"kernel-xen-base-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debuginfo\", rpm:\"kernel-xen-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-debugsource\", rpm:\"kernel-xen-debugsource~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-xen-devel\", rpm:\"kernel-xen-devel~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-docs\", rpm:\"kernel-docs~4.1.39~53.2\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-docs-html\", rpm:\"kernel-docs-html~4.1.39~53.2\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-docs-pdf\", rpm:\"kernel-docs-pdf~4.1.39~53.2\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-macros\", rpm:\"kernel-macros~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-source-vanilla\", rpm:\"kernel-source-vanilla~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae\", rpm:\"kernel-pae~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base\", rpm:\"kernel-pae-base~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-base-debuginfo\", rpm:\"kernel-pae-base-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-debuginfo\", rpm:\"kernel-pae-debuginfo~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-debugsource\", rpm:\"kernel-pae-debugsource~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-pae-devel\", rpm:\"kernel-pae-devel~4.1.39~53.1\", rls:\"openSUSELeap42.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-26T14:15:54", "references": ["http://www.debian.org/security/2017/dsa-3791.html"], "pluginID": "1361412562310703791", "description": "Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-6786 / CVE-2016-6787It was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3CVE-2016-8405 \nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2016-9191 \nCAI Qian discovered that reference counting is not properly handled\nwithin proc_sys_readdir in the sysctl implementation, allowing a\nlocal denial of service (system hang) or possibly privilege\nescalation.\n\nCVE-2017-2583 \nXiaohan Zhang reported that KVM for amd64 does not correctly\nemulate loading of a null stack selector. This can be used by a\nuser in a guest VM for denial of service (on an Intel CPU) or to\nescalate privileges within the VM (on an AMD CPU).\n\nCVE-2017-2584 \nDmitry Vyukov reported that KVM for x86 does not correctly emulate\nmemory access by the SGDT and SIDT instructions, which can result\nin a use-after-free and information leak.\n\nCVE-2017-2596 \nDmitry Vyukov reported that KVM leaks page references when\nemulating a VMON for a nested hypervisor. This can be used by a\nprivileged user in a guest VM for denial of service or possibly\nto gain privileges in the host.\n\nCVE-2017-2618 \nIt was discovered that an off-by-one in the handling of SELinux\nattributes in /proc/pid/attr could result in local denial of\nservice.\n\nCVE-2017-5549 \nIt was discovered that the KLSI KL5KUSB105 serial USB device\ndriver could log the contents of uninitialised kernel memory,\nresulting in an information leak.\n\nCVE-2017-5551 \nJan Kara found that changing the POSIX ACL of a file on tmpfs never\ncleared its set-group-ID flag, which should be done if the user\nchanging it is not a member of the group-owner. In some cases, this\nwould allow the user-owner of an executable to gain the privileges\nof the group-owner.\n\nCVE-2017-5897 \nAndrey Konovalov discovered an out-of-bounds read flaw in the\nip6gre_err function in the IPv6 networking code.\n\nCVE-2017-5970 \nAndrey Konovalov discovered a denial-of-service flaw in the IPv4\nnetworking code. This can be triggered by a local or remote\nattacker if a local UDP or raw socket has the IP_RETOPTS option\nenabled.\n\nCVE-2017-6001Di Shen discovered a race condition between concurrent calls to\nthe performance events subsystem, allowing a local attacker to\nescalate privileges. This flaw exists because of an incomplete fix\nof CVE-2016-6786.\nThis can be mitigated by disabling unprivileged use of performance\nevents: sysctl kernel.perf_event_paranoid=3CVE-2017-6074Andrey Konovalov discovered a use-after-free vulnerability in the\nDCCP networking code, which could result in denial of service or\nlocal privilege escalation. On systems that do not already have\nthe dccp module loaded, this can be mitigated by disabling it:\necho>> /etc/modprobe.d/disable-dccp.conf install dccp false", "edition": 4, "reporter": "Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net", "published": "2017-02-22T00:00:00", "title": "Debian Security Advisory DSA 3791-1 (linux - security update)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Debian Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-6787", "CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2017-6001", "CVE-2017-5970", "CVE-2017-5551", "CVE-2017-2583", "CVE-2016-8405", "CVE-2017-2596", "CVE-2016-6786", "CVE-2017-2618", "CVE-2017-5897", "CVE-2017-5549"], "modified": "2018-09-26T00:00:00", "id": "OPENVAS:1361412562310703791", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703791", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3791.nasl 11610 2018-09-26 02:42:29Z ckuersteiner $\n# Auto-generated from advisory DSA 3791-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703791\");\n script_version(\"$Revision: 11610 $\");\n script_cve_id(\"CVE-2016-6786\", \"CVE-2016-6787\", \"CVE-2016-8405\", \"CVE-2016-9191\", \"CVE-2017-2583\", \"CVE-2017-2584\", \"CVE-2017-2596\", \"CVE-2017-2618\", \"CVE-2017-5549\", \"CVE-2017-5551\", \"CVE-2017-5897\", \"CVE-2017-5970\", \"CVE-2017-6001\", \"CVE-2017-6074\");\n script_name(\"Debian Security Advisory DSA 3791-1 (linux - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-09-26 04:42:29 +0200 (Wed, 26 Sep 2018) $\");\n script_tag(name: \"creation_date\", value: \"2017-02-22 00:00:00 +0100 (Wed, 22 Feb 2017)\");\n script_tag(name:\"cvss_base\", value:\"7.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:C/I:C/A:C\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2017/dsa-3791.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2017 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"linux on Debian Linux\");\n script_tag(name: \"insight\", value: \"The Linux kernel is the core of the Linux operating system.\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie), these problems have been fixed in\nversion 3.16.39-1+deb8u1.\n\nWe recommend that you upgrade your linux packages.\");\n script_tag(name: \"summary\", value: \"Several vulnerabilities have been discovered in the Linux kernel that\nmay lead to a privilege escalation, denial of service or have other\nimpacts.\n\nCVE-2016-6786 / CVE-2016-6787It was discovered that the performance events subsystem does not\nproperly manage locks during certain migrations, allowing a local\nattacker to escalate privileges. This can be mitigated by\ndisabling unprivileged use of performance events:\nsysctl kernel.perf_event_paranoid=3CVE-2016-8405 \nPeter Pi of Trend Micro discovered that the frame buffer video\nsubsystem does not properly check bounds while copying color maps to\nuserspace, causing a heap buffer out-of-bounds read, leading to\ninformation disclosure.\n\nCVE-2016-9191 \nCAI Qian discovered that reference counting is not properly handled\nwithin proc_sys_readdir in the sysctl implementation, allowing a\nlocal denial of service (system hang) or possibly privilege\nescalation.\n\nCVE-2017-2583 \nXiaohan Zhang reported that KVM for amd64 does not correctly\nemulate loading of a null stack selector. This can be used by a\nuser in a guest VM for denial of service (on an Intel CPU) or to\nescalate privileges within the VM (on an AMD CPU).\n\nCVE-2017-2584 \nDmitry Vyukov reported that KVM for x86 does not correctly emulate\nmemory access by the SGDT and SIDT instructions, which can result\nin a use-after-free and information leak.\n\nCVE-2017-2596 \nDmitry Vyukov reported that KVM leaks page references when\nemulating a VMON for a nested hypervisor. This can be used by a\nprivileged user in a guest VM for denial of service or possibly\nto gain privileges in the host.\n\nCVE-2017-2618 \nIt was discovered that an off-by-one in the handling of SELinux\nattributes in /proc/pid/attr could result in local denial of\nservice.\n\nCVE-2017-5549 \nIt was discovered that the KLSI KL5KUSB105 serial USB device\ndriver could log the contents of uninitialised kernel memory,\nresulting in an information leak.\n\nCVE-2017-5551 \nJan Kara found that changing the POSIX ACL of a file on tmpfs never\ncleared its set-group-ID flag, which should be done if the user\nchanging it is not a member of the group-owner. In some cases, this\nwould allow the user-owner of an executable to gain the privileges\nof the group-owner.\n\nCVE-2017-5897 \nAndrey Konovalov discovered an out-of-bounds read flaw in the\nip6gre_err function in the IPv6 networking code.\n\nCVE-2017-5970 \nAndrey Konovalov discovered a denial-of-service flaw in the IPv4\nnetworking code. This can be triggered by a local or remote\nattacker if a local UDP or raw socket has the IP_RETOPTS option\nenabled.\n\nCVE-2017-6001Di Shen discovered a race condition between concurrent calls to\nthe performance events subsystem, allowing a local attacker to\nescalate privileges. This flaw exists because of an incomplete fix\nof CVE-2016-6786.\nThis can be mitigated by disabling unprivileged use of performance\nevents: sysctl kernel.perf_event_paranoid=3CVE-2017-6074Andrey Konovalov discovered a use-after-free vulnerability in the\nDCCP networking code, which could result in denial of service or\nlocal privilege escalation. On systems that do not already have\nthe dccp module loaded, this can be mitigated by disabling it:\necho>> /etc/modprobe.d/disable-dccp.conf install dccp false\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-arm\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-s390\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-compiler-gcc-4.8-x86\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-doc-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-586\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-686-pae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-armhf\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-i386\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mips\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-mipsel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-ppc64el\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-all-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-armmp-lpae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-common\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-ixp4xx\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-kirkwood\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2e\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-loongson-3\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-orion5x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc-smp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-powerpc64le\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.16.0-4-versatile\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mips\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-all-mipsel\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-common\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-cobalt\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-headers-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-586\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-686-pae-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-amd64-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-arm64-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-armmp-lpae\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-ixp4xx\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-kirkwood\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2e\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-loongson-3\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-orion5x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc-smp\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-powerpc64le\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-s390x-dbg\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.16.0-4-versatile\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-4kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-5kc-malta\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-loongson-2f\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-octeon\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r4k-ip22\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-cobalt\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-r5k-ip32\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1-bcm91250a\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-image-3.2.0-4-sb1a-bcm91480b\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-libc-dev\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-manual-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-source-3.16\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"linux-support-3.16.0-4\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"xen-linux-system-3.16.0-4-amd64\", ver:\"3.16.39-1+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-11-19T12:56:58", "references": ["http://www.ubuntu.com/usn/usn-3361-1/", "3361-1"], "pluginID": "1361412562310843249", "description": "The remote host is missing an update for the ", "edition": 6, "reporter": "Copyright (C) 2017 Greenbone Networks GmbH", "published": "2017-07-22T00:00:00", "title": "Ubuntu Update for linux-hwe USN-3361-1", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "naslFamily": "Ubuntu Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2016-10208", "CVE-2017-7472", "CVE-2017-5576", "CVE-2016-9604", "CVE-2016-9191", "CVE-2017-7261", "CVE-2017-7895", "CVE-2017-2584", "CVE-2016-9084", "CVE-2017-7616", "CVE-2017-7889", "CVE-2017-6001", "CVE-2017-7618", "CVE-2017-7645", "CVE-2017-5970", "CVE-2017-7273", "CVE-2017-5551", "CVE-2017-2671", "CVE-2017-5550", "CVE-2017-6348", "CVE-2016-8636", "CVE-2017-2583", "CVE-2017-8924", "CVE-2017-6214", "CVE-2017-9150", "CVE-2015-1350", "CVE-2016-9083", "CVE-2017-6345", "CVE-2017-5669", "CVE-2017-5546", "CVE-2016-8405", "CVE-2017-8925", "CVE-2017-6346", "CVE-2017-2596", "CVE-2017-7187", "CVE-2017-2618", "CVE-2017-6347", "CVE-2017-5897", "CVE-2017-5549", "CVE-2016-9755"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310843249", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843249", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3361_1.nasl 12381 2018-11-16 11:16:30Z cfischer $\n#\n# Ubuntu Update for linux-hwe USN-3361-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2017 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843249\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2017-07-22 07:23:26 +0200 (Sat, 22 Jul 2017)\");\n script_cve_id(\"CVE-2015-1350\", \"CVE-2016-10208\", \"CVE-2016-8405\", \"CVE-2016-8636\",\n \"CVE-2016-9083\", \"CVE-2016-9084\", \"CVE-2016-9191\", \"CVE-2016-9604\",\n \"CVE-2016-9755\", \"CVE-2017-2583\", \"CVE-2017-2584\", \"CVE-2017-2596\",\n \"CVE-2017-2618\", \"CVE-2017-2671\", \"CVE-2017-5546\", \"CVE-2017-5549\",\n \"CVE-2017-5550\", \"CVE-2017-5551\", \"CVE-2017-5576\", \"CVE-2017-5669\",\n \"CVE-2017-5897\", \"CVE-2017-5970\", \"CVE-2017-6001\", \"CVE-2017-6214\",\n \"CVE-2017-6345\", \"CVE-2017-6346\", \"CVE-2017-6347\", \"CVE-2017-6348\",\n \"CVE-2017-7187\", \"CVE-2017-7261\", \"CVE-2017-7273\", \"CVE-2017-7472\",\n \"CVE-2017-7616\", \"CVE-2017-7618\", \"CVE-2017-7645\", \"CVE-2017-7889\",\n \"CVE-2017-7895\", \"CVE-2017-8924\", \"CVE-2017-8925\", \"CVE-2017-9150\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-hwe USN-3361-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-hwe'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3358-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 17.04. This update provides the corresponding updates\n for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu\n 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10\n based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu\n 16.10. Ben Harris discovered that the Linux kernel would strip extended\n privilege attributes of files when performing a failed unprivileged system call.\n A local attacker could use this to cause a denial of service. (CVE-2015-1350)\n Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did\n not properly validate meta block groups. An attacker with physical access could\n use this to specially craft an ext4 image that causes a denial of service\n (system crash). (CVE-2016-10208) Peter Pi discovered that the colormap handling\n for frame buffer devices in the Linux kernel contained an integer overflow. A\n local attacker could use this to disclose sensitive information (kernel memory).\n (CVE-2016-8405) It was discovered that an integer overflow existed in the\n InfiniBand RDMA over ethernet (RXE) transport implementation in the Linux\n kernel. A local attacker could use this to cause a denial of service (system\n crash) or possibly execute arbitrary code. (CVE-2016-8636) Vlad Tsyrklevich\n discovered an integer overflow vulnerability in the VFIO PCI driver for the\n Linux kernel. A local attacker with access to a vfio PCI device file could use\n this to cause a denial of service (system crash) or possibly execute arbitrary\n code. (CVE-2016-9083, CVE-2016-9084) CAI Qian discovered that the sysctl\n implementation in the Linux kernel did not properly perform reference counting\n in some situations. An unprivileged attacker could use this to cause a denial of\n service (system hang). (CVE-2016-9191) It was discovered that the keyring\n implementation in the Linux kernel in some situations did not prevent special\n internal keyrings from being joined by userspace keyrings. A privileged local\n attacker could use this to bypass module verification. (CVE-2016-9604) Dmitry\n Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the\n netfiler subsystem in the Linux kernel mishandled IPv6 packet reassembly. A\n local user could use this to cause a denial of service (system crash) or\n possibly execute arbitrary code. (CVE-2016-9755) Andy Lutomirski and Willy\n Tarreau discovered that the KVM implementation in the Linux kernel did not\n properly emulate instructions on the SS segment register. A local attacker in a\n guest virtual machine could ... Description truncated, for more information\n please check the Reference URL\");\n script_tag(name:\"affected\", value:\"linux-hwe on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3361-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3361-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2017 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-27-generic\", ver:\"4.10.0-27.30~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-27-generic-lpae\", ver:\"4.10.0-27.30~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.10.0-27-lowlatency\", ver:\"4.10.0-27.30~16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-hwe-16.04\", ver:\"4.10.0.27.30\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-hwe-16.04\", ver:\"4.10.0.27.30\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-hwe-16.04\", ver:\"4.10.0.27.30\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "myhack58": [{"lastseen": "2017-07-02T04:18:26", "references": [], "edition": 1, "description": "CentOS system maintenance engineer Johnny Hughes today released the security Bulletin, the requirements currently are using CentOS 7 series users as soon as possible the deployment of important kernel security updates. According to Red Hat published upsteam security Bulletin, the kernel update total fixes five security vulnerabilities, and fixes many other BUGS. \n! [](/Article/UploadPic/2017-7/2017723312773. jpg? www. myhack58. com) \nThis kernel update fixes(CVE-2017-7477)and(CVE-2017-7645)two remote code execution vulnerabilities, the former in the socket buffer(skb_buff)from the fragment list(skb_shinfo(skb)-&gt;frag_list)create a scattergather list to allocate heap memory, allowing an attacker to constantly elevated permissions. The latter is the impact of NFS2/3 RPC Client to the NFS server sends long data, thereby allowing a remote attacker to make the kernel crash. \n(CVE-2017-7895)fix up NFSv2 and an NFSv3 Server implementation found security vulnerability(CVE-2017-2583)is fixed based on the Kernel of the virtual machine CONFIG_KVM\uff09Vulnerability(CVE-2017-6214)is to fix the Linux Kernel processing URG flag process in the presence of security vulnerabilities. \nCentOS users need to be deployed as soon as possible kernel-3.10.0-514.26.1. el7 kernel update, it has now been confirmed the Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux Workstation 7, Red Hat Enterprise Linux Server 7, Red Hat Enterprise Linux HPC Node 7 and Red Hat Enterprise Linux Server TUS 7.3 version of the existence of the vulnerability. \n\n", "reporter": "\u4f5a\u540d", "published": "2017-07-02T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "CentOS 7 released a kernel security update that fixes five vulnerabilities-vulnerability warning-the black bar safety net", "type": "myhack58", "bulletinFamily": "info", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477"], "modified": "2017-07-02T00:00:00", "id": "MYHACK58:62201787550", "href": "http://www.myhack58.com/Article/html/3/62/2017/87550.htm", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "centos": [{"lastseen": "2017-10-03T18:25:31", "references": ["https://rhn.redhat.com/errata/RHSA-2017-1615.html"], "affectedPackage": [{"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-debug-devel-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-3.10.0-514.26.1.el7.src.rpm", "packageName": "kernel", "arch": "any", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-tools-libs-devel-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-doc-3.10.0-514.26.1.el7.noarch.rpm", "packageName": "kernel-doc", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-tools-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-tools", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-tools-libs-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-devel-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-devel", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-headers-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-headers", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "perf-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "python-perf-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "python-perf", "arch": "x86_64", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-abi-whitelists-3.10.0-514.26.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "arch": "noarch", "operator": "lt"}, {"OS": "CentOS", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "packageFilename": "kernel-debug-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-debug", "arch": "x86_64", "operator": "lt"}], "description": "**CentOS Errata and Security Advisory** CESA-2017:1615\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in\nthe socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A\nremote user or process could use this flaw to potentially escalate their privilege on a system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel (denial of service). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest. (CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. (CVE-2017-6214, Moderate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and Xiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es):\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow no longer occurs. (BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the NFS client could restart the directory listing multiple times. Consequently, the performance of listing the directory was sub-optimal. With this update, the restarting of the directory listing happens less frequently. As a result, the performance of listing the directory while it is being modified has improved. (BZ#1450851)\n\n* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed to reboot. This update fixes the qla2xxx driver, and FCoE adapter now reboots as expected. (BZ#1446246)\n\n* When a VM with Virtual Function I/O (VFIO) device was rebooted, the QEMU process occasionally terminated unexpectedly due to a failed VFIO Direct Memory Access (DMA) map request. This update fixes the vfio driver and QEMU no longer crashes in the described situation. (BZ#1450855)\n\n* When the operating system was booted with the in-box lpfc driver, a kernel panic occurred on the little-endian variant of IBM Power Systems. This update fixes lpfc, and the kernel no longer panics in the described situation. (BZ#1452044)\n\n* When creating or destroying a VM with Virtual Function I/O (VFIO) devices with \"Hugepages\" feature enabled, errors in Direct Memory Access (DMA) page table entry (PTE) mappings occurred, and QEMU memory usage behaved unpredictably. This update fixes range computation when making room for large pages in Input/Output Memory Management Unit (IOMMU). As a result, errors in DMA PTE mappings no longer occur, and QEMU has a predictable memory usage in the described situation. (BZ#1450856)\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2017-June/022489.html\n\n**Affected packages:**\nkernel\nkernel-abi-whitelists\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-headers\nkernel-tools\nkernel-tools-libs\nkernel-tools-libs-devel\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2017-1615.html", "edition": 1, "reporter": "CentOS Project", "published": "2017-06-29T21:03:21", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "title": "kernel, perf, python security update", "type": "centos", "bulletinFamily": "unix", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477"], "modified": "2017-06-29T21:03:21", "href": "http://lists.centos.org/pipermail/centos-announce/2017-June/022489.html", "id": "CESA-2017:1615", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2018-12-11T17:45:20", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "ppc64", "packageName": "kernel", "packageFilename": "kernel-3.10.0-514.26.1.el7.ppc64.rpm", "operator": "lt"}], "description": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in\nthe socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature were used together. A\nremote user or process could use this flaw to potentially escalate their privilege on a system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel (denial of service). (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* The Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest. (CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. (CVE-2017-6214, Moderate)\n\nRed Hat would like to thank Ari Kauppi for reporting CVE-2017-7895 and Xiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es):\n\n* Previously, the reserved-pages counter (HugePages_Rsvd) was bigger than the total-pages counter (HugePages_Total) in the /proc/meminfo file, and HugePages_Rsvd underflowed. With this update, the HugeTLB feature of the Linux kernel has been fixed, and HugePages_Rsvd underflow no longer occurs. (BZ#1445184)\n\n* If a directory on a NFS client was modified while being listed, the NFS client could restart the directory listing multiple times. Consequently, the performance of listing the directory was sub-optimal. With this update, the restarting of the directory listing happens less frequently. As a result, the performance of listing the directory while it is being modified has improved. (BZ#1450851)\n\n* The Fibre Channel over Ethernet (FCoE) adapter in some cases failed to reboot. This update fixes the qla2xxx driver, and FCoE adapter now reboots as expected. (BZ#1446246)\n\n* When a VM with Virtual Function I/O (VFIO) device was rebooted, the QEMU process occasionally terminated unexpectedly due to a failed VFIO Direct Memory Access (DMA) map request. This update fixes the vfio driver and QEMU no longer crashes in the described situation. (BZ#1450855)\n\n* When the operating system was booted with the in-box lpfc driver, a kernel panic occurred on the little-endian variant of IBM Power Systems. This update fixes lpfc, and the kernel no longer panics in the described situation. (BZ#1452044)\n\n* When creating or destroying a VM with Virtual Function I/O (VFIO) devices with \"Hugepages\" feature enabled, errors in Direct Memory Access (DMA) page table entry (PTE) mappings occurred, and QEMU memory usage behaved unpredictably. This update fixes range computation when making room for large pages in Input/Output Memory Management Unit (IOMMU). As a result, errors in DMA PTE mappings no longer occur, and QEMU has a predictable memory usage in the described situation. (BZ#1450856)", "reporter": "RedHat", "published": "2017-06-28T19:08:50", "type": "redhat", "title": "(RHSA-2017:1615) Important: kernel security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477", "CVE-2017-7645", "CVE-2017-7895"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-04-12T03:33:10", "id": "RHSA-2017:1615", "href": "https://access.redhat.com/errata/RHSA-2017:1615", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-12-11T17:44:07", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"], "references": [], "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.rt56.442.el7", "arch": "src", "packageName": "kernel-rt", "packageFilename": "kernel-rt-3.10.0-514.26.1.rt56.442.el7.src.rpm", "operator": "lt"}], "description": "The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.\n\nSecurity Fix(es):\n\n* A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult. (CVE-2017-1000364, Important)\n\n* A flaw was found in the way Linux kernel allocates heap memory to build the scattergather list from a fragment list(skb_shinfo(skb)->frag_list) in the socket buffer(skb_buff). The heap overflow occurred if 'MAX_SKB_FRAGS + 1' parameter and 'NETIF_F_FRAGLIST' feature are both used together. A remote user or process could use this flaw to potentially escalate their privilege on a system. (CVE-2017-7477, Important)\n\n* The NFS2/3 RPC client could send long arguments to the NFS server. These encoded arguments are stored in an array of memory pages, and accessed using pointer variables. Arbitrarily long arguments could make these pointers point outside the array and cause an out-of-bounds memory access. A remote user or program could use this flaw to crash the kernel, resulting in denial of service. (CVE-2017-7645, Important)\n\n* The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c. (CVE-2017-7895, Important)\n\n* Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest, resulting in DoS or potentially escalate their privileges inside the guest. (CVE-2017-2583, Moderate)\n\n* A flaw was found in the Linux kernel's handling of packets with the URG flag. Applications using the splice() and tcp_splice_read() functionality could allow a remote attacker to force the kernel to enter a condition in which it could loop indefinitely. (CVE-2017-6214, Moderate)\n\nRed Hat would like to thank Qualys Research Labs for reporting CVE-2017-1000364; Ari Kauppi for reporting CVE-2017-7895; and Xiaohan Zhang (Huawei Inc.) for reporting CVE-2017-2583.\n\nBug Fix(es):\n\n* The kernel-rt packages have been upgraded to the 3.10.0-514.25.2 source tree, which provides a number of bug fixes over the previous version. (BZ#1452742)\n\n* Previously, a local lock acquisition around the ip_send_unicast_reply() function was incorrectly terminated. Consequently, a list corruption occurred that led to a kernel panic. This update adds locking functions around calls to ip_send_unicast_reply(). As a result, neither list corruption nor kernel panic occur under the described circumstances. (BZ#1455239)", "reporter": "RedHat", "published": "2017-06-28T19:09:04", "type": "redhat", "title": "(RHSA-2017:1616) Important: kernel-rt security and bug fix update", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2017-1000364", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-7477", "CVE-2017-7645", "CVE-2017-7895"], "_object_type": "robots.models.redhat.RedHatBulletin", "modified": "2018-03-19T16:29:53", "id": "RHSA-2017:1616", "href": "https://access.redhat.com/errata/RHSA-2017:1616", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:41:09", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "src", "packageFilename": "kernel-3.10.0-514.26.1.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-514.26.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-514.26.1.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-514.26.1.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}], "description": "- [3.10.0-514.26.1.OL7]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)\n- Update x509.genkey [bug 24817676]\n[3.10.0-514.26.1]\n- [mm] enlarge stack guard gap (Larry Woodman) [1452732 1452733] {CVE-2017-1000364}\n- Revert: [md] dm mirror: use all available legs on multiple failures (Mike Snitzer) [1449176 1383444]\n[3.10.0-514.25.1]\n- [lib] kobject: grab an extra reference on kobject->sd to allow duplicate deletes (Aristeu Rozanski) [1454851 1427252]\n- [kernel] module: When modifying a module's text ignore modules which are going away too (Aaron Tomlin) [1454684 1386313]\n- [kernel] module: Ensure a module's state is set accordingly during module coming cleanup code (Aaron Tomlin) [1454684 1386313]\n- [net] vxlan: do not output confusing error message (Jiri Benc) [1454636 1445054]\n- [net] vxlan: correctly handle ipv6.disable module parameter (Jiri Benc) [1454636 1445054]\n- [iommu] vt-d: fix range computation when making room for large pages (Alex Williamson) [1450856 1435612]\n- [fs] nfsd: stricter decoding of write-like NFSv2/v3 ops ('J. Bruce Fields') [1449282 1443204] {CVE-2017-7895}\n- [fs] nfsd4: minor NFSv2/v3 write decoding cleanup ('J. Bruce Fields') [1449282 1443204] {CVE-2017-7895}\n- [md] dm mirror: use all available legs on multiple failures (Mike Snitzer) [1449176 1383444]\n- [fs] nfsd: check for oversized NFSv2/v3 arguments ('J. Bruce Fields') [1447642 1442407] {CVE-2017-7645}\n- [scsi] ses: don't get power status of SES device slot on probe (Gustavo Duarte) [1446650 1434768]\n- [scsi] ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (Steve Best) [1446649 1441747]\n- [net] macsec: dynamically allocate space for sglist (Sabrina Dubroca) [1445546 1445545] {CVE-2017-7477}\n- [net] macsec: avoid heap overflow in skb_to_sgvec (Sabrina Dubroca) [1445546 1445545] {CVE-2017-7477}\n- [fs] gfs2: Allow glocks to be unlocked after withdraw (Robert S Peterson) [1433882 1404005]\n- [net] tcp: avoid infinite loop in tcp_splice_read() (Davide Caratti) [1430579 1430580] {CVE-2017-6214}\n- [mm] vma_merge: correct false positive from __vma_unlink->validate_mm_rb (Andrea Arcangeli) [1428840 1374548]\n- [mm] vma_merge: fix race vm_page_prot race condition against rmap_walk (Andrea Arcangeli) [1428840 1374548]\n- [mm] fix use-after-free if memory allocation failed in vma_adjust() (Andrea Arcangeli) [1428840 1374548]\n- [x86] kvm: x86: fix emulation of 'MOV SS, null selector' (Radim Krcmar) [1414742 1414743] {CVE-2017-2583}\n- [powerpc] prom: Increase minimum RMA size to 512MB (Gustavo Duarte) [1450041 1411321]\n- [pci] pciehp: Prioritize data-link event over presence detect (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Don't re-read Slot Status when queuing hotplug event (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Process all hotplug events before looking for new ones (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Rename pcie_isr() locals for clarity (Myron Stowe) [1450124 1435818]\n[3.10.0-514.24.1]\n- [scsi] lpfc: Fix panic on BFS configuration (Maurizio Lombardi) [1452044 1443116]\n- [vfio] type1: Reduce repetitive calls in vfio_pin_pages_remote() (Alex Williamson) [1450855 1438403]\n- [vfio] type1: Remove locked page accounting workqueue (Alex Williamson) [1450855 1438403]\n- [fs] nfs: Allow getattr to also report readdirplus cache hits (Dave Wysochanski) [1450851 1442068]\n- [fs] nfs: Be more targeted about readdirplus use when doing lookup/revalidation (Dave Wysochanski) [1450851 1442068]\n- [fs] nfs: Fix a performance regression in readdir (Dave Wysochanski) [1450851 1442068]\n- [x86] xen: do not re-use pirq number cached in pci device msi msg data (Vitaly Kuznetsov) [1450037 1433831]\n- [powerpc] mm: Add missing global TLB invalidate if cxl is active (Steve Best) [1449178 1440776]\n- [powerpc] boot: Fix zImage TOC alignment (Gustavo Duarte) [1444343 1395838]\n[3.10.0-514.23.1]\n- [scsi] qla2xxx: Defer marking device lost when receiving an RSCN (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Fix typo in driver (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Avoid that issuing a LIP triggers a kernel crash (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Add fix to read correct register value for ISP82xx (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Disable the adapter and skip error recovery in case of register disconnect (Himanshu Madhani) [1446246 1436940]\n[3.10.0-514.22.1]\n- [mm] hugetlb: don't use reserved during VM_SHARED mapping cow (Larry Woodman) [1445184 1385473]", "edition": 3, "reporter": "Oracle", "published": "2017-06-28T00:00:00", "title": "kernel security and bug fix update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-1000364", "CVE-2017-7477"], "modified": "2017-06-28T00:00:00", "id": "ELSA-2017-1615", "href": "http://linux.oracle.com/errata/ELSA-2017-1615.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:40:49", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "python-perf-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "python-perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-libs-devel-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "kernel-tools-libs-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-devel-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "kernel-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-devel-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "kernel-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-debug-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "kernel-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-tools-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "kernel-tools", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "src", "packageFilename": "kernel-3.10.0-514.26.1.0.1.el7.src.rpm", "packageName": "kernel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "perf-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "perf", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "x86_64", "packageFilename": "kernel-headers-3.10.0-514.26.1.0.1.el7.x86_64.rpm", "packageName": "kernel-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "noarch", "packageFilename": "kernel-doc-3.10.0-514.26.1.0.1.el7.noarch.rpm", "packageName": "kernel-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.10.0-514.26.1.0.1.el7", "arch": "noarch", "packageFilename": "kernel-abi-whitelists-3.10.0-514.26.1.0.1.el7.noarch.rpm", "packageName": "kernel-abi-whitelists", "operator": "lt"}], "description": "- [3.10.0-514.26.1.0.1.el7.OL7]\n- [ipc] ipc/sem.c: bugfix for semctl(,,GETZCNT) (Manfred Spraul) [orabug 22552377]\n- Oracle Linux certificates (Alexey Petrenko)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)\n- Update x509.genkey [bug 24817676]\n[3.10.0-514.26.1.el7]\n- [mm] enlarge stack guard gap (Larry Woodman) [1452732 1452733] {CVE-2017-1000364}\n- Revert: [md] dm mirror: use all available legs on multiple failures (Mike Snitzer) [1449176 1383444]\n[3.10.0-514.25.1.el7]\n- [lib] kobject: grab an extra reference on kobject->sd to allow duplicate deletes (Aristeu Rozanski) [1454851 1427252]\n- [kernel] module: When modifying a module's text ignore modules which are going away too (Aaron Tomlin) [1454684 1386313]\n- [kernel] module: Ensure a module's state is set accordingly during module coming cleanup code (Aaron Tomlin) [1454684 1386313]\n- [net] vxlan: do not output confusing error message (Jiri Benc) [1454636 1445054]\n- [net] vxlan: correctly handle ipv6.disable module parameter (Jiri Benc) [1454636 1445054]\n- [iommu] vt-d: fix range computation when making room for large pages (Alex Williamson) [1450856 1435612]\n- [fs] nfsd: stricter decoding of write-like NFSv2/v3 ops ('J. Bruce Fields') [1449282 1443204] {CVE-2017-7895}\n- [fs] nfsd4: minor NFSv2/v3 write decoding cleanup ('J. Bruce Fields') [1449282 1443204] {CVE-2017-7895}\n- [md] dm mirror: use all available legs on multiple failures (Mike Snitzer) [1449176 1383444]\n- [fs] nfsd: check for oversized NFSv2/v3 arguments ('J. Bruce Fields') [1447642 1442407] {CVE-2017-7645}\n- [scsi] ses: don't get power status of SES device slot on probe (Gustavo Duarte) [1446650 1434768]\n- [scsi] ipr: do not set DID_PASSTHROUGH on CHECK CONDITION (Steve Best) [1446649 1441747]\n- [net] macsec: dynamically allocate space for sglist (Sabrina Dubroca) [1445546 1445545] {CVE-2017-7477}\n- [net] macsec: avoid heap overflow in skb_to_sgvec (Sabrina Dubroca) [1445546 1445545] {CVE-2017-7477}\n- [fs] gfs2: Allow glocks to be unlocked after withdraw (Robert S Peterson) [1433882 1404005]\n- [net] tcp: avoid infinite loop in tcp_splice_read() (Davide Caratti) [1430579 1430580] {CVE-2017-6214}\n- [mm] vma_merge: correct false positive from __vma_unlink->validate_mm_rb (Andrea Arcangeli) [1428840 1374548]\n- [mm] vma_merge: fix race vm_page_prot race condition against rmap_walk (Andrea Arcangeli) [1428840 1374548]\n- [mm] fix use-after-free if memory allocation failed in vma_adjust() (Andrea Arcangeli) [1428840 1374548]\n- [x86] kvm: x86: fix emulation of 'MOV SS, null selector' (Radim Krcmar) [1414742 1414743] {CVE-2017-2583}\n- [powerpc] prom: Increase minimum RMA size to 512MB (Gustavo Duarte) [1450041 1411321]\n- [pci] pciehp: Prioritize data-link event over presence detect (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Don't re-read Slot Status when queuing hotplug event (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Process all hotplug events before looking for new ones (Myron Stowe) [1450124 1435818]\n- [pci] pciehp: Rename pcie_isr() locals for clarity (Myron Stowe) [1450124 1435818]\n[3.10.0-514.24.1.el7]\n- [scsi] lpfc: Fix panic on BFS configuration (Maurizio Lombardi) [1452044 1443116]\n- [vfio] type1: Reduce repetitive calls in vfio_pin_pages_remote() (Alex Williamson) [1450855 1438403]\n- [vfio] type1: Remove locked page accounting workqueue (Alex Williamson) [1450855 1438403]\n- [fs] nfs: Allow getattr to also report readdirplus cache hits (Dave Wysochanski) [1450851 1442068]\n- [fs] nfs: Be more targeted about readdirplus use when doing lookup/revalidation (Dave Wysochanski) [1450851 1442068]\n- [fs] nfs: Fix a performance regression in readdir (Dave Wysochanski) [1450851 1442068]\n- [x86] xen: do not re-use pirq number cached in pci device msi msg data (Vitaly Kuznetsov) [1450037 1433831]\n- [powerpc] mm: Add missing global TLB invalidate if cxl is active (Steve Best) [1449178 1440776]\n- [powerpc] boot: Fix zImage TOC alignment (Gustavo Duarte) [1444343 1395838]\n[3.10.0-514.23.1.el7]\n- [scsi] qla2xxx: Defer marking device lost when receiving an RSCN (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Fix typo in driver (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Avoid that issuing a LIP triggers a kernel crash (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Add fix to read correct register value for ISP82xx (Himanshu Madhani) [1446246 1436940]\n- [scsi] qla2xxx: Disable the adapter and skip error recovery in case of register disconnect (Himanshu Madhani) [1446246 1436940]\n[3.10.0-514.22.1.el7]\n- [mm] hugetlb: don't use reserved during VM_SHARED mapping cow (Larry Woodman) [1445184 1385473]", "edition": 4, "reporter": "Oracle", "published": "2017-06-28T00:00:00", "title": "1 ", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2017-7895", "CVE-2017-7645", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-1000364", "CVE-2017-7477"], "modified": "2017-06-28T00:00:00", "id": "ELSA-2017-1615-1", "href": "http://linux.oracle.com/errata/ELSA-2017-1615-1.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:44:42", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.34.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-61.1.34.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.5.3-2.el7", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-61.1.34.el7uek-0.5.3-2.el7.src.rpm", "packageName": "dtrace-modules-4.1.12-61.1.34.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.34.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-61.1.34.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.34.el6uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-61.1.34.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.5.3-2.el6", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-61.1.34.el6uek-0.5.3-2.el6.src.rpm", "packageName": "dtrace-modules-4.1.12-61.1.34.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.5.3-2.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-61.1.34.el6uek-0.5.3-2.el6.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-61.1.34.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.34.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-61.1.34.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.34.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-61.1.34.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.34.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-61.1.34.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.34.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-61.1.34.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.34.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-61.1.34.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.34.el7uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-61.1.34.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.34.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-61.1.34.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.34.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-61.1.34.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-61.1.34.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-61.1.34.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.5.3-2.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-61.1.34.el7uek-0.5.3-2.el7.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-61.1.34.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.34.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-61.1.34.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-61.1.34.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-61.1.34.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}], "description": "kernel-uek\n[4.1.12-61.1.34]\n- uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug: 25698171] \n- ksplice: add sysctls for determining Ksplice features. (Jamie Iles) [Orabug: 25698171] \n- signal: protect SIGNAL_UNKILLABLE from unintentional clearing. (Jamie Iles) [Orabug: 25698171] \n- KVM: x86: fix emulation of 'MOV SS, null selector' (Paolo Bonzini) [Orabug: 25719659] {CVE-2017-2583} {CVE-2017-2583}\n- ext4: store checksum seed in superblock (Darrick J. Wong) [Orabug: 25719728] {CVE-2016-10208}\n- ext4: reserve code points for the project quota feature (Theodore Ts'o) [Orabug: 25719728] {CVE-2016-10208}\n- ext4: validate s_first_meta_bg at mount time (Eryu Guan) [Orabug: 25719728] {CVE-2016-10208}\n- ext4: clean up feature test macros with predicate functions (Darrick J. Wong) [Orabug: 25719728] {CVE-2016-10208}\n- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo Ricardo Leitner) [Orabug: 25719793] {CVE-2017-5986}\n- tcp: avoid infinite loop in tcp_splice_read() (Eric Dumazet) [Orabug: 25720805] {CVE-2017-6214}\n- ip: fix IP_CHECKSUM handling (Paolo Abeni) [Orabug: 25720839] {CVE-2017-6347}\n- udp: fix IP_CHECKSUM handling (Eric Dumazet) [Orabug: 25720839] {CVE-2017-6347}\n- udp: do not expect udp headers in recv cmsg IP_CMSG_CHECKSUM (Willem de Bruijn) [Orabug: 25720839] {CVE-2017-6347}\n- xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Andy Whitcroft) [Orabug: 25814641] {CVE-2017-7184}\n- xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Andy Whitcroft) [Orabug: 25814641] {CVE-2017-7184}\n- block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877509] {CVE-2016-7910}", "edition": 3, "reporter": "Oracle", "published": "2017-04-13T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-10208", "CVE-2017-7184", "CVE-2016-7910", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-5986", "CVE-2017-6347"], "modified": "2017-04-13T00:00:00", "id": "ELSA-2017-3539", "href": "http://linux.oracle.com/errata/ELSA-2017-3539.html", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:17", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.18.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.18.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.18.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.18.2.el7uek-0.4.5-3.el7.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.18.2.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.18.2.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.18.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.4.5-3.el7", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.18.2.el7uek-0.4.5-3.el7.src.rpm", "packageName": "dtrace-modules-3.8.13-118.18.2.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.18.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-3.8.13-118.18.2.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-3.8.13-118.18.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.18.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "src", "packageFilename": "dtrace-modules-3.8.13-118.18.2.el6uek-0.4.5-3.el6.src.rpm", "packageName": "dtrace-modules-3.8.13-118.18.2.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-3.8.13-118.18.2.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-3.8.13-118.18.2.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-3.8.13-118.18.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "3.8.13-118.18.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-3.8.13-118.18.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.4.5-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-3.8.13-118.18.2.el6uek-0.4.5-3.el6.x86_64.rpm", "packageName": "dtrace-modules-3.8.13-118.18.2.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "3.8.13-118.18.2.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-3.8.13-118.18.2.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}], "description": "kernel-uek\n[3.8.13-118.18.2]\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986990] {CVE-2017-7895}\n[3.8.13-118.18.1]\n- fnic: Update fnic driver version to 1.6.0.24 (John Sobecki) [Orabug: 24448585] \n- xen-netfront: Rework the fix for Rx stall during OOM and network stress (Dongli Zhang) [Orabug: 25450703] \n- xen-netfront: Fix Rx stall during network stress and OOM (Dongli Zhang) [Orabug: 25450703] \n- ipv6: Skip XFRM lookup if dst_entry in socket cache is valid (Jakub Sitnicki) \n- uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug: 25549809] \n- ksplice: add sysctls for determining Ksplice features. (Jamie Iles) [Orabug: 25549809] \n- signal: protect SIGNAL_UNKILLABLE from unintentional clearing. (Jamie Iles) [Orabug: 25549809] \n- VSOCK: Fix lockdep issue. (Dongli Zhang) [Orabug: 25559937] \n- VSOCK: sock_put wasn't safe to call in interrupt context (Dongli Zhang) [Orabug: 25559937] \n- IB/CORE: sync the resouce access in fmr_pool (Wengang Wang) [Orabug: 25677469] \n- KVM: x86: fix emulation of 'MOV SS, null selector' (Paolo Bonzini) [Orabug: 25719675] {CVE-2017-2583} {CVE-2017-2583}\n- ext4: validate s_first_meta_bg at mount time (Eryu Guan) [Orabug: 25719738] {CVE-2016-10208}\n- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo Ricardo Leitner) [Orabug: 25719810] {CVE-2017-5986}\n- tcp: avoid infinite loop in tcp_splice_read() (Eric Dumazet) [Orabug: 25720813] {CVE-2017-6214}\n- lpfc cannot establish connection with targets that send PRLI under P2P mode (Joe Jin) [Orabug: 25759083] \n- USB: visor: fix null-deref at probe (Johan Hovold) [Orabug: 25796594] {CVE-2016-2782}\n- ipc/shm: Fix shmat mmap nil-page protection (Davidlohr Bueso) [Orabug: 25797012] {CVE-2017-5669}\n- vhost: actually track log eventfd file (Marc-Andre Lureau) [Orabug: 25797052] {CVE-2015-6252}\n- xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Andy Whitcroft) [Orabug: 25814663] {CVE-2017-7184}\n- xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Andy Whitcroft) [Orabug: 25814663] {CVE-2017-7184}\n- KEYS: Remove key_type::match in favour of overriding default by match_preparse (Aniket Alshi) [Orabug: 25823962] {CVE-2017-2647} {CVE-2017-2647}\n- USB: whiteheat: fix potential null-deref at probe (Johan Hovold) [Orabug: 25825105] {CVE-2015-5257} {CVE-2015-5257}\n- udf: Check path length when reading symlink (Jan Kara) [Orabug: 25871102] {CVE-2015-9731}\n- udp: properly support MSG_PEEK with truncated buffers (Eric Dumazet) [Orabug: 25876655] {CVE-2016-10229}\n- block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877530] {CVE-2016-7910}\n- Revert 'fix minor infoleak in get_user_ex()' (Brian Maly) [Orabug: 25790392] {CVE-2016-9644}\n- net: ping: check minimum size on ICMP header length (Kees Cook) [Orabug: 25766911] {CVE-2016-8399}\n- ipv6: stop sending PTB packets for MTU < 1280 (Hagen Paul Pfeifer) [Orabug: 25765776] {CVE-2016-10142}\n- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro) [Orabug: 25765445] {CVE-2016-10088}\n- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang) [Orabug: 25751996] {CVE-2017-7187}", "edition": 3, "reporter": "Oracle", "published": "2017-05-16T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-10208", "CVE-2016-2782", "CVE-2017-7895", "CVE-2017-7184", "CVE-2016-7910", "CVE-2016-8399", "CVE-2016-10088", "CVE-2015-6252", "CVE-2015-9731", "CVE-2015-5257", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-5669", "CVE-2017-2647", "CVE-2017-5986", "CVE-2016-10229", "CVE-2017-7187", "CVE-2016-10142", "CVE-2016-9644"], "modified": "2017-05-16T00:00:00", "id": "ELSA-2017-3566", "href": "http://linux.oracle.com/errata/ELSA-2017-3566.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:47:15", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.295.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-2.6.39-400.295.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.295.2.el5uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.295.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.295.2.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.295.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.295.2.el5uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.295.2.el6uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.295.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.295.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.295.2.el5uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.295.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.295.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.295.2.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-debug-devel-2.6.39-400.295.2.el5uek.i686.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-devel-2.6.39-400.295.2.el6uek.i686.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "i686", "packageFilename": "kernel-uek-2.6.39-400.295.2.el5uek.i686.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-2.6.39-400.295.2.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "i686", "packageFilename": "kernel-uek-debug-2.6.39-400.295.2.el6uek.i686.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.295.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-2.6.39-400.295.2.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.295.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "src", "packageFilename": "kernel-uek-2.6.39-400.295.2.el5uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.295.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "2.6.39-400.295.2.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.295.2.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.295.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-2.6.39-400.295.2.el5uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "5", "packageVersion": "2.6.39-400.295.2.el5uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-2.6.39-400.295.2.el5uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}], "description": "[2.6.39-400.295.2]\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986995] {CVE-2017-7895}\n[2.6.39-400.295.1]\n- ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not TCP_LISTEN (Tariq Saeed) [Orabug: 25510857] \n- IB/CORE: sync the resouce access in fmr_pool (Wengang Wang) [Orabug: 23750748] \n- ipv6: Skip XFRM lookup if dst_entry in socket cache is valid (Jakub Sitnicki) [Orabug: 25534688] \n- uek-rpm: enable CONFIG_KSPLICE. (Jamie Iles) [Orabug: 25549845] \n- ksplice: add sysctls for determining Ksplice features. (Jamie Iles) [Orabug: 25549845] \n- signal: protect SIGNAL_UNKILLABLE from unintentional clearing. (Jamie Iles) [Orabug: 25549845] \n- KVM: x86: fix emulation of 'MOV SS, null selector' (Paolo Bonzini) [Orabug: 25719676] {CVE-2017-2583} {CVE-2017-2583}\n- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo Ricardo Leitner) [Orabug: 25719811] {CVE-2017-5986}\n- tcp: avoid infinite loop in tcp_splice_read() (Eric Dumazet) [Orabug: 25720815] {CVE-2017-6214}\n- USB: visor: fix null-deref at probe (Johan Hovold) [Orabug: 25796604] {CVE-2016-2782}\n- ipc/shm: Fix shmat mmap nil-page protection (Davidlohr Bueso) [Orabug: 25797014] {CVE-2017-5669}\n- vhost: actually track log eventfd file (Marc-Andre Lureau) [Orabug: 25797056] {CVE-2015-6252}\n- xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Andy Whitcroft) [Orabug: 25814664] {CVE-2017-7184}\n- xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Andy Whitcroft) [Orabug: 25814664] {CVE-2017-7184}\n- KEYS: Remove key_type::match in favour of overriding default by match_preparse (David Howells) [Orabug: 25823965] {CVE-2017-2647} {CVE-2017-2647}\n- USB: whiteheat: fix potential null-deref at probe (Johan Hovold) [Orabug: 25825107] {CVE-2015-5257}\n- RDS: fix race condition when sending a message on unbound socket (Quentin Casasnovas) [Orabug: 25871048] {CVE-2015-6937} {CVE-2015-6937}\n- udf: Check path length when reading symlink (Jan Kara) [Orabug: 25871104] {CVE-2015-9731}\n- udf: Treat symlink component of type 2 as / (Jan Kara) [Orabug: 25871104] {CVE-2015-9731}\n- udp: properly support MSG_PEEK with truncated buffers (Eric Dumazet) [Orabug: 25874741] {CVE-2016-10229}\n- block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877531] {CVE-2016-7910}\n- RHEL: complement upstream workaround for CVE-2016-10142. (Quentin Casasnovas) [Orabug: 25765786] {CVE-2016-10142} {CVE-2016-10142}\n- net: ping: check minimum size on ICMP header length (Kees Cook) [Orabug: 25766914] {CVE-2016-8399}\n- ipv6: stop sending PTB packets for MTU < 1280 (Hagen Paul Pfeifer) [Orabug: 25765786] {CVE-2016-10142}\n- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro) [Orabug: 25765448] {CVE-2016-10088}\n- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang) [Orabug: 25752011] {CVE-2017-7187}\n- tty: n_hdlc: get rid of racy n_hdlc.tbuf (Alexander Popov) [Orabug: 25696689] {CVE-2017-2636}\n- TTY: n_hdlc, fix lockdep false positive (Jiri Slaby) [Orabug: 25696689] {CVE-2017-2636}\n- drivers/tty/n_hdlc.c: replace kmalloc/memset by kzalloc (Fabian Frederick) [Orabug: 25696689] {CVE-2017-2636}\n- list: introduce list_first_entry_or_null (Jiri Pirko) [Orabug: 25696689] {CVE-2017-2636}\n- firewire: net: guard against rx buffer overflows (Stefan Richter) [Orabug: 25451538] {CVE-2016-8633}\n- x86/mm/32: Enable full randomization on i386 and X86_32 (Hector Marco-Gisbert) [Orabug: 25463929] {CVE-2016-3672}\n- x86 get_unmapped_area: Access mmap_legacy_base through mm_struct member (Radu Caragea) [Orabug: 25463929] {CVE-2016-3672}\n- sg_start_req(): make sure that there's not too many elements in iovec (Al Viro) [Orabug: 25490377] {CVE-2015-5707}\n- tcp: take care of truncations done by sk_filter() (Eric Dumazet) [Orabug: 25507232] {CVE-2016-8645}\n- rose: limit sk_filter trim to payload (Willem de Bruijn) [Orabug: 25507232] {CVE-2016-8645}\n- scsi: arcmsr: Buffer overflow in arcmsr_iop_message_xfer() (Dan Carpenter) [Orabug: 25507330] {CVE-2016-7425}\n- x86: bpf_jit: fix compilation of large bpf programs (Alexei Starovoitov) [Orabug: 25507375] {CVE-2015-4700}\n- net: fix a kernel infoleak in x25 module (Kangjie Lu) [Orabug: 25512417] {CVE-2016-4580}\n- USB: digi_acceleport: do sanity checking for the number of ports (Oliver Neukum) [Orabug: 25512472] {CVE-2016-3140}\n- net/llc: avoid BUG_ON() in skb_orphan() (Eric Dumazet) [Orabug: 25682437] {CVE-2017-6345}\n- dccp: fix freeing skb too early for IPV6_RECVPKTINFO (Andrey Konovalov) [Orabug: 25598277] {CVE-2017-6074}\n- vfs: read file_handle only once in handle_to_path (Sasha Levin) [Orabug: 25388709] {CVE-2015-1420}\n- crypto: algif_hash - Only export and import on sockets with data (Herbert Xu) [Orabug: 25417807] \n- USB: usbfs: fix potential infoleak in devio (Kangjie Lu) [Orabug: 25462763] {CVE-2016-4482}\n- net: fix infoleak in llc (Kangjie Lu) [Orabug: 25462811] {CVE-2016-4485}\n- af_unix: Guard against other == sk in unix_dgram_sendmsg (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}\n- unix: avoid use-after-free in ep_remove_wait_queue (Rainer Weikusat) [Orabug: 25464000] {CVE-2013-7446}", "edition": 3, "reporter": "Oracle", "published": "2017-05-16T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-2782", "CVE-2017-7895", "CVE-2017-7184", "CVE-2016-7910", "CVE-2016-8633", "CVE-2017-6074", "CVE-2016-8399", "CVE-2015-1420", "CVE-2016-10088", "CVE-2015-6252", "CVE-2015-9731", "CVE-2015-5257", "CVE-2017-2636", "CVE-2017-2583", "CVE-2016-7425", "CVE-2017-6214", "CVE-2016-4485", "CVE-2016-4482", "CVE-2017-6345", "CVE-2017-5669", "CVE-2017-2647", "CVE-2017-5986", "CVE-2016-3140", "CVE-2016-10229", "CVE-2013-7446", "CVE-2017-7187", "CVE-2016-10142", "CVE-2015-5707", "CVE-2016-4580", "CVE-2016-3672", "CVE-2016-8645", "CVE-2015-6937", "CVE-2015-4700"], "modified": "2017-05-16T00:00:00", "id": "ELSA-2017-3567", "href": "http://linux.oracle.com/errata/ELSA-2017-3567.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T01:42:39", "references": [], "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-103.3.8.el7uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.6.1-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-provider-headers-0.6.1-3.el6.x86_64.rpm", "packageName": "dtrace-modules-provider-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.6.1-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-103.3.8.el7uek-0.6.1-3.el7.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-103.3.8.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-103.3.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "src", "packageFilename": "kernel-uek-4.1.12-103.3.8.el6uek.src.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.6.1-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-shared-headers-0.6.1-3.el7.x86_64.rpm", "packageName": "dtrace-modules-shared-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-103.3.8.el7uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-103.3.8.el6uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-4.1.12-103.3.8.el7uek.x86_64.rpm", "packageName": "kernel-uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-103.3.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-103.3.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-devel-4.1.12-103.3.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-debug-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "x86_64", "packageFilename": "kernel-uek-devel-4.1.12-103.3.8.el6uek.x86_64.rpm", "packageName": "kernel-uek-devel", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.6.1-3.el7", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-103.3.8.el7uek-0.6.1-3.el7.src.rpm", "packageName": "dtrace-modules-4.1.12-103.3.8.el7uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-103.3.8.el6uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "noarch", "packageFilename": "kernel-uek-doc-4.1.12-103.3.8.el7uek.noarch.rpm", "packageName": "kernel-uek-doc", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.6.1-3.el6", "arch": "src", "packageFilename": "dtrace-modules-4.1.12-103.3.8.el6uek-0.6.1-3.el6.src.rpm", "packageName": "dtrace-modules-4.1.12-103.3.8.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "0.6.1-3.el7", "arch": "x86_64", "packageFilename": "dtrace-modules-provider-headers-0.6.1-3.el7.x86_64.rpm", "packageName": "dtrace-modules-provider-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.6.1-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-4.1.12-103.3.8.el6uek-0.6.1-3.el6.x86_64.rpm", "packageName": "dtrace-modules-4.1.12-103.3.8.el6uek", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "0.6.1-3.el6", "arch": "x86_64", "packageFilename": "dtrace-modules-shared-headers-0.6.1-3.el6.x86_64.rpm", "packageName": "dtrace-modules-shared-headers", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "6", "packageVersion": "4.1.12-103.3.8.el6uek", "arch": "noarch", "packageFilename": "kernel-uek-firmware-4.1.12-103.3.8.el6uek.noarch.rpm", "packageName": "kernel-uek-firmware", "operator": "lt"}, {"OS": "Oracle Linux", "OSVersion": "7", "packageVersion": "4.1.12-103.3.8.el7uek", "arch": "x86_64", "packageFilename": "kernel-uek-debug-4.1.12-103.3.8.el7uek.x86_64.rpm", "packageName": "kernel-uek-debug", "operator": "lt"}], "description": "kernel-uek\n[4.1.12-103.3.8]\n- fs/exec.c: account for argv/envp pointers (Kees Cook) [Orabug: 26638900] {CVE-2017-1000365} {CVE-2017-1000365}\n[4.1.12-103.3.7]\n- i40e/i40evf: check for stopped admin queue (Mitch Williams) [Orabug: 26654222]\n[4.1.12-103.3.6]\n- xen: fix bio vec merging (Roger Pau Monne) [Orabug: 26645497]\n[4.1.12-103.3.5]\n- dentry name snapshots (Al Viro) [Orabug: 26630805] {CVE-2017-7533}\n[4.1.12-103.3.4]\n- mnt: Add a per mount namespace limit on the number of mounts (Eric W. Biederman) [Orabug: 26585933] {CVE-2016-6213} {CVE-2016-6213}\n- ipv6: fix out of bound writes in __ip6_append_data() (Eric Dumazet) [Orabug: 26578179] {CVE-2017-9242}\n- KEYS: Disallow keyrings beginning with '.' to be joined as session keyrings (David Howells) [Orabug: 26585981] {CVE-2016-9604} {CVE-2016-9604}\n- l2tp: fix racy SOCK_ZAPPED flag check in l2tp_ip{,6}_bind() (Guillaume Nault) [Orabug: 26586030] {CVE-2016-10200}\n- ovl: move super block magic number to magic.h (Stephen Hemminger) [Orabug: 22876737] {CVE-2016-1575} {CVE-2016-1576}\n- ovl: use a minimal buffer in ovl_copy_xattr (Vito Caputo) [Orabug: 22876737] {CVE-2016-1575} {CVE-2016-1576}\n- ovl: allow zero size xattr (Miklos Szeredi) [Orabug: 22876737] {CVE-2016-1575} {CVE-2016-1576}\n- ovl: default permissions (Miklos Szeredi) [Orabug: 22876737] {CVE-2016-1575} {CVE-2016-1576}\n- scsi: megaraid_sas: handle dma_addr_t right on 32-bit (Arnd Bergmann) [Orabug: 26560952] \n- scsi: megaraid_sas: NVME fast path io support (Shivasharan S) [Orabug: 26560952] \n- scsi: megaraid_sas: NVME interface target prop added (Shivasharan S) [Orabug: 26560952] \n- scsi: megaraid_sas: NVME Interface detection and prop settings (Shivasharan S) [Orabug: 26560952] \n- scsi: megaraid_sas: Use synchronize_irq to wait for IRQs to complete (Shivasharan S) [Orabug: 26560952] \n- fs/fuse: fuse mount can cause panic with no memory numa node (Somasundaram Krishnasamy) [Orabug: 26151828] \n- Fix regression which breaks DFS mounting (Sachin Prabhu) [Orabug: 26335022] \n- ol7/spec: sync up linux-firmware version for ol74 (Ethan Zhao) [Orabug: 26567308] [Orabug: 26567283] \n- nfsd: encoders mustnt use unitialized values in error cases (J. Bruce Fields) [Orabug: 26572867] {CVE-2017-8797}\n- nfsd: fix undefined behavior in nfsd4_layout_verify (Ari Kauppi) [Orabug: 26572867] {CVE-2017-8797}\n- ol6/spec: sync up linux-firmware version for ol6 (Ethan Zhao) [Orabug: 26586911] [Orabug: 26586927]\n[4.1.12-103.3.2]\n- rds: tcp: cancel all worker threads before shutting down socket (Yuval Shaia) [Orabug: 26332905] \n- Revert 'ixgbevf: get rid of custom busy polling code' (Jack Vogel) [Orabug: 26560824] \n- Revert 'ixgbe: get rid of custom busy polling code' (Jack Vogel) [Orabug: 26560824] \n- xen: do not re-use pirq number cached in pci device msi msg data (Boris Ostrovsky) [Orabug: 26324865] \n- xsigo: PCA 2.3.1 Compute Node panics in xve_create_arp+430 (Pradeep Gopanapalli) [Orabug: 26520653] \n- ocfs2: fix deadlock caused by recursive locking in xattr (Eric Ren) [Orabug: 26554428] \n- ocfs2: fix deadlock issue when taking inode lock at vfs entry points (Eric Ren) [Orabug: 26554428] \n- ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock (Eric Ren) [Orabug: 26554428] \n- Revert 'add OCFS2_LOCK_RECURSIVE arg_flags to ocfs2_cluster_lock() to prevent hang' (Ashish Samant) [Orabug: 26554428] \n- MacSec: fix backporting error in patches for CVE-2017-7477 (Alexey Kodanev) [Orabug: 26481629] [Orabug: 26368162] {CVE-2017-7477} {CVE-2017-7477}\n- sg: Fix double-free when drives detach during SG_IO (Calvin Owens) [Orabug: 26492439] \n- ping: implement proper locking (Eric Dumazet) [Orabug: 26540266] {CVE-2017-2671}\n- PCI: Workaround wrong flags completions for IDT switch (James Puthukattukaran) [Orabug: 26362330] \n- xen-blkback: stop blkback thread of every queue in xen_blkif_disconnect (Annie Li)\n[4.1.12-103.3.1]\n- MSI: Dont assign MSI IRQ vector twice (Ashok Vairavan) [Orabug: 25982356] \n- IB/core: Remove stray semicolon in cma_init (Yuval Shaia) [Orabug: 26188883] \n- ipv6: Fix leak in ipv6_gso_segment(). (David S. Miller) [Orabug: 26403963] {CVE-2017-9074}\n- ipv6: xfrm: Handle errors reported by xfrm6_find_1stfragopt() (Ben Hutchings) [Orabug: 26403963] {CVE-2017-9074}\n- ipv6: Check ip6_find_1stfragopt() return value properly. (David S. Miller) [Orabug: 26403963] {CVE-2017-9074}\n- ipv6: Prevent overrun when parsing v6 header options (Craig Gallek) [Orabug: 26403963] {CVE-2017-9074}\n- scsi: libiscsi: use kvzalloc for iscsi_pool_init (Kyle Fortin) [Orabug: 26473220] \n- mm: introduce kv[mz]alloc helpers (Kyle Fortin) [Orabug: 26473220] \n- blk-mq: Export blk_mq_freeze_queue_wait (Keith Busch) [Orabug: 26486215] \n- blk-mq: Provide freeze queue timeout (Keith Busch) [Orabug: 26486215] \n- nvme: Complete all stuck requests (Keith Busch) [Orabug: 26486215] \n- nvme: Dont suspend admin queue that wasnt created (Gabriel Krisman Bertazi) [Orabug: 26486215] \n- nvme: Delete created IO queues on reset (Keith Busch) [Orabug: 26486215] \n- nvme: Suspend all queues before deletion (Gabriel Krisman Bertazi) [Orabug: 26486215] \n- nvme/pci: No special case for queue busy on IO (Keith Busch) [Orabug: 26486215] \n- Revert 'net/rds: Revert 'RDS: add reconnect retry scheme for stalled connections'' (Ajaykumar Hotchandani) [Orabug: 26497331] \n- Revert 'net/rds: use different workqueue for base_conn' (Ajaykumar Hotchandani) [Orabug: 26497331] \n- Revert 'net/rds: determine active/passive connection with IP addresses' (Ajaykumar Hotchandani) [Orabug: 26497331] \n- Revert 'net/rds: prioritize the base connection establishment' (Ajaykumar Hotchandani) [Orabug: 26497331] \n- net/sock: add WARN_ON(parent->sk) in sock_graft() (Sowmini Varadhan) [Orabug: 26243229] \n- rds: tcp: use sock_create_lite() to create the accept socket (Sowmini Varadhan) [Orabug: 26243229] \n- rds: tcp: set linger to 1 when unloading a rds-tcp (Sowmini Varadhan) [Orabug: 26236194] \n- rds: tcp: send handshake ping-probe from passive endpoint (Sowmini Varadhan) [Orabug: 26236194] \n- Revert 'SUNRPC: Refactor svc_set_num_threads()' (Dhaval Giani) [Orabug: 26450033] \n- Revert 'NFSv4: Fix callback server shutdown' (Dhaval Giani) [Orabug: 26450033] \n- mm: fix use-after-free if memory allocation failed in vma_adjust() (Kirill A. Shutemov) [Orabug: 25647067] \n- scsi: smartpqi: mark PM functions as __maybe_unused (Arnd Bergmann) [Orabug: 26191021] \n- scsi: smartpqi: bump driver version (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: remove writeq/readq function definitions (Corentin Labbe) [Orabug: 26191021] \n- scsi: smartpqi: add module parameters (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: cleanup list initialization (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add raid level show (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: make ioaccel references consistent (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: enhance device add and remove messages (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: update timeout on admin commands (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: map more raid errors to SCSI errors (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: cleanup controller branding (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: update rescan worker (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: update device offline (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: correct aio error path (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add lockup action (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: remove qdepth calculations for logical volumes (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: enhance kdump (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: change return value for LUN reset operations (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add ptraid support (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: update copyright (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: cleanup messages (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add new PCI device IDs (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: minor driver cleanup (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: correct BMIC identify physical drive (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: eliminate redundant error messages (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add pqi_wait_for_completion_io (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: correct bdma hw bug (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add heartbeat check (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add suspend and resume support (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: enhance resets (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add supporting events (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: ensure controller is in SIS mode at init (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: add in controller checkpoint for controller lockups. (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: set pci completion timeout (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: correct remove scsi devices (Kevin Barnett) [Orabug: 26191021] \n- scsi: smartpqi: fix time handling (Arnd Bergmann) [Orabug: 26191021] \n- Btrfs: fix extent_same allowing destination offset beyond i_size (Filipe Manana) [Orabug: 26376770] \n- NVMe: Retain QUEUE_FLAG_SG_GAPS flag for bio vector alignment. (Ashok Vairavan) [Orabug: 26402457] \n- ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT (Takashi Iwai) [Orabug: 26403948] {CVE-2017-1000380}\n- ALSA: timer: Fix race between read and ioctl (Takashi Iwai) [Orabug: 26403948] {CVE-2017-1000380}\n- xfs: Timely free truncated dirty pages (Jan Kara) [Orabug: 26452559] \n- xfs: skip dirty pages in ->releasepage() (Brian Foster) [Orabug: 26452559] \n- sparc64: Convert non-fatal error print to a debug print (DAX driver) (Sanath Kumar) [Orabug: 26476370] \n- selftests: sparc64: memory: Add tests for privileged ADI driver (Tom Hromatka) [Orabug: 26359060] \n- memory: sparc64: Add privileged ADI driver (Tom Hromatka) [Orabug: 26359060] \n- sparc64: Export the adi_state structure (Tom Hromatka) [Orabug: 26359060] \n- sparc64: Use cpu_poke to resume idle cpu (Vijay Kumar) [Orabug: 26399224] \n- sparc64: Add a new hypercall CPU_POKE (Vijay Kumar) [Orabug: 26399224] \n- cpuset: consider dying css as offline (Tejun Heo) [Orabug: 26475766] \n- sparc64: Treat ERESTARTSYS as an acceptable error (DAX driver) (Sanath Kumar) [Orabug: 26475734] \n- sparc64: fix out of order spin_lock_irqsave and spin_unlock_restore (Thomas Tai) [Orabug: 26430325] \n- SPARC64: vcc: delay device removal until close() (Aaron Young) [Orabug: 26315957] \n- bnxt_en: Fix SRIOV on big-endian architecture. (Michael Chan) [Orabug: 26443303] \n- arch/sparc: Enable queued spinlock support for SPARC (Allen Pais) [Orabug: 26373790] \n- arch/sparc: Introduce xchg16 for SPARC (Babu Moger) [Orabug: 26373790] \n- arch/sparc: Enable queued rwlocks for SPARC (Allen Pais) [Orabug: 26373790] \n- arch/sparc: Introduce cmpxchg_u8 SPARC (Babu Moger) [Orabug: 26373790] \n- arch/sparc: Define config parameter CPU_BIG_ENDIAN (Allen Pais) [Orabug: 26373790] \n- kernel/locking: Fix compile error with qrwlock.c (Babu Moger) [Orabug: 26373790] \n- arch/sparc: Remove the check #ifndef __LINUX_SPINLOCK_TYPES_H (Babu Moger) [Orabug: 26373790] \n- locking/qrwlock: Fix write unlock bug on big endian systems (pan xinhui) [Orabug: 26373790] \n- locking/qrwlock: Implement queue_write_unlock() using smp_store_release() (Will Deacon) [Orabug: 26373790] \n- locking/qspinlock: Avoid redundant read of next pointer (Waiman Long) [Orabug: 26373790] \n- locking/qspinlock: Prefetch the next node cacheline (Waiman Long) [Orabug: 26373790] \n- locking/qrwlock: Reduce reader/writer to reader lock transfer latency (Waiman Long) [Orabug: 26373790] \n- locking/qrwlock: Better optimization for interrupt context readers (Waiman Long) [Orabug: 26373790] \n- locking/qrwlock: Rename functions to queued_*() (Waiman Long) [Orabug: 26373790] b r > - l o c k i n g / q r w l o c k : D o n t c o n t e n d w i t h r e a d e r s w h e n s e t t i n g _ Q W _ W A I T I N G ( W a i m a n L o n g ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q r w l o c k : R e n a m e Q U E U E _ R W L O C K t o Q U E U E D _ R W L O C K S ( B a b u M o g e r ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : U s e a s i m p l e w r i t e t o g r a b t h e l o c k ( W a i m a n L o n g ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : O p t i m i z e f o r s m a l l e r N R _ C P U S ( P e t e r Z i j l s t r a ( I n t e l ) ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : E x t r a c t o u t c o d e s n i p p e t s f o r t h e n e x t p a t c h ( W a i m a n L o n g ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : A d d p e n d i n g b i t ( P e t e r Z i j l s t r a ( I n t e l ) ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - l o c k i n g / q s p i n l o c k : I n t r o d u c e a s i m p l e g e n e r i c 4 - b y t e q u e u e d s p i n l o c k ( W a i m a n L o n g ) [ O r a b u g : 2 6 3 7 3 7 9 0 ] b r > - q e d e : A d d s u p p o r t f o r i n g r e s s h e a d r o o m ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : U p d a t e r e c e i v e s t a t i s t i c o n c e p e r N A P I ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : M a k e O O O a r c h i p e l a g o s i n t o a n a r r a y ( M i c h a l K a l d e r o n ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : P r o v i d e i S C S I s t a t i s t i c s t o m a n a g e m e n t ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : I n f o r m q e d i t h e n u m b e r o f p o s s i b l e C Q s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : A d d m i s s i n g s t a t f o r n e w i s l e s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D o n t c l o s e t h e O U T _ E N d u r i n g i n i t ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o n f i g u r e c a c h e l i n e s i z e i n H W ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D o n t u s e m a i n - p t t i n u n r e l a t e d f l o w s ( R a h u l V e r m a ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : W a r n P T T u s a g e b y w r o n g h w - f u n c t i o n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t M S I - x f o r s t o r a g e ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : f i x m i s s i n g b r e a k i n O O O _ L B _ T C c a s e ( C o l i n I a n K i n g ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : A d d a m i s s i n g e r r o r c o d e ( D a n C a r p e n t e r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R o C E d o e s n t n e e d t o u s e S R C ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t T M I L T l i n e s i n p r e s e n c e o f V F s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x T M b l o c k I L T a l l o c a t i o n ( M i c h a l K a l d e r o n ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R e v i s e Q M c o f i g u r a t i o n ( A r i e l E l i o r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : U s e B D Q r e s o u r c e f o r s t o r a g e p r o t o c o l s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : U t i l i z e r e s o u r c e - l o c k b a s e d s c h e m e ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : S u p p o r t m a n a g e m e n t - b a s e d r e s o u r c e l o c k i n g ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : S e n d p f - f l r a s p a r t o f i n i t i a l i z a t i o n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : M o v e t o n e w l o a d r e q u e s t s c h e m e ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : h w _ i n i t ( ) t o r e c e i v e p a r a m e t e r - s t r u c t ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t H W s t o p f l o w ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R e s e r v e V F f e a t u r e b e f o r e P F ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D o n t w a s t e S B s u n u s e d b y R o C E ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t e n d i a n o r d e r o f M A C p a s s e d t o M F W ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : P a s s s r c / d s t s i z e s w h e n i n t e r a c t i n g w i t h M F W ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R e v i s e M F W c o m m a n d l o c k i n g ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : A l w a y s p u b l i s h V F l i n k f r o m l e a d i n g h w f n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : R a i s e v e r b o s i t y o f M a l i c i o u s V F i n d i c a t i o n s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : M a k e q e d _ i o v _ m a r k _ v f _ f l r ( ) r e t u r n b o o l ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D e p r e c a t e V F m u l t i p l e q u e u e - s t o p ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : U n i f o r m I O V q u e u e v a l i d a t i o n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t d e f a u l t V F c o a l e s c i n g c o n f i g u r a t i o n ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : S e t H W - c h a n n e l t o r e a d y b e f o r e A C K i n g V F ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C l e a n V F m a l i c i o u s i n d i c a t i o n w h e n d i s a b l i n g I O V ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : I n c r e a s e v e r b o s i t y o f V F - > P F e r r o r s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d * : A d d s u p p o r t f o r Q L 4 1 x x x a d a p t e r s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : E n a b l e i S C S I O u t - o f - O r d e r ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : C o r r e c t o u t - o f - b o u n d a c c e s s i n O O O h i s t o r y ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x i n t e r r u p t f l a g s o n R x L L 2 ( R a m A m r a n i ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F r e e p r e v i o u s c o n n e c t i o n s w h e n r e l e a s i n g i S C S I ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x m a p p i n g l e a k o n L L 2 r x f l o w ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : P r e v e n t c r e a t i o n o f t o o - b i g u 3 2 - c h a i n s ( T o m e r T a y a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : A l i g n C I D s a c c o r d i n g t o D O R Q r e q u i r e m e n t ( R a m A m r a n i ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d * : U t i l i z e F i r m w a r e 8 . 1 5 . 3 . 0 ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d i : A d d P C I d e v i c e - I D f o r Q L 4 1 x x x a d a p t e r s . ( M a n i s h R a n g a n k a r ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x c o p y o f u n i n i t i a l i z e d m e m o r y ( r o b e r t . f o s s @ c o l l a b o r a . c o m ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : D o n t u s e a t t e n t i o n P T T f o r c o n f i g u r i n g B W ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d : F i x r a c e w i t h m u l t i p l e V F s ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : A d d d r i v e r s u p p o r t f o r P T P ( S u d a r s a n a R e d d y K a l l u r u ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : R e m o v e u n n e c e s s a r y d a t a p a t h d e r e f e r e n c e ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e - m a r k S K B a s e n c a p s u l a t e d ( M a n i s h C h o p r a ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : P o s t p o n e r e a l l o c a t i o n u n t i l N A P I e n d ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : S p l i t f i l t e r i n g l o g i c t o i t s o w n f i l e ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - q e d e : B r e a k d a t a p a t h l o g i c i n t o i t s o w n f i l e ( M i n t z , Y u v a l ) [ O r a b u g : 2 5 9 3 3 0 5 3 ] b r > - S U N R P C : H a n d l e E A D D R N O T A V A I L o n c o n n e c t i o n f a i l u r e s ( T r o n d M y k l e b u s t ) [ O r a b u g : 2 6 2 7 6 0 6 7 ] b r > - b t r f s : i n t r o d u c e d e v i c e d e l e t e b y d e v i d ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : e n h a n c e b t r f s _ f i n d _ d e v i c e _ b y _ u s e r _ i n p u t ( ) t o c h e c k d e v i c e p a t h ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : m a k e u s e o f b t r f s _ f i n d _ d e v i c e _ b y _ u s e r _ i n p u t ( ) ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : c r e a t e h e l p e r b t r f s _ f i n d _ d e v i c e _ b y _ u s e r _ i n p u t ( ) ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : c l e a n u p a n d o p t i m i z e _ _ c h e c k _ r a i d _ m i n _ d e v i c e ( ) ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - b t r f s : c r e a t e h e l p e r f u n c t i o n _ _ c h e c k _ r a i d _ m i n _ d e v i c e s ( ) ( A n a n d J a i n ) [ O r a b u g : 2 6 3 6 2 4 5 5 ] b r > - R e v e r t ' m m : m e m i n i t : o n l y s e t p a g e r e s e r v e d i n t h e m e m b l o c k r e g i o n ' ( D h a v a l G i a n i ) [ O r a b u g : 2 5 8 7 9 2 9 5 ] b r > - R e v e r t ' m m : m e m i n i t : m o v e p a g e i n i t i a l i z a t i o n i n t o a s e p a r a t e f u n c t i o n ' ( D h a v a l G i a n i ) [ O r a b u g : 2 5 8 7 9 2 9 5 ] b r > - n e t / r d s : R e p l a c e p r i n t k i n T X p a t h w i t h s t a t v a r i a b l e ( Y u v a l S h a i a ) [ O r a b u g : 2 6 4 0 2 6 6 2 ] b r > - c h a r : l p : f i x p o s s i b l e i n t e g e r o v e r f l o w i n l p _ s e t u p ( ) ( W i l l y T a r r e a u ) [ O r a b u g : 2 6 4 0 3 9 3 6 ] { C V E - 2 0 1 7 - 1 0 0 0 3 6 3 } b r > - d r m / m g a g 2 0 0 : F i x t o a l w a y s s e t H i P r i f o r G 2 0 0 e 4 V 2 ( M a t h i e u L a r o u c h e ) [ O r a b u g : 2 6 4 0 8 7 3 1 ] b r > - d t r a c e : F B T m o d u l e s u p p o r t a n d S P A R C s r e t u r n p r o b e s ( T o m a s J e d l i c k a ) [ O r a b u g : 2 6 4 1 4 3 9 2 ] [ O r a b u g : 2 6 4 1 4 4 0 2 ] b r > - b n x 2 x : D o n t p o s t s t a t i s t i c s t o m a l i c i o u s V F s ( M i n t z , Y u v a l ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : A l l o w v f s t o d i s a b l e t x v l a n o f f l o a d ( M i n t z , Y u v a l ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : f i x p f 2 v f b u l l e t i n D M A m a p p i n g l e a k ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : F i x M u l t i - C o s ( M i n t z , Y u v a l ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : a d d m i s s i n g c o n f i g u r a t i o n o f V F V L A N f i l t e r s ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : f i x i n c o r r e c t f i l t e r c o u n t i n a n e r r o r m e s s a g e ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : d o n o t r o l l b a c k V F M A C / V L A N f i l t e r s w e d i d n o t c o n f i g u r e ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : f i x d e t e c t i o n o f V L A N f i l t e r i n g f e a t u r e f o r V F ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : f i x p o s s i b l e o v e r r u n o f V F P F m u l t i c a s t a d d r e s s e s a r r a y ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : l o w e r v e r b o s i t y o f V F s t a t s d e b u g m e s s a g e s ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - b n x 2 x : p r e v e n t c r a s h w h e n a c c e s s i n g P T P w i t h i n t e r f a c e d o w n ( M i c h a l S c h m i d t ) [ O r a b u g : 2 6 3 0 8 2 7 7 ] b r > - N F S v 4 : F i x c a l l b a c k s e r v e r s h u t d o w n ( T r o n d M y k l e b u s t ) [ O r a b u g : 2 6 4 0 3 9 7 6 ] { C V E - 2 0 1 7 - 9 0 5 9 } b r > - S U N R P C : R e f a c t o r s v c _ s e t _ n u m _ t h r e a d s ( ) ( T r o n d M y k l e b u s t ) [ O r a b u g : 2 6 4 0 3 9 7 6 ] { C V E - 2 0 1 7 - 9 0 5 9 } b r > - i p v 6 / d c c p : d o n o t i n h e r i t i p v 6 _ m c _ l i s t f r o m p a r e n t ( W A N G C o n g ) [ O r a b u g : 2 6 4 0 3 9 9 8 ] { C V E - 2 0 1 7 - 9 0 7 7 } b r > - l p f c u p d a t e f o r u e k 4 1 1 . 4 . 0 . 2 ( r k e n n e d y ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : D r i v e r r e s p o n d s L S _ R J T t o B e a c o n O f f ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x c r a s h a f t e r f i r m w a r e f l a s h w h e n ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : V p o r t c r e a t i o n i s f a i l i n g w i t h L i n k ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : N u l l p o i n t e r d e r e f e r e n c e w h e n ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x r e t u r n v a l u e o f b o a r d _ m o d e s t o r e ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x P o r t g o i n g o f f l i n e a f t e r ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : f i x s p e l l i n g m i s t a k e ' e n t r y s ' ( C o l i n I a n K i n g ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : A d d M D S D i a g n o s t i c s u p p o r t . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x u s e d - R P I a c c o u n t i n g p r o b l e m . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x p a n i c o n B F S c o n f i g u r a t i o n ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x E x p r e s s l a n e q u e u e c r e a t i o n . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x d r i v e r u s a g e o f 1 2 8 B W Q E s w h e n W Q _ C R E A T E i s ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : A d d F a b r i c a s s i g n e d W W N s u p p o r t . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x c r a s h a f t e r i s s u i n g l i p r e s e t ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : R e m o v e N U L L p t r c h e c k b e f o r e k f r e e . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - l p f c : F i x s p e l l i n g i n c o m m e n t s . ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x P T 2 P T P R L I r e j e c t ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : c o r r e c t r d p d i a g p o r t n a m e s ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x e h _ d e a d l i n e s e t t i n g f o r s l i 3 a d a p t e r s . ( r k e n n e d y ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : F i x c r a s h d u r i n g H a r d w a r e e r r o r r e c o v e r y o n S L I 3 a d a p t e r s ( J a m e s S m a r t ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - s c s i : l p f c : f i x m i s s i n g s p i n _ u n l o c k o n s q l _ l i s t _ l o c k ( C o l i n I a n K i n g ) [ O r a b u g : 2 6 2 8 3 1 8 2 ] b r > - S i g n a t u r e v e r i f i c a t i o n s u p p o r t i n k e x e c _ f i l e _ l o a d ( A l e x e y P e t r e n k o ) [ O r a b u g : 2 6 4 0 2 2 8 1 ] b r > - b l k - m q : d o n t r e d i s t r i b u t e h a r d w a r e q u e u e s o n a C P U h o t p l u g e v e n t ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 6 0 3 9 5 3 9 ] b r > - R D S : P r i n t f a i l e d r d m a o p d e t a i l s i f f a i l u r e i s r e m o t e a c c e s s ( R a m a N i c h a n a m a t l u ) [ O r a b u g : 2 6 3 5 1 4 2 1 ] b r > - x e n - b l k f r o n t : f i x m q s t a r t / s t o p r a c e ( J u n x i a o B i ) [ O r a b u g : 2 6 3 5 1 6 4 9 ] b r > - b e 2 n e t : U p d a t e t h e d r i v e r v e r s i o n t o 1 1 . 4 . 0 . 0 ( S u r e s h R e d d y ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : F i x U E d e t e c t i o n l o g i c f o r B E 3 ( S u r e s h R e d d y ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : F i x o f f l o a d f e a t u r e s f o r Q - i n - Q p a c k e t s ( V l a d Y a s e v i c h ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e n e t : U s e t i m e _ b e f o r e _ e q f o r t i m e c o m p a r i s o n ( K a r i m E s h a p a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : F i x e n d i a n i s s u e i n l o g i c a l l i n k c o n f i g c o m m a n d ( S u r e s h R e d d y ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x i n i t i a l M A C s e t t i n g ( I v a n V e c e r a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - d r i v e r s : n e t : g e n e r a l i z e n a p i _ c o m p l e t e _ d o n e ( ) ( E r i c D u m a z e t ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x M A C a d d r s e t t i n g o n p r i v i l e g e d B E 3 V F s ( I v a n V e c e r a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x u n i c a s t l i s t f i l l i n g ( I v a n V e c e r a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x a c c e s s e s t o u n i c a s t l i s t ( I v a n V e c e r a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : f i x n o n s t a t i c s y m b o l w a r n i n g s ( W e i Y o n g j u n ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : A v o i d r e d u n d a n t a d d i t i o n o f m a c a d d r e s s i n H W ( S u r e s h R e d d y ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : S u p p o r t U E r e c o v e r y i n B E x / S k y h a w k a d a p t e r s ( S r i h a r s h a B a s a v a p a t n a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : r e p l a c e p o l l i n g w i t h s l e e p i n g i n t h e F W c o m p l e t i o n p a t h ( S a t h y a P e r l a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - b e 2 n e t : s u p p o r t a s y m m e t r i c r x / t x q u e u e c o u n t s ( S a t h y a P e r l a ) [ O r a b u g : 2 6 4 0 3 5 4 4 ] b r > - n e t : p r o p e r l y r e l e a s e s k _ f r a g . p a g e ( E r i c D u m a z e t ) [ O r a b u g : 2 6 4 0 9 5 3 3 ] b r > - n e t / r d s : A d d m u t e x e x c l u s i o n f o r v e c t o r _ l o a d ( H a k o n B u g g e ) [ O r a b u g : 2 6 4 1 5 1 0 7 ] b r > - d t r a c e : A d d s u p p o r t f o r m a n u a l t r i g g e r e d c y c l i c s ( T o m a s J e d l i c k a ) [ O r a b u g : 2 6 3 8 4 8 0 3 ] b r > - d t r a c e : L O W l e v e l c y c l i c s s h o u l d u s e w o r k q u e u e s ( T o m a s J e d l i c k a ) [ O r a b u g : 2 6 3 8 4 7 7 9 ] b r > - s p a r c 6 4 : a d d D A X 2 s u p p o r t t o d a x d r i v e r ( A l l e n P a i s ) [ O r a b u g : 2 6 3 1 7 6 0 6 ] b r > - u e k - r p m : c h a n g e m e m o r y a l l o c a t o r f r o m s l a b t o s l u b ( A l l e n P a i s ) b r > - a r c h / s p a r c : A v o i d D C T I C o u p l e s ( A l l e n P a i s ) [ O r a b u g : 2 6 4 1 3 5 2 2 ] b r > - d r i v e r s / u s b : S k i p a u t o h a n d o f f f o r T I a n d R E N E S A S u s b c o n t r o l l e r s ( B a b u M o g e r ) [ O r a b u g : 2 6 3 8 9 7 5 6 ] b r > - s p a r c - c o n f i g : E n a b l e t i m e s t a m p i n d m e s g o u t p u t . ( A t i s h P a t r a ) [ O r a b u g : 2 6 3 8 9 7 0 9 ] b r > - s p a r c 6 4 : r t r a p m u s t s e t P S T A T E . m c d e b e f o r e h a n d l i n g o u t s t a n d i n g u s e r w o r k ( A n t h o n y Y z n a g a ) [ O r a b u g : 2 6 3 8 8 5 9 1 ] b r > - i 4 0 e : C o r r e c t t h e m a c r o s f o r s e t t i n g t h e D M A a t t r i b u t e s ( J a c k V o g e l ) [ O r a b u g : 2 6 3 8 6 3 2 3 ] b r > - s p a r c 6 4 : E x c l u d e p e r f u s e r c a l l c h a i n d u r i n g c r i t i c a l s e c t i o n s ( D a v e A l d r i d g e ) [ O r a b u g : 2 6 3 8 6 2 1 3 ] b r > - s u n v n e t : r e s t r i c t a d v e r t i z e d c h e c k s u m o f f l o a d s t o j u s t I P ( S h a n n o n N e l s o n ) [ O r a b u g : 2 6 3 3 8 7 0 9 ] b r > - s p a r c 6 4 : a d d c c b k i l l a n d i n f o t o D A X d r i v e r ( J o n a t h a n H e l m a n ) [ O r a b u g : 2 6 3 1 7 6 0 2 ] b r > - i 4 0 e : f i x a n n o y i n g m e s s a g e ( J e s s e B r a n d e b u r g ) [ O r a b u g : 2 6 4 2 0 2 9 0 ] b r > - w a t c h d o g : M o v e h a r d l o c k u p d e t e c t o r t o s e p a r a t e f i l e ( A l l e n P a i s ) [ O r a b u g : 2 6 4 2 0 3 1 0 ] b r > - w a t c h d o g : M o v e s h a r e d d e f i n i t i o n s t o n m i . h ( A l l e n P a i s ) [ O r a b u g : 2 6 4 2 0 3 1 0 ] b r > - s p a r c 6 4 : S u p p r e s s k m a l l o c ( D A X d r i v e r ) w a r n i n g d u e t o a l l o c a t i o n f a i l u r e ( S a n a t h K u m a r ) [ O r a b u g : 2 6 3 3 8 8 3 0 ] b r > - i 4 0 e v f : U s e l e 3 2 _ t o _ c p u b e f o r e e v a l u a t i n g H W d e s c f i e l d s . ( T u s h a r D a v e ) [ O r a b u g : 2 6 4 2 0 3 4 5 ] b r > - s p a r c 6 4 : r e v e r t p a u s e i n s t r u c t i o n p a t c h f o r a t o m i c b a c k o f f a n d c p u _ r e l a x ( ) ( B a b u M o g e r ) [ O r a b u g : 2 6 3 0 9 0 7 0 ] b r > - S P A R C 6 4 : C o r r e c t A T U I O T S B b i n d i n g f l o w ( T u s h a r D a v e ) [ O r a b u g : 2 6 4 1 9 9 5 7 ] b r > - S P A R C 6 4 : I n t r o d u c e I O M M U B Y P A S S m e t h o d ( T u s h a r D a v e ) [ O r a b u g : 2 6 4 2 0 2 0 9 ] b r > - i 4 0 e : R e v e r t i 4 0 e t e m p o r a r y w o r k a r o u n d ( T u s h a r D a v e ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : E n a b l e 6 4 - b i t D M A ( T u s h a r D a v e ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : E n a b l e s u n 4 v d m a o p s t o u s e I O M M U v 2 A P I s ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : B i n d P C I e d e v i c e s t o u s e I O M M U v 2 s e r v i c e ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : I n i t i a l i z e i o m m u _ m a p _ t a b l e a n d i o m m u _ p o o l ( T u s h a r D a v e ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : A d d A T U ( n e w I O M M U ) s u p p o r t ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - s p a r c 6 4 : M a k e F O R C E _ M A X _ Z O N E O R D E R t o 1 3 f o r A T U ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - R e v e r t ' s p a r c 6 4 : b y p a s s i o m m u t o u s e 6 4 b i t a d d r e s s s p a c e ' ( A l l e n P a i s ) [ O r a b u g : 2 1 1 4 9 3 1 6 ] b r > - [ P A T C H ] R D S : W h e n R D S s o c k e t i s c l o s e d , p r i n t u n r e l e a s e d M R s ( R a m a N i c h a n a m a t l u ) [ O r a b u g : 2 6 2 6 1 9 9 3 ] b r > - I B / I P o I B : i b X : f a i l e d t o c r e a t e m c g d e b u g f i l e ( S h a m i r R a b i n o v i t c h ) [ O r a b u g : 2 4 7 1 1 8 7 3 ] [ O r a b u g : 2 5 1 7 5 5 3 3 ] b r > - s c s i : q e d i : F i x m e m o r y l e a k i n t m f r e s p o n s e p r o c e s s i n g . ( D u p u i s , C h a d ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : f i x b u i l d e r r o r w i t h o u t D E B U G _ F S ( A r n d B e r g m a n n ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : f i x m i s s i n g r e t u r n e r r o r c o d e c h e c k o n c a l l t o q e d i _ s e t u p _ i n t ( C o l i n I a n K i n g ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : F i x p o s s i b l e m e m o r y l e a k i n q e d i _ i s c s i _ u p d a t e _ c o n n ( ) ( W e i Y o n g j u n ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : r e t u r n v i a v a _ e n d t o m a t c h c o r r e s p o n d i n g v a _ s t a r t ( C o l i n I a n K i n g ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : f i x b u i l d , d e p e n d s o n U I O ( R a n d y D u n l a p ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - s c s i : q e d i : A d d Q L o g i c F a s t L i n Q o f f l o a d i S C S I d r i v e r f r a m e w o r k . ( M a n i s h R a n g a n k a r ) [ O r a b u g : 2 5 6 6 7 1 7 4 ] b r > - d c c p / t c p : d o n o t i n h e r i t m c _ l i s t f r o m p a r e n t ( E r i c D u m a z e t ) [ O r a b u g : 2 6 1 0 7 4 7 2 ] { C V E - 2 0 1 7 - 8 8 9 0 } b r > - I n i t i a l i z e f i b l i n k l i s t h e a d d u r i n g f i b i n i t i a l i z a t i o n ( D a v e C a r r o l l ) [ O r a b u g : 2 6 2 9 1 2 7 2 ] b r > - a a c r a i d : U p d a t e s c s i _ h o s t _ t e m p l a t e t o u s e t a g g e d c o m m a n d s ( D a v e C a r r o l l ) [ O r a b u g : 2 6 2 9 1 2 7 2 ] b r > - I B / m l x 4 : S u p p r e s s w a r n i n g f o r n o t h a n d l e d p o r t m g m t e v e n t s u b t y p e ( M u k e s h K a c k e r ) [ O r a b u g : 2 6 4 0 9 7 2 2 ] b r > - b n x t _ e n : F i x n e t p o l l h a n d l i n g . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d m i s s i n g l o g i c t o h a n d l e T P A e n d e r r o r c o n d i t i o n s . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : F i x x m i t _ m o r e w i t h B Q L . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : P a s s i n s h p a r a m e t e r t o b n x t _ s e t _ d f l t _ r i n g s ( ) . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : I m p l e m e n t x m i t _ m o r e . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : O p t i m i z e d o o r b e l l w r i t e o p e r a t i o n s f o r n e w e r c h i p s . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d a d d i t i o n a l c h i p I D d e f i n i t i o n s . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d a c a l l b a c k t o i n f o r m R D M A d r i v e r d u r i n g P C I s h u t d o w n . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d P C I I D s f o r B C M 5 7 4 5 4 V F d e v i c e s . ( D e e p a k K h u n g a r ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : S u p p o r t f o r S h o r t F i r m w a r e M e s s a g e ( D e e p a k K h u n g a r ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C h e c k s t a t u s o f f i r m w a r e D C B X a g e n t b e f o r e s e t t i n g D C B _ C A P _ D C B X _ H O S T . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C a l l b n x t _ d c b _ i n i t ( ) a f t e r g e t t i n g f i r m w a r e D C B X c o n f i g u r a t i o n . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t : a d d d m a m a p p i n g a t t r i b u t e s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 6 3 6 6 3 8 7 ] b r > - b n x t _ e n : a l l o c a t e e n o u g h s p a c e f o r - > n t p _ f l t r _ b m a p ( D a n C a r p e n t e r ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : R e s t r i c t a P F i n M u l t i - H o s t m o d e f r o m c h a n g i n g p o r t P H Y c o n f i g u r a t i o n ( D e e p a k K h u n g a r ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C h e c k t h e F W _ L L D P _ A G E N T f l a g b e f o r e a l l o w i n g D C B X h o s t a g e n t . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d 1 0 0 G l i n k s p e e d r e p o r t i n g f o r B C M 5 7 4 5 4 A S I C i n e t h t o o l ( D e e p a k K h u n g a r ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : F i x V F a t t r i b u t e s r e p o r t i n g . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : P a s s D C B R o C E a p p p r i o r i t y t o f i r m w a r e . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C a p t h e m s i x v e c t o r w i t h t h e m a x c o m p l e t i o n r i n g s . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d i n t e r r u p t t e s t t o e t h t o o l - t s e l f t e s t . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d P H Y l o o p b a c k t o e t h t o o l s e l f - t e s t . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d e t h t o o l m a c l o o p b a c k s e l f t e s t . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d b a s i c e t h t o o l - t s e l f t e s t s u p p o r t . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d s u s p e n d / r e s u m e c a l l b a c k s . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d e t h t o o l s e t _ w o l m e t h o d . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d e t h t o o l g e t _ w o l m e t h o d . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d p c i s h u t d o w n m e t h o d . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : A d d b a s i c W o L i n f r a s t r u c t u r e . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : U p d a t e f i r m w a r e i n t e r f a c e s p e c t o 1 . 7 . 6 . 2 . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : F i x D M A u n m a p p i n g o f t h e R X b u f f e r s i n X D P m o d e d u r i n g s h u t d o w n . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C o r r e c t t h e o r d e r o f a r g u m e n t s t o n e t d e v _ e r r ( ) i n b n x t _ s e t _ t p a ( ) ( S a n k a r P a t c h i n e e l a m ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : F i x N U L L p o i n t e r d e r e f e r e n c e i n r e o p e n f a i l u r e p a t h ( S a n k a r P a t c h i n e e l a m ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : I g n o r e 0 v a l u e i n a u t o n e g s u p p o r t e d s p e e d f r o m f i r m w a r e . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C h e c k i f f i r m w a r e L L D P a g e n t i s r u n n i n g . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : C a l l b n x t _ u l p _ s t o p ( ) d u r i n g t x t i m e o u t . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - b n x t _ e n : P e r f o r m f u n c t i o n r e s e t e a r l i e r d u r i n g p r o b e . ( M i c h a e l C h a n ) [ O r a b u g : 2 6 4 0 2 5 3 3 ] b r > - I B / c m : r e m o v e u n n e c e s s a r y i b _ q u e r y _ d e v i c e i n P S I F R N R W A ( W e i L i n G u a y ) [ O r a b u g : 2 5 9 0 8 2 3 4 ] b r > - b o n d i n g : a v o i d d e f a u l t i n g h a r d _ h e a d e r _ l e n t o E T H _ H L E N o n s l a v e r e m o v a l ( P a o l o A b e n i ) [ O r a b u g : 2 6 3 9 7 4 2 8 ] b r > - i 4 0 e : r e m o v e F D I R _ R E Q U I R E S _ R E I N I T d r i v e r f l a g ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e m o v e a u s e l e s s g o t o s t a t e m e n t ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : C h e c k f o r n e w a r q e l e m e n t s b e f o r e l e a v i n g t h e a d m i n q s u b t a s k l o o p ( C h r i s t o p h e r N B e d n a r z ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : u s e r e g i s t e r f o r X L 7 2 2 c o n t r o l r e g i s t e r r e a d / w r i t e ( P a u l M S t i l l w e l l J r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : C l e a n u p h a n d l i n g o f p r i v a t e f l a g s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e v f : e n f o r c e d e s c r i p t o r w r i t e - b a c k m e c h a n i s m f o r V F ( P r e e t h i B a n a l a ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : i n i t i a l i z e p a r a m s b e f o r e n o t i f y i n g o f l 2 _ p a r a m _ c h a n g e s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e / i 4 0 e v f : C l e a n - u p p r o c e s s _ s k b _ f i e l d s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e m o v e d n o l o n g e r n e e d e d d e l a y s ( B i m m y P u j a r i ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : F i x e d r a c e c o n d i t i o n s i n V F r e s e t ( R o b e r t K o n k l e w s k i ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e / i 4 0 e v f : F i x u s e a f t e r f r e e i n R x c l e a n u p p a t h ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : f i x c o n f i g u r a t i o n o f R S S t a b l e w i t h D C B ( H a r s h i t h a R a m a m u r t h y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : D o n o t e n a b l e N A P I o n q _ v e c t o r s t h a t h a v e n o r i n g s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : m a k e u s e o f h l i s t _ f o r _ e a c h _ e n t r y _ c o n t i n u e ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : d o c u m e n t d r i v e r s u s e o f n t u p l e f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a d d s u p p o r t f o r S C T P v 4 F D i r f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : i m p l e m e n t s u p p o r t f o r f l e x i b l e w o r d p a y l o a d ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a d d p a r s i n g o f f l e x i b l e f i l t e r f i e l d s f r o m u s e r d e f ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : p a r t i t i o n t h e r i n g _ c o o k i e t o g e t V F i n d e x ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a l l o w c h a n g i n g i n p u t s e t f o r n t u p l e f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e s t o r e d e f a u l t i n p u t s e t f o r e a c h f l o w t y p e ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : c h e c k c u r r e n t c o n f i g u r e d i n p u t s e t w h e n a d d i n g n t u p l e f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : c o r r e c t l y h o n o r t h e m a s k f i e l d s f o r E T H T O O L _ S R X C L S R L I N S ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a l w a y s r e m o v e o l d f i l t e r w h e n a d d i n g n e w F D i r f i l t e r ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : e x p l i c i t l y f a i l o n e x t e n d e d M A C f i e l d f o r e t h t o o l _ r x _ f l o w _ s p e c ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a d d c o u n t e r s f o r U D P / I P v 4 a n d I P v 4 f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : d o n t r e - e n a b l e A T R w h e n f l u s h i n g f i l t e r s i f S B h a s T C P 4 / I P v 4 r u l e s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e s e t f d _ t c p _ r u l e c o u n t w h e n r e s t o r i n g f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e m o v e r e d u n d a n t c h e c k f o r f d _ t c p _ r u l e w h e n r e s t o r i n g f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : e x i t A T R m o d e o n l y w h e n a d d i n g T C P / I P v 4 f i l t e r s u c c e e d s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e t u r n i m m e d i a t e l y w h e n f a i l i n g t o a d d f d i r f i l t e r ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e w o r k e x i t f l o w o f i 4 0 e _ a d d _ f d i r _ e t h t o o l ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : d o n t u s e a r r a y s f o r ( s r c | d s t ) _ i p ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : s e n d c o r r e c t p o r t n u m b e r t o A d m i n Q w h e n e n a b l i n g U D P t u n n e l s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e n a m e a u t o _ d i s a b l e _ f l a g s t o h w _ d i s a b l e d _ f l a g s ( H a r s h i t h a R a m a m u r t h y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e / i 4 0 e v f : C h a n g e v e r s i o n f r o m 1 . 6 . 2 7 t o 2 . 1 . 7 ( B i m m y P u j a r i ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : A l l o w u n t r u s t e d V F s t o h a v e m o r e f i l t e r s ( M i t c h W i l l i a m s ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : C l a r i f y s t e p s i n M A C / V L A N f i l t e r s i n i t i a l i z a t i o n r o u t i n e ( F i l i p S a d o w s k i ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : f i x R S S q u e u e s o n l y o p e r a t i n g o n P F 0 ( L i h o n g Y a n g ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : f i x e t h t o o l t o g e t E E P R O M d a t a f r o m X 7 2 2 i n t e r f a c e ( L i h o n g Y a n g ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : d o n t a d d m o r e v e c t o r s t o n u m _ l a n _ m s i x t h a n n u m b e r o f C P U s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : K I S S t h e c l i e n t i n t e r f a c e ( M i t c h W i l l i a m s ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : f i x u p r e c e n t p r o x y a n d w o l b i t s f o r X 7 2 2 _ S U P P O R T ( S h a n n o n N e l s o n ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : A c q u i r e N V M l o c k b e f o r e r e a d s o n a l l d e v i c e s ( A a r o n S a l t e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - s c r i p t s / s p e l l i n g . t x t : a d d ' v a r i b l e ' p a t t e r n a n d f i x t y p o i n s t a n c e s ( M a s a h i r o Y a m a d a ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : I n v o k e s o f t i r q s a f t e r n a p i _ r e s c h e d u l e ( B e n j a m i n P o i r i e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e m o v e d u p l i c a t e d e v i c e i d f r o m P C I t a b l e ( C a r o l y n W y b o r n y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : m a r k t h e v a l u e p a s s e d t o c s u m _ r e p l a c e _ b y _ d i f f a s _ _ w s u m ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : E r r o r h a n d l i n g f o r l i n k e v e n t ( H a r s h i t h a R a m a m u r t h y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : p r o p e r l y c o n v e r t l e 1 6 v a l u e t o C P U f o r m a t ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : c o n v e r t t o c p u f r o m l e 1 6 t o g e n e r a t e s w i t c h _ i d c o r r e c t l y ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e f a c t o r A Q C M D b u f f e r d e b u g p r i n t i n g ( A l a n B r a d y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : F i x A d a p t i v e I T R e n a b l i n g ( C a r o l y n W y b o r n y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e v f : a d d c o m m e n t ( M i t c h W i l l i a m s ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e v f : f r e e r i n g s i n r e m o v e f u n c t i o n ( M i t c h W i l l i a m s ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e m o v e u n n e c e s s a r y c a l l t o i 4 0 e _ u p d a t e _ l i n k _ i n f o ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : e n a b l e m c m a g i c p k t w a k e u p d u r i n g p o w e r d o w n ( J o s h u a H a y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : f i x d i s a b l e o v e r f l o w p r o m i s c u o u s m o d e ( A l a n B r a d y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : S a v e m o r e l i n k a b i l i t i e s w h e n u s i n g e t h t o o l ( H e n r y T i e m a n ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a v o i d r a c e c o n d i t i o n w h e n s e n d i n g f i l t e r s t o f i r m w a r e f o r a d d i t i o n ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a l l o w i 4 0 e _ u p d a t e _ f i l t e r _ s t a t e t o s k i p b r o a d c a s t f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : d o n t w a r n e v e r y t i m e w e c l e a r a n R x t i m e s t a m p r e g i s t e r ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : S a v e l i n k F E C i n f o f r o m l i n k u p e v e n t ( H e n r y T i e m a n ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : A d d b u s n u m b e r i n f o t o i 4 0 e _ b u s _ i n f o s t r u c t ( S u d h e e r M o g i l a p p a g a r i ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : C l e a n u p d e a d c o d e ( M i t c h W i l l i a m s ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e / i 4 0 e v f : C h a n g e d v e r s i o n f r o m 1 . 6 . 2 5 t o 1 . 6 . 2 7 ( B i m m y P u j a r i ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : u p d a t e c o m m e n t e x p l a i n i n g w h e r e F D I R b u f f e r s a r e f r e e d ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e / i 4 0 e v f : e l i m i n a t e i 4 0 e _ p u l l _ t a i l ( ) ( S c o t t P e t e r s o n ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e / i 4 0 e v f : M o v e s s k b f r o m i 4 0 e _ r x _ b u f f e r t o i 4 0 e _ r i n g ( S c o t t P e t e r s o n ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e / i 4 0 e v f : L i m i t D M A s y n c o f R X b u f f e r s t o a c t u a l p a c k e t s i z e ( S c o t t P e t e r s o n ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e v f : t r a c k o u t s t a n d i n g c l i e n t r e q u e s t ( M i t c h W i l l i a m s ) b r > - i 4 0 e : d o n t c h e c k p a r a m s u n t i l a f t e r c h e c k i n g f o r c l i e n t i n s t a n c e ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a d d i n t e r r u p t r a t e l i m i t v e r b o s i t y ( A l a n B r a d y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e f a c t o r m a c r o I N T R L _ U S E C _ T O _ R E G ( A l a n B r a d y ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e m o v e u n u s e d f u n c t i o n ( M i t c h W i l l i a m s ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : R e m o v e F P K H y p e r V V F d e v i c e I D ( J a y a p r a k a s h S h a n m u g a m ) b r > - i 4 0 e : Q u i c k r e f a c t o r t o s t a r t m o v i n g d a t a o f f s t a c k a n d i n t o T x b u f f e r i n f o ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e m o v e u n n e c e s s a r y _ _ p a c k e d ( T u s h a r D a v e ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e v f : r e m o v e u n u s e d d e v i c e I D ( M i t c h W i l l i a m s ) b r > - i 4 0 e : D e p r e c a t i n g u n u s e d m a c r o ( B i m m y P u j a r i ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : w h e n a d d i n g o r r e m o v i n g M A C f i l t e r s , c o r r e c t l y h a n d l e V L A N s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : a v o i d O ( n ^ 2 ) l o o p w h e n d e l e t i n g a l l f i l t e r s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : r e n a m e i 4 0 e _ p u t _ m a c _ i n _ v l a n a n d i 4 0 e _ d e l _ m a c _ a l l _ v l a n ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : n o n e e d t o c h e c k i s _ v s i _ i n _ v l a n b e f o r e c a l l i n g i 4 0 e _ d e l _ m a c _ a l l _ v l a n ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : f o l d t h e i 4 0 e _ i s _ v s i _ i n _ v l a n c h e c k i n t o i 4 0 e _ p u t _ m a c _ i n _ v l a n ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : d o n t a l l o w i 4 0 e _ v s i _ ( a d d | k i l l ) _ v l a n t o o p e r a t e w h e n V I D 1 ( J a c o b K e l l e r ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e : C h a n g e d v e r s i o n f r o m 1 . 6 . 2 1 t o 1 . 6 . 2 5 ( B i m m y P u j a r i ) [ O r a b u g : 2 6 4 0 3 6 1 7 ] b r > - i 4 0 e / i 4 0 e v f : A d d s u p p o r t f o r m a p p i n g p a g e s w i t h D M A a t t r i b u t e s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 9 6 5 5 2 ] b r > - a a c r a i d : i n i t i a l i z e s c s i s h a r e d t a g m a p ( J o e J i n ) [ O r a b u g : 2 6 3 6 7 7 0 3 ] b r > - b n x t : a d d d m a m a p p i n g a t t r i b u t e s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 6 3 8 8 6 2 9 ] b r > - d m a - m a p p i n g : a d d i n t e r f a c e s f o r m a p p i n g p a g e s w i t h a t t r i b u t e s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 6 3 8 8 6 2 9 ] b r > - s p a r c 6 4 : S e t v a l i d b y t e s o f m i s a l i g n e d n o - f a u l t l o a d s ( R o b G a r d n e r ) [ O r a b u g : 2 6 3 1 6 9 4 4 ] b r > - f s / f u s e : F i x f o r c o r r e c t n u m b e r o f n u m a n o d e s ( B a b u M o g e r ) [ O r a b u g : 2 6 3 6 9 4 2 8 ] b r > - s p a r c 6 4 : d e l e t e o l d w r a p c o d e ( P a v e l T a t a s h i n ) [ O r a b u g : 2 6 3 7 2 2 5 4 ] b r > - s p a r c 6 4 : n e w c o n t e x t w r a p ( P a v e l T a t a s h i n ) [ O r a b u g : 2 6 3 7 2 2 5 4 ] b r > - s p a r c 6 4 : a d d p e r - c p u m m o f s e c o n d a r y c o n t e x t s ( P a v e l T a t a s h i n ) [ O r a b u g : 2 6 3 7 2 2 5 4 ] b r > - s p a r c 6 4 : r e d e f i n e f i r s t v e r s i o n ( P a v e l T a t a s h i n ) [ O r a b u g : 2 6 3 7 2 2 5 4 ] b r > - s p a r c 6 4 : c o m b i n e a c t i v a t e _ m m a n d s w i t c h _ m m ( P a v e l T a t a s h i n ) [ O r a b u g : 2 6 3 7 2 2 5 4 ] b r > - s p a r c 6 4 : r e s e t m m c p u m a s k a f t e r w r a p ( P a v e l T a t a s h i n ) [ O r a b u g : 2 6 3 7 2 2 5 4 ] b r > - R e v e r t ' s p a r c 6 4 : R e s t r i c t n u m b e r o f p r o c e s s e s ' ( P a v e l T a t a s h i n ) [ O r a b u g : 2 6 3 7 2 2 3 0 ] b r > - n e t / r d s : R e d u c e m e m o r y f o o t p r i n t i n r d s _ s e n d m s g ( W e i L i n G u a y ) [ O r a b u g : 2 6 3 5 0 9 7 4 ] b r > - x 8 6 / r a s / t h e r m _ t h r o t : D o n o t l o g a f a k e M C E f o r t h e r m a l e v e n t s ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 6 3 6 1 3 2 7 ] b r > - n f s d : c h e c k f o r o v e r s i z e d N F S v 2 / v 3 a r g u m e n t s ( J . B r u c e F i e l d s ) [ O r a b u g : 2 6 3 6 6 0 0 2 ] { C V E - 2 0 1 7 - 7 6 4 5 } b r > - s p a r c 6 4 : b r o k e n % t i c k f r e q u e n c y o n s p i t f i r e c p u s ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : u s e p r o m i n t e r f a c e t o g e t % s t i c k f r e q u e n c y ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : o p t i m i z e f u n c t i o n s t h a t a c c e s s t i c k ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : a d d h o t - p a t c h e d a n d i n l i n e d g e t _ t i c k ( ) ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : i n i t i a l i z e t i m e e a r l y ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : i m p r o v e m o d u l a r i t y t i c k o p t i o n s ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : o p t i m i z e l o a d s i n c l o c k _ s c h e d ( ) ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : s h o w t i m e s t a m p s f r o m z e r o ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : a c c e s s t i c k f u n c t i o n f r o m v a r i a b l e ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - s p a r c 6 4 : r e m o v e t r a i l i n g w h i t e s p a c e s ( P a v e l T a t a s h i n ) [ O r a b u g : 2 4 4 0 1 2 5 0 ] [ O r a b u g : 2 6 3 6 9 5 1 0 ] b r > - b l o c k : d e f e r t i m e o u t s t o a w o r k q u e u e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 6 3 7 2 2 3 5 ] b r > - m a c s e c : d y n a m i c a l l y a l l o c a t e s p a c e f o r s g l i s t ( J a s o n A . D o n e n f e l d ) [ O r a b u g : 2 6 3 7 2 6 1 0 ] { C V E - 2 0 1 7 - 7 4 7 7 } b r > - m a c s e c : a v o i d h e a p o v e r f l o w i n s k b _ t o _ s g v e c ( J a s o n A . D o n e n f e l d ) [ O r a b u g : 2 6 3 7 2 6 1 0 ] { C V E - 2 0 1 7 - 7 4 7 7 } b r > - s p a r c 6 4 : A d d 1 6 G B h u g e p a g e s u p p o r t ( N i t i n G u p t a ) [ O r a b u g : 2 6 3 1 9 8 8 5 ] b r > - x f s : r e s e t b _ f i r s t _ r e t r y _ t i m e w h e n c l e a r t h e r e t r y s t a t u s o f x f s _ b u f _ t ( H o u T a o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : f i x m a x _ r e t r i e s _ s h o w a n d _ s t o r e f u n c t i o n s ( C a r l o s M a i o l i n o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : n o r m a l i z e ' i n f i n i t e ' r e t r i e s i n e r r o r c o n f i g s ( E r i c S a n d e e n ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : d o n t r e s e t b _ r e t r i e s t o 0 o n e v e r y f a i l u r e ( E r i c S a n d e e n ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : f i x x f s _ e r r o r _ g e t _ c f g f o r n e g a t i v e e r r n o s ( E r i c S a n d e e n ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : a d d ' f a i l a t u n m o u n t ' e r r o r h a n d l i n g c o n f i g u r a t i o n ( C a r l o s M a i o l i n o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : a d d c o n f i g u r a t i o n h a n d l e r s f o r s p e c i f i c e r r o r s ( C a r l o s M a i o l i n o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : a d d c o n f i g u r a t i o n o f e r r o r f a i l u r e s p e e d ( C a r l o s M a i o l i n o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : i n t r o d u c e t a b l e - b a s e d i n i t f o r e r r o r b e h a v i o r s ( C a r l o s M a i o l i n o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : a d d c o n f i g u r a b l e e r r o r s u p p o r t t o m e t a d a t a b u f f e r s ( C a r l o s M a i o l i n o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : i n t r o d u c e m e t a d a t a I O e r r o r c l a s s ( C a r l o s M a i o l i n o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - x f s : c o n f i g u r a b l e e r r o r b e h a v i o r v i a s y s f s ( C a r l o s M a i o l i n o ) [ O r a b u g : 2 6 3 5 4 4 0 4 ] b r > - r d s : t c p : S e t l i n g e r w h e n r e j e c t i n g a n i n c o m i n g c o n n i n r d s _ t c p _ a c c e p t _ o n e ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 6 2 3 5 7 1 5 ] b r > - r d s : t c p : v a r i o u s e n d i a n - n e s s f i x e s ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 6 2 3 5 7 1 5 ] b r > - r d s : t c p : r e m o v e c p _ o u t g o i n g ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 6 2 3 5 7 1 5 ] b r > - r d s : t c p : S e q u e n c e t e a r d o w n o f l i s t e n a n d a c c e p t o r s o c k e t s t o a v o i d r a c e s ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 6 2 3 5 7 1 5 ] b r > - r d s : t c p : R e o r d e r i n i t i a l i z a t i o n s e q u e n c e i n r d s _ t c p _ i n i t t o a v o i d r a c e s ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 6 2 3 5 7 1 5 ] b r > - r d s : t c p : T a k e e x p l i c i t r e f c o u n t s o n s t r u c t n e t ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 6 2 3 5 7 1 5 ] b r > - m m : f i x n e w c r a s h i n u n m a p p e d _ a r e a _ t o p d o w n ( ) ( H u g h D i c k i n s ) [ O r a b u g : 2 6 3 2 6 1 4 4 ] { C V E - 2 0 1 7 - 1 0 0 0 3 6 4 } b r > - m m : l a r g e r s t a c k g u a r d g a p , b e t w e e n v m a s ( H u g h D i c k i n s ) [ O r a b u g : 2 6 3 2 6 1 4 4 ] { C V E - 2 0 1 7 - 1 0 0 0 3 6 4 } b r > - d t r a c e : a d d k p r o b e - u n s a f e a d d r e s s e s t o F B T b l a c k l i s t ( K r i s V a n H e e s ) [ O r a b u g : 2 6 3 2 4 0 3 9 ] b r > - d t r a c e : c o n v e r t F B T b l a c k l i s t t o R B - t r e e ( K r i s V a n H e e s ) [ O r a b u g : 2 6 3 2 4 0 3 9 ] b r > - e 1 0 0 0 e : u s e d i s a b l e _ h a r d i r q ( ) a l s o f o r M S I X v e c t o r s i n e 1 0 0 0 _ n e t p o l l ( ) ( K o n s t a n t i n K h l e b n i k o v ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : D o n t r e t u r n u n i n i t i a l i z e d s t a t s ( B e n j a m i n P o i r i e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : f i x r a c e c o n d i t i o n a r o u n d s k b _ t s t a m p _ t x ( ) ( J a c o b K e l l e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : A d d S u p p o r t f o r 3 8 . 4 M H Z f r e q u e n c y ( S a s h a N e f t i n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : A d d S u p p o r t f o r C a n n o n L a k e ( S a s h a N e f t i n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : I n i t i a l S u p p o r t f o r C a n n o n L a k e ( S a s h a N e f t i n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : f i x P T P o n e 1 0 0 0 _ p c h _ l p t v a r i a n t s ( J a r o d W i l s o n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : f i x t i m i n g f o r 8 2 5 7 9 G i g a b i t E t h e r n e t c o n t r o l l e r ( B e r n d F a u s t ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : O m i t p r i v a t e n d o _ g e t _ s t a t s f u n c t i o n ( T o b i a s K l a u s e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - R e v e r t ' e 1 0 0 0 e : d r i v e r t r y i n g t o f r e e a l r e a d y - f r e e i r q ' ( J e f f K i r s h e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : d r i v e r t r y i n g t o f r e e a l r e a d y - f r e e i r q ( k h a l i d m ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : u s e d i s a b l e _ h a r d i r q ( ) f o r e 1 0 0 0 _ n e t p o l l ( ) ( W A N G C o n g ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : f i x P T P o n e 1 0 0 0 _ p c h _ l p t v a r i a n t s ( J a r o d W i l s o n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : f a c t o r o u t s y s t i m s a n i t i z a t i o n ( J a r o d W i l s o n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : p r e v e n t d i v i s i o n b y z e r o i f T I M I N C A i s z e r o ( D e n y s V l a s e n k o ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : k e e p R x / T x H W _ V L A N _ C T A G i n s y n c ( J a r o d W i l s o n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : k e e p V L A N i n t e r f a c e s f u n c t i o n a l a f t e r r x v l a n o f f ( J a r o d W i l s o n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : d o n t m o d i f y S Y S T I M r e g i s t e r s d u r i n g S I O C S H W T S T A M P i o c t l ( J a c o b K e l l e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : m a r k s h i f t e d v a l u e s a s u n s i g n e d ( J a c o b K e l l e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : u s e B I T ( ) m a c r o f o r b i t d e f i n e s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : e 1 0 0 0 e _ c y c l e c o u n t e r _ r e a d ( ) : d o o v e r f l o w c h e c k o n l y i f n e e d e d ( D e n y s V l a s e n k o ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : e 1 0 0 0 e _ c y c l e c o u n t e r _ r e a d ( ) : f i x e r 3 2 ( S Y S T I M L ) o v e r f l o w c h e c k ( D e n y s V l a s e n k o ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : e 1 0 0 0 e _ c y c l e c o u n t e r _ r e a d ( ) : i n c v a l u e i s 3 2 b i t s , n o t 6 4 ( D e n y s V l a s e n k o ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : C l e a n u p c o n s i s t e n c y i n r e t _ v a l v a r i a b l e u s a g e ( B r i a n W a l s h ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : f i x e t h t o o l a u t o n e g o f f f o r n o n - c o p p e r ( S t e v e S h i h ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : c a l l n d o _ s t o p ( ) i n s t e a d o f d e v _ c l o s e ( ) w h e n r u n n i n g o f f l i n e s e l f t e s t ( S t e f a n A s s m a n n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : c a l l n d o _ s t o p ( ) i n s t e a d o f d e v _ c l o s e ( ) w h e n r u n n i n g o f f l i n e s e l f t e s t ( S t e f a n A s s m a n n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : D o u b l e T x d e s c r i p t o r s n e e d e d c h e c k f o r 8 2 5 4 4 ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : D o n o t o v e r e s t i m a t e d e s c r i p t o r c o u n t s i n T x p r e - c h e c k ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : I n i t i a l s u p p o r t f o r K a b e L a k e ( R a a n a n A v a r g i l ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : C l e a r U L P c o n f i g u r a t i o n r e g i s t e r o n U L P e x i t ( R a a n a n A v a r g i l ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : S e t H W F I F O m i n i m u m p o i n t e r g a p f o r n o n - g i g s p e e d s ( R a a n a n A v a r g i l ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : I n c r e a s e P H Y P L L c l o c k g a t e t i m i n g ( R a a n a n A v a r g i l ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : I n c r e a s e U L P t i m e r ( R a a n a n A v a r g i l ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : F i x m s i - x i n t e r r u p t a u t o m a s k ( B e n j a m i n P o i r i e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : D o n o t w r i t e l s c t o i c s i n m s i - x m o d e ( B e n j a m i n P o i r i e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : D o n o t r e a d I C R i n O t h e r i n t e r r u p t ( B e n j a m i n P o i r i e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : R e m o v e u n r e a c h a b l e c o d e ( B e n j a m i n P o i r i e r ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : S w i t c h e 1 0 0 0 e _ u p t o v o i d , d r o p c o d e c h e c k i n g f o r e r r o r r e s u l t ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : i n i t i a l s u p p o r t f o r i 2 1 9 - L M ( 3 ) ( R a a n a n A v a r g i l ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : I n c r e a s e t i m e o u t o f p o l l i n g b i t R S P C I P H Y ( R a a n a n A v a r g i l ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : f i x d i v i s i o n b y z e r o o n j u m b o M T U s ( D m i t r y F l e y t m a n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : E l e m e n t a r y c h e c k p a t c h w a r n i n g s a n d c h e c k s r e m o v e d ( J a n u s z W o l a k ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : g e t r i d o f d u p l i c a t e e x i t p a t h ( J e a n S a c r e n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : f i x k e r n e l - d o c a r g u m e n t b e i n g m i s s i n g ( J e a n S a c r e n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : c l e a n u p t h e l o c a l v a r i a b l e ( J e a n S a c r e n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : f i x a t y p o i n t h e c o m m e n t ( J e a n S a c r e n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : c l e a n u p t h e c h e c k i n g l o g i c ( J e a n S a c r e n ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : R e m o v e c h e c k p a t c h c o d i n g s t y l e e r r o r s ( J a n u s z W o l a k ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : f i x d a t a r a c e b e t w e e n t x _ r i n g - > n e x t _ t o _ c l e a n ( D m i t r i y V y u k o v ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : m a k e e e p r o m r e a d / w r i t e s c h e d u l e r f r i e n d l y ( J o e r n E n g e l ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : E n a b l e T S O f o r s t a c k e d V L A N ( T o s h i a k i M a k i t a ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 : r e m o v e d e a d e 1 0 0 0 _ i n i t _ e e p r o m _ p a r a m s c a l l s ( F r a n c o i s R o m i e u ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - e 1 0 0 0 e : M o d i f y T x / R x c o n f i g u r a t i o n s t o a v o i d n u l l p o i n t e r d e r e f e r e n c e s i n e 1 0 0 0 _ o p e n ( J i a - J u B a i ) [ O r a b u g : 2 6 3 3 8 9 5 2 ] b r > - i x g b e : f i x i n c o r r e c t s t a t u s c h e c k ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : a d d m i s s i n g c o n f i g u r a t i o n f o r r a t e s e l e c t 1 ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : a l w a y s c a l l s e t u p _ m a c _ l i n k f o r m u l t i s p e e d f i b e r ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : a d d w r i t e f l u s h w h e n c o n f i g u r i n g C S 4 2 2 3 / 7 ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : c o r r e c t C S 4 2 2 3 / 7 P H Y i d e n t i f i c a t i o n ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : R e s o l v e w a r n i n g s f o r - W i m p l i c i t - f a l l t h r o u g h ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : R e s o l v e t r u n c a t i o n w a r n i n g f o r q _ v e c t o r - > n a m e ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e s o l v e w a r n i n g s f o r - W i m p l i c i t - f a l l t h r o u g h ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e s o l v e t r u n c a t i o n w a r n i n g f o r q _ v e c t o r - > n a m e ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A d d e r r o r c h e c k i n g t o s e t t i n g V F M A C ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : C o r r e c t t h e r m a l s e n s o r e v e n t c h e c k ( M a r k R u s t a d ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : e n a b l e L 3 / L 4 f i l t e r i n g f o r T x s w i t c h e d p a c k e t s ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e m o v e M A C X 5 5 0 E M _ X 1 G b a s e - t l e d _ [ o n | o f f ] s u p p o r t ( P a u l G r e e n w a l t ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : C h e c k f o r R S S k e y b e f o r e s e t t i n g v a l u e ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : F i x e r r o r s i n r e t r i e v i n g R E T A a n d R S S f r o m P F ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : C h e c k f o r R S S k e y b e f o r e s e t t i n g v a l u e ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A d d 1 0 0 0 B a s e - T d e v i c e b a s e d o n X 5 5 0 E M _ X M A C ( P a u l G r e e n w a l t ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A l l o w s e t t i n g z e r o M A C a d d r e s s f o r V F ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : f i x s i z e o f q u e u e s t a t s l e n g t h ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : c l e a n m a c v l a n M A C f i l t e r t a b l e o n V F r e s e t ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A c q u i r e P H Y s e m a p h o r e b e f o r e d e v i c e r e s e t ( P a u l G r e e n w a l t ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : F i x o u t p u t f r o m i x g b e _ d u m p ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : a d d c h e c k f o r V E T O b i t w h e n c o n f i g u r i n g l i n k f o r K R ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e m o v e u n u s e d d e f i n e ( D o n S k i d m o r e ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : d o n o t u s e a d a p t e r - > n u m _ v f s w h e n s e t t i n g V F s v i a m o d u l e p a r a m e t e r ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : r e t u r n e a r l y i n s t e a d o f w r a p b l o c k i n i f s t a t e m e n t ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : m o v e n u m _ v f s _ m a c v l a n s a l l o c a t i o n i n t o s e p a r a t e f u n c t i o n ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : a d d d e f a u l t s e t u p _ l i n k f o r x 5 5 0 e m _ a M A C t y p e ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : l i s t X 5 5 3 b a c k p l a n e s p e e d s c o r r e c t l y ( D o n S k i d m o r e ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A d d X 5 5 2 X F I b a c k p l a n e s u p p o r t ( D o n S k i d m o r e ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : C o m p l e t e s u p p o r t f o r X 5 5 3 s g m i i ( D o n S k i d m o r e ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e m o v e d r i v e r c o n f i g f o r K X 4 P H Y ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e m o v e p r _ c o n t u s e s ( J o e P e r c h e s ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A v o i d T x h a n g b y n o t a l l o w i n g m o r e t h a n t h e n u m b e r o f V F s s u p p o r t e d . ( U s h a K e t i n e n i ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : L i m i t u s e o f 2 K b u f f e r s o n a r c h i t e c t u r e s w i t h 2 5 6 B o r l a r g e r c a c h e l i n e s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : u p d a t e t h e r s s k e y o n h / w , w h e n e t h t o o l a s k f o r i t ( P a o l o A b e n i ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : D o n t b o t h e r c l e a r i n g b u f f e r m e m o r y f o r d e s c r i p t o r r i n g s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A d d p r i v a t e f l a g t o c o n t r o l b u f f e r m o d e ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A d d s u p p o r t f o r p a d d i n g p a c k e t ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : U s e l e n g t h t o d e t e r m i n e i f d e s c r i p t o r i s d o n e ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : M a k e u s e o f o r d e r 1 p a g e s a n d 3 K b u f f e r s i n d e p e n d e n t o f F C o E ( A l e x a n d e r D u y c k ) b r > - i x g b e : O n l y D M A s y n c f r a m e l e n g t h ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : U p d a t e v e r s i o n t o r e f l e c t a d d e d f u n c t i o n a l i t y ( M a r k R u s t a d ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : p r e f i x D a t a C e n t e r B r i d g e o p s s t r u c t ( S t e p h e n H e m m i n g e r ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : S u p p o r t 2 . 5 G b a n d 5 G b s p e e d ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : g e t r i d o f c u s t o m b u s y p o l l i n g c o d e ( E r i c D u m a z e t ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : g e t r i d o f c u s t o m b u s y p o l l i n g c o d e ( E r i c D u m a z e t ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A d d P F s u p p o r t f o r V F p r o m i s c u o u s m o d e ( D o n S k i d m o r e ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : A d d s u p p o r t f o r V F p r o m i s c u o u s m o d e ( D o n S k i d m o r e ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : I m p l e m e n t s u p p o r t f o r f i r m w a r e - c o n t r o l l e d P H Y s ( M a r k R u s t a d ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : I m p l e m e n t f i r m w a r e i n t e r f a c e t o a c c e s s s o m e P H Y s ( M a r k R u s t a d ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e m o v e u n u s e d f i r m w a r e v e r s i o n f u n c t i o n s a n d m e t h o d ( M a r k R u s t a d ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : F i x i s s u e s w i t h E E P R O M a c c e s s ( M a r k R u s t a d ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : C o n f i g u r e a d v e r t i s e d s p e e d s c o r r e c t l y f o r K R / K X b a c k p l a n e ( D o n S k i d m o r e ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : r e s t o r e h w _ a d d r o n r e s u m e o r e r r o r ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : F i x i n c o r r e c t b i t w i s e o p e r a t i o n s o f P T P R x t i m e s t a m p f l a g s ( Y u s u k e S u z u k i ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : f i x A E R e r r o r h a n d l i n g ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : f i x A E R e r r o r h a n d l i n g ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : t e s t f o r t r u s t i n m a c v l a n a d j u s t m e n t s f o r V F ( K e n C o x ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e v f : h a n d l e r a c e b e t w e e n c l o s e a n d s u s p e n d o n s h u t d o w n ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : h a n d l e c l o s e / s u s p e n d r a c e w i t h n e t i f _ d e v i c e _ d e t a c h / p r e s e n t ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : F i x r e p o r t i n g o f 1 0 0 M b c a p a b i l i t y ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e d u c e I 2 C r e t r y c o u n t o n X 5 5 0 d e v i c e s ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : A d d b o u n d s c h e c k f o r x 5 4 0 L E D f u n c t i o n s ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : a d d m a s k f o r 6 4 R S S q u e u e s ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : F i x c h e c k f o r i x g b e _ p h y _ x 5 5 0 e m _ e x t _ t r e s e t ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : R e p o r t d r i v e r v e r s i o n t o f i r m w a r e f o r x 5 5 0 d e v i c e s ( T o n y N g u y e n ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - i x g b e : d o n o t d i s a b l e F E C f r o m t h e d r i v e r ( E m i l T a n t i l o v ) [ O r a b u g : 2 6 3 3 9 1 5 0 ] b r > - n e t / r d s : p r i o r i t i z e t h e b a s e c o n n e c t i o n e s t a b l i s h m e n t ( W e i L i n G u a y ) [ O r a b u g : 2 6 2 5 8 5 1 8 ] b r > - n e t / r d s : d e t e r m i n e a c t i v e / p a s s i v e c o n n e c t i o n w i t h I P a d d r e s s e s ( W e i L i n G u a y ) [ O r a b u g : 2 6 2 5 8 5 1 8 ] b r > - n e t / r d s : u s e d i f f e r e n t w o r k q u e u e f o r b a s e _ c o n n ( W e i L i n G u a y ) [ O r a b u g : 2 6 2 5 8 5 1 8 ] b r > - n e t / r d s : R e v e r t ' R D S : a d d r e c o n n e c t r e t r y s c h e m e f o r s t a l l e d c o n n e c t i o n s ' ( W e i L i n G u a y ) [ O r a b u g : 2 6 2 5 8 5 1 8 ] b r > - I B / m l x 4 : F i x C M R E Q r e t r i e s i n p a r a v i r t m o d e ( H a k o n B u g g e ) [ O r a b u g : 2 6 3 0 4 6 7 0 ] b r > - u e k - c o n f i g : d i s a b l e C O N F I G _ M O U S E _ P S 2 _ V M M O U S E f o r o l 6 ( E t h a n Z h a o ) [ O r a b u g : 2 6 2 6 4 6 5 0 ] b r > - i g b : m i s s i n g r t n l _ u n l o c k i n i g b _ s r i o v _ r e i n i t ( ) ( V a s i l y A v e r i n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : b u m p v e r s i o n t o i g b - 5 . 4 . 0 ( T o d d F u j i n a k a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b v f : b u m p v e r s i o n t o i g b v f - 2 . 4 . 0 ( T o d d F u j i n a k a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : f i x n o n s t a t i c s y m b o l w a r n i n g ( W e i Y o n g j u n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : f i x e r r o r c o d e i n i g b _ a d d _ e t h t o o l _ n f c _ e n t r y ( ) ( G a n g f e n g H u a n g ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : s u p p o r t R X f l o w c l a s s i f i c a t i o n b y V L A N p r i o r i t y ( G a n g f e n g H u a n g ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : s u p p o r t R X f l o w c l a s s i f i c a t i o n b y e t h e r t y p e ( G a n g f e n g H u a n g ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : a d d s u p p o r t o f R X n e t w o r k f l o w c l a s s i f i c a t i o n ( G a n g f e n g H u a n g ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : f i x a d j u s t i n g P T P t i m e s t a m p s f o r T x / R x l a t e n c y ( K s h i t i z G u p t a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : O n l y D M A s y n c f r a m e l e n g t h ( A n d r e w L u n n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : c a l l i g b _ p t p _ s u s p e n d d u r i n g s u s p e n d / r e s u m e c y c l e ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : i m p l e m e n t i g b _ p t p _ s u s p e n d ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : r e - u s e i g b _ p t p _ r e s e t i n i g b _ p t p _ i n i t ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : i n t r o d u c e I G B _ P T P _ O V E R F L O W _ C H E C K f l a g ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : i n t r o d u c e p t p _ f l a g s v a r i a b l e a n d u s e i t t o r e p l a c e I G B _ F L A G _ P T P ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b v f : u s e B I T ( ) m a c r o i n s t e a d o f s h i f t s ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b v f : r e m o v e u n u s e d v a r i a b l e a n d d e a d c o d e ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : a d j u s t P T P t i m e s t a m p s f o r T x / R x l a t e n c y ( N a t h a n S u l l i v a n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : m a k e i g b _ u p d a t e _ p f _ v l v f s t a t i c ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : u s e B I T ( ) m a c r o o r u n s i g n e d p r e f i x ( J a c o b K e l l e r ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - R e v e r t ' i g b : F i x a d e a d l o c k i n i g b _ s r i o v _ r e i n i t ' ( A r i k a C h e n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : G a r b l e d o u t p u t f o r ' e t h t o o l - m ' ( D o r o n S h i k m o n i ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : a l l o w s e t t i n g M A C a d d r e s s o n i 2 1 1 u s i n g a d e v i c e t r e e b l o b ( J o h n H o l l a n d ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : F i x s p a r s e w a r n i n g a b o u t p a s s i n g _ _ b e X X i n t o l e X X _ t o _ c p u p ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : c a l l n d o _ s t o p ( ) i n s t e a d o f d e v _ c l o s e ( ) w h e n r u n n i n g o f f l i n e s e l f t e s t ( S t e f a n A s s m a n n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : F i x V L A N t a g s t r i p p i n g o n I n t e l i 3 5 0 ( C o r i n n a V i n s c h e n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b v f : r e m o v e ' l i n k i s U p ' m e s s a g e w h e n r e g i s t e r i n g m c a s t a d d r e s s ( J o n M a x w e l l ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b v f : A d d s u p p o r t f o r g e n e r i c T x c h e c k s u m s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : A d d s u p p o r t f o r g e n e r i c T x c h e c k s u m s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : r e n a m e i g b d e f i n e t o b e m o r e g e n e r i c ( T o d d F u j i n a k a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : a d d c o n d i t i o n s f o r I 2 1 0 t o g e n e r a t e p e r i o d i c c l o c k o u t p u t ( R o l a n d H i i ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : e n a b l e W o L f o r O E M d e v i c e s r e g a r d l e s s o f E E P R O M s e t t i n g ( T o d d F u j i n a k a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : c o n s t i f y e 1 0 0 0 _ p h y _ o p e r a t i o n s s t r u c t u r e ( J u l i a L a w a l l ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : W h e n G b E l i n k u p , w a i t f o r R e m o t e r e c e i v e r s t a t u s c o n d i t i o n ( T a k u m a U e b a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : A d d w o r k a r o u n d f o r V L A N t a g s t r i p p i n g o n 8 2 5 7 6 ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : E n a b l e u s e o f ' b r i d g e f d b a d d ' t o s e t u n i c a s t t a b l e e n t r i e s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : D r o p u n n e c e s s a r y c h e c k s i n t r a n s m i t p a t h ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : A d d s u p p o r t f o r V L A N p r o m i s c u o u s w i t h S R - I O V a n d N T U P L E ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : C l e a n - u p c o n f i g u r a t i o n o f V F p o r t V L A N s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : M e r g e V L V F c o n f i g u r a t i o n i n t o i g b _ v f t a _ s e t ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : A l w a y s e n a b l e V L A N 0 e v e n i f 8 0 2 1 q i s n o t l o a d e d ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : D o n o t f a c t o r V L A N s i n t o R L P M L c a l c u l a t i o n ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : A l l o w a s y m m e t r i c c o n f i g u r a t i o n o f M T U v e r s u s R x f r a m e s i z e ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : R e f a c t o r V F T A c o n f i g u r a t i o n ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : c l e a n u p c o d e f o r s e t t i n g M A C a d d r e s s ( A l e x a n d e r D u y c k ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b / i g b v f : d o n t g i v e u p ( M i t c h W i l l i a m s ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : U n p a i r t h e q u e u e s w h e n c h a n g i n g t h e n u m b e r o f q u e u e s ( S h o t a S u z u k i ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : R e m o v e u n n e c e s s a r y f l a g s e t t i n g i n i g b _ s e t _ f l a g _ q u e u e _ p a i r s ( ) ( S h o t a S u z u k i ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : E x p l i c i t l y l a b e l s e l f - t e s t r e s u l t i n d i c e s ( J o e S c h u l t z ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : I m p r o v e c a b l e l e n g t h f u n c t i o n f o r I 2 1 0 , e t c . ( J o e S c h u l t z ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : D o n t a d d P H Y a d d r e s s t o P C D L a d d r e s s ( A a r o n S i e r r a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : R e m o v e G S 4 0 G s p e c i f i c d e f i n e s / f u n c t i o n s ( A a r o n S i e r r a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : i m p r o v e h a n d l i n g o f d i s c o n n e c t e d a d a p t e r s ( J a r o d W i l s o n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : f i x N U L L d e r e f s d u e t o s k i p p e d S R - I O V e n a b l i n g ( J a n B e u l i c h ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : u s e t h e c o r r e c t i 2 1 0 r e g i s t e r f o r E E M N G C T L ( T o d d F u j i n a k a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : d o n t u n m a p N U L L h w _ a d d r ( J a r o d W i l s o n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : a d d 8 8 E 1 5 4 3 i n i t i a l i z a t i o n c o d e ( T o d d F u j i n a k a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - n e t : i g b : a v o i d u s i n g t i m e s p e c ( A r n d B e r g m a n n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : a s s u m e M S I - X i n t e r r u p t s d u r i n g i n i t i a l i z a t i o n ( S t e f a n A s s m a n n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b v f : E n a b l e T S O f o r s t a c k e d V L A N ( T o s h i a k i M a k i t a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : m a k e s u r e S R - I O V i n i t u s e s t h e r i g h t n u m b e r o f q u e u e s ( T o d d F u j i n a k a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b v f : c l e a r b u f f e r _ i n f o - > d m a a f t e r d m a _ u n m a p _ s i n g l e ( ) ( S t e f a n A s s m a n n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : F i x a m e m o r y l e a k i n i g b _ p r o b e ( J i a - J u B a i ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : F i x a d e a d l o c k i n i g b _ s r i o v _ r e i n i t ( J i a - J u B a i ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : T e a r d o w n S R - I O V b e f o r e u n r e g i s t e r _ n e t d e v ( ) ( A l e x W i l l i a m s o n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : a d d s u p p o r t f o r 1 5 1 2 P H Y ( T o d d F u j i n a k a ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - i g b : i m p l e m e n t h i g h f r e q u e n c y p e r i o d i c o u t p u t s i g n a l s ( R i c h a r d C o c h r a n ) [ O r a b u g : 2 6 2 4 2 9 0 4 ] b r > - b l k b a c k / b l k t a p : d o n t l e a k s t a c k d a t a v i a r e s p o n s e r i n g ( J a n B e u l i c h ) [ O r a b u g : 2 6 3 2 1 9 5 4 ] b r > - D o c u m e n t a t i o n / s p a r c : S t e p s f o r s e n d i n g b r e a k o n s u n h v c o n s o l e ( V i j a y K u m a r ) [ O r a b u g : 2 6 3 2 2 0 3 1 ] b r > - s p a r c 6 4 : S e n d b r e a k t w i c e f r o m c o n s o l e t o r e t u r n t o b o o t p r o m ( V i j a y K u m a r ) [ O r a b u g : 2 6 3 2 2 0 3 1 ] b r > - s p a r c 6 4 : M i g r a t e h v c o n s i r q t o p a n i c k e d c p u ( V i j a y K u m a r ) [ O r a b u g : 2 6 3 2 2 0 3 1 ] b r > - s p a r c 6 4 : S e t c p u s t a t e t o o f f l i n e w h e n s t o p p e d ( V i j a y K u m a r ) [ O r a b u g : 2 6 3 2 2 0 3 1 ] b r > - d t r a c e : i o p r o v i d e r p r o b e s f o r n f s ( N i c o l a s D r o u x ) [ O r a b u g : 2 6 1 4 5 7 0 1 ] b r > - c t f : f i x a v a r i e t y o f m e m o r y l e a k s a n d u s e - a f t e r - f r e e b u g s ( N i c k A l c o c k ) [ O r a b u g : 2 6 3 2 3 7 5 5 ] b r > - D T r a c e : I P p r o v i d e r u s e - a f t e r - f r e e f o r d r o p - o u t p r o b e p o i n t s ( A l a n M a g u i r e ) [ O r a b u g : 2 5 9 2 4 5 9 4 ] b r > - n e t / m l x 4 _ c o r e : U s e r o u n d r o b i n s c h e m e t o a v o i d s t a l e c a c h e s ( S a n t o s h S h i l i m k a r ) [ O r a b u g : 2 6 2 6 5 8 0 1 ] b r > - n v m e : Q u i r k s f o r P M 1 7 2 5 c o n t r o l l e r s ( M a r t i n K . P e t e r s e n ) [ O r a b u g : 2 6 2 8 4 7 3 5 ] b r > - n v m e : a p p l y D E L A Y _ B E F O R E _ C H K _ R D Y q u i r k a t p r o b e t i m e t o o ( G u i l h e r m e G . P i c c o l i ) [ O r a b u g : 2 6 2 8 4 7 3 5 ] b r > - n v m e / q u i r k : A d d a d e l a y b e f o r e c h e c k i n g d e v i c e r e a d y f o r m e m b l a z e d e v i c e ( W e n b o W a n g ) [ O r a b u g : 2 6 2 8 4 7 3 5 ] b r > - n v m e / q u i r k : A d d a d e l a y b e f o r e c h e c k i n g f o r a d a p t e r r e a d i n e s s ( G u i l h e r m e G . P i c c o l i ) [ O r a b u g : 2 6 2 8 4 7 3 5 ] b r > - p e r c p u _ r e f : a l l o w o p e r a t i o n m o d e s w i t c h i n g o p e r a t i o n s t o b e c a l l e d c o n c u r r e n t l y ( T e j u n H e o ) [ O r a b u g : 2 6 2 9 0 7 5 7 ] b r > - p e r c p u _ r e f : r e s t r u c t u r e o p e r a t i o n m o d e s w i t c h i n g ( T e j u n H e o ) [ O r a b u g : 2 6 2 9 0 7 5 7 ] b r > - p e r c p u _ r e f : u n i f y s t a g g e r e d a t o m i c s w i t c h i n g w a i t b e h a v i o r ( T e j u n H e o ) [ O r a b u g : 2 6 2 9 0 7 5 7 ] b r > - p e r c p u _ r e f : r e o r g a n i z e _ _ p e r c p u _ r e f _ s w i t c h _ t o _ a t o m i c ( ) a n d r e l o c a t e p e r c p u _ r e f _ s w i t c h _ t o _ a t o m i c ( ) ( T e j u n H e o ) [ O r a b u g : 2 6 2 9 0 7 5 7 ] b r > - p e r c p u _ r e f : r e m o v e u n n e c e s s a r y R C U g r a c e p e r i o d f o r s t a g g e r e d a t o m i c s w i t c h i n g c o n f i r m a t i o n ( T e j u n H e o ) [ O r a b u g : 2 6 2 9 0 7 5 7 ] b r > - b l o c k : F i x m i s m e r g e i n q u e u e f r e e z e l o g i c ( M a r t i n K . P e t e r s e n ) [ O r a b u g : 2 6 2 9 0 7 5 7 ] b r > - v f i o / p c i : F i x u n s i g n e d c o m p a r i s o n o v e r f l o w ( A l e x W i l l i a m s o n ) b r > - r e s t o r e m u t e x _ l o c k ( ) c a l l t o b l k _ m q _ f r e e z e _ q u e u e _ s t a r t ( ) ( D a n D u v a l ) [ O r a b u g : 2 6 2 6 6 9 1 7 ] b r > - s p a r c 6 4 : m m : f i x c o p y _ t s b t o c o r r e c t l y c o p y h u g e p a g e T S B s ( M i k e K r a v e t z ) [ O r a b u g : 2 6 2 7 3 0 0 4 ] b r > - n v m e : A d d a w r a p p e r f o r g e t t i n g t h e a d m i n q u e u e d e p t h ( M a r t i n K . P e t e r s e n ) [ O r a b u g : 2 6 2 8 4 6 0 3 ] b r > - n v m e : R e m o v e t i m e o u t w h e n d e l e t i n g q u e u e ( M a r t i n K . P e t e r s e n ) [ O r a b u g : 2 6 2 8 4 6 2 6 ] b r > - I P / i p o i b : M o v e i n i t i a l i z a t i o n o f A C L i n s t a n c e s t a b l e t o d e v i c e i n i t p h a s e ( Y u v a l S h a i a ) [ O r a b u g : 2 6 2 9 0 3 7 7 ] b r > - b t r f s : f i x c l o n e / e x t e n t - s a m e d e a d l o c k s ( M a r k F a s h e h ) [ O r a b u g : 2 6 0 9 3 1 1 2 ] b r > - b t r f s : d o n t u p d a t e m t i m e / c t i m e o n d e d u p e d i n o d e s ( M a r k F a s h e h ) [ O r a b u g : 2 6 0 9 3 1 1 2 ] b r > - b t r f s : a l l o w d e d u p e o f s a m e i n o d e ( M a r k F a s h e h ) [ O r a b u g : 2 6 0 9 3 1 1 2 ] b r > - b t r f s : f i x d e a d l o c k w i t h e x t e n t - s a m e a n d r e a d p a g e ( M a r k F a s h e h ) [ O r a b u g : 2 6 0 9 3 1 1 2 ] b r > - b t r f s : p a s s u n a l i g n e d l e n g t h t o b t r f s _ c m p _ d a t a ( ) ( M a r k F a s h e h ) [ O r a b u g : 2 6 0 9 3 1 1 2 ] b r > - F i x E x p r e s s l a n e q u e u e c r e a t i o n . ( J a m e s S m a r t ) [ O r a b u g : 2 6 1 0 2 2 7 6 ] b r > - u e k - r p m / c o n f i g : b u i l d t c m u k e r n e l m o d u l e b y d e f a u l t ( S h a n H a i ) [ O r a b u g : 2 6 1 8 5 7 9 2 ] [ O r a b u g : 2 5 9 8 3 3 1 9 ] b r > - r d s : t c p : f i x m e m o r y l e a k i n T I M E _ W A I T s o c k e t s ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 6 1 8 9 8 9 2 ] b r > - r d s : t c p : c a n o n i c a l c o n n e c t i o n o r d e r f o r a l l p a t h s w i t h i n d e x > 0 ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 5 4 3 6 9 1 2 ] b r > - r d s : t c p : a l l o w p r o g r e s s o f r d s _ c o n n _ s h u t d o w n i f t h e r d s _ c o n n e c t i o n i s m a r k e d E R R O R b y a n i n t e r v e n i n g F I N ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 5 4 3 6 9 1 2 ] b r > - B a c k p o r t m u l t i p a t h R D S f r o m u p s t r e a m t o U E K 4 ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 5 4 3 6 9 1 2 ] b r > b r > [ 4 . 1 . 1 2 - 1 0 3 . 2 . 1 ] b r > - u e k - r p m : e n a b l e b n x t d r i v e r f o r s p a r c ( A l l e n P a i s ) [ O r a b u g : 2 6 2 2 2 5 0 2 ] b r > - u e k - r p m : s e t C O N F I G _ F O R C E _ M A X _ Z O N E O R D E R t o 1 6 ( A l l e n P a i s ) [ O r a b u g : 2 6 2 2 2 4 9 4 ] b r > - s p a r c : F i x k e r n e l B U G a t a r c h / s p a r c / k e r n e l / m d e s c . c ( T h o m a s T a i ) b r > - s p a r c 6 4 : a l l o c a t e s u f f i c i e n t s p a c e f o r m a c h i n e d e s c r i p t i o n ( T h o m a s T a i ) [ O r a b u g : 2 6 2 2 2 4 7 1 ] b r > - s p a r c 6 4 / m l x 4 _ c o r e : r e l a x e d o r d e r f o r m l x 4 _ c o r e d m a m a p p i n g s ( S h a m i r R a b i n o v i t c h ) [ O r a b u g : 2 6 2 2 2 4 3 4 ] b r > - x s i g o : U E K 4 - Q U 5 : p o o r p e r f o r m a n c e d i s c o v e r i n g 2 5 6 F C L U N s w / 4 p a t h s p e r L U N ( P r a d e e p G o p a n a p a l l i ) [ O r a b u g : 2 6 1 9 9 2 0 0 ] b r > - N V M e : D u r i n g N V M e p r o b e , g e t N V M e d e v i c e i n f o r m a t i o n b e f o r e m a p p i n g t h e d e v i c e ( A s h o k V a i r a v a n ) [ O r a b u g : 2 6 1 9 4 8 5 0 ] b r > - s p a r c 6 4 : F i x a n e r r o r c o d e r e t u r n e d b y a D A X i o c t l ( S a n a t h K u m a r ) [ O r a b u g : 2 6 1 9 0 9 9 9 ] b r > - s p a r c 6 4 : f i x M 8 A D I s u p p o r t ( A n t h o n y Y z n a g a ) [ O r a b u g : 2 6 1 9 0 9 9 7 ] b r > b r > [ 4 . 1 . 1 2 - 1 0 3 . 1 . 1 ] b r > - A d d e d I B d i a g c o u n t e r s f r o m U E K 2 ( C h r i s G r a y ) [ O r a b u g : 2 6 0 8 8 2 0 8 ] b r > - s c s i : m e g a r a i d _ s a s : D r i v e r v e r s i o n u p g r a d e ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : r a i d 6 a l s o r e q u i r e c p u S e l c h e c k s a m e a s r a i d 5 ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : a d d c o r r e c t r e t u r n t y p e c h e c k f o r l d i o h i n t l o g i c f o r r a i d 1 ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : a r r a y o v e r f l o w i n m e g a s a s _ d u m p _ f r a m e ( ) ( D a n C a r p e n t e r ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : d r i v e r v e r s i o n u p g r a d e ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : C h a n g e R A I D _ 1 _ 1 0 _ R M W _ C M D S t o R A I D _ 1 _ P E E R _ C M D S a n d s e t v a l u e t o 2 ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : I n d e n t a t i o n a n d s m a t c h w a r n i n g f i x e s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : C l e a n u p V D _ E X T _ D E B U G a n d S P A N _ D E B U G r e l a t e d d e b u g p r i n t s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : I n c r e a s e i n t e r n a l c o m m a n d p o o l ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : B a i l o u t t h e d r i v e r l o a d i f l d _ l i s t _ q u e r y f a i l s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : C h a n g e b u i l d _ m p t _ m f i _ p a s s _ t h r u t o r e t u r n v o i d ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : D u r i n g O C R , i f g e t _ c t r l _ i n f o f a i l s d o n o t c o n t i n u e w i t h O C R ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : D o n o t s e t f p _ p o s s i b l e i f T M c a p a b l e f o r n o n - R W s y s p d I O , c h a n g e f p _ p o s s i b l e t o b o o l ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : R e m o v e u n u s e d p d _ i n d e x f r o m m e g a s a s _ b u i l d _ l d _ n o n r w _ f u s i o n ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : m e g a s a s _ r e t u r n _ c m d d o e s n o t m e m s e t I O f r a m e t o z e r o ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : m a x _ f w _ c m d s a r e d e c r e m e n t e d t w i c e , r e m o v e d u p l i c a t e ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : u p d a t e c a n _ q u e u e o n l y i f t h e n e w v a l u e i s l e s s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : C h a n g e m a x _ c m d f r o m u 3 2 t o u 1 6 i n a l l f u n c t i o n s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : s e t p d _ a f t e r _ l b f r o m M R _ B u i l d R a i d C o n t e x t a n d i n i t i a l i z e p D e v H a n d l e t o M R _ D E V H A N D L E _ I N V A L I D ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : l a t e s t c o n t r o l l e r O C R c a p a b i l i t y f r o m F W b e f o r e s e n d i n g s h u t d o w n D C M D ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : a v o i d u n a l i g n e d a c c e s s i n i o c t l p a t h ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : b i g e n d i a n s u p p o r t c h a n g e s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : B i g e n d i a n R D P Q m o d e f i x ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : M R _ T a r g e t I d T o L d G e t u 8 t o u 1 6 a n d a v o i d i n v a l i d r a i d - m a p a c c e s s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : I n v a l i d a t e r a i d m a p , r a i d c a p a b i l i t y i s n o t c o n v e r t e d t o c p u f o r m a t f o r a l l l d s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : r e d u c e s i z e o f f u s i o n _ c o n t e x t a n d u s e v m a l l o c i f k m a l l o c f a i l s ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : a d d p r i n t i n d e v i c e r e m o v a l p a t h ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : e n h a n c e d e b u g l o g s i n O C R c o n t e x t ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : s e t r e s i d u a l b y t e s c o u n t d u r i n g I O c o m p l e t i o n ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : r a i d 1 w r i t e p e r f o r m a n c e f o r l a r g e i o ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : c h a n g e i s s u e _ d c m d t o r e t u r n v o i d f r o m i n t ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : m e g a s a s _ g e t _ r e q u e s t _ d e s c r i p t o r a l w a y s r e t u r n v a l i d d e s c ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : U s e D I D _ R E Q U E U E ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : R A I D m a p i s a c c e s s e d f o r S Y S P D s w h e n u s e _ s e q n u m _ j b o d _ f p i s n o t s e t ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : R e f a c t o r M E G A S A S _ I S _ L O G I C A L m a c r o u s i n g s d e v ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : 3 2 b i t d e s c r i p t o r f i r e c m d o p t i m i z a t i o n ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : r a i d 1 f a s t p a t h c o d e o p t i m i z e ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : c p u s e l e c t r e w o r k . ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - R e v e r t ' s c s i : m e g a r a i d _ s a s : E n a b l e o r D i s a b l e F a s t p a t h b a s e d o n t h e P C I T h r e s h o l d B a n d w i d t h ' ( S h i v a s h a r a n S ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : d r i v e r v e r s i o n u p g r a d e ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : I m p l e m e n t t h e P D M a p s u p p o r t f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : l d i o _ o u t s t a n d i n g v a r i a b l e i s n o t d e c r e m e n t e d i n c o m p l e t i o n p a t h ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : E n a b l e o r D i s a b l e F a s t p a t h b a s e d o n t h e P C I T h r e s h o l d B a n d w i d t h ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : A d d t h e S u p p o r t f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s C a p a b i l i t i e s ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : D y n a m i c R a i d M a p C h a n g e s f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s F a s t P a t h f o r R A I D 1 / 1 0 W r i t e s ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s S t r e a m D e t e c t i o n a n d I O C o a l e s c i n g ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : E E D P E s c a p e M o d e S u p p o r t f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : 1 2 8 M S I X S u p p o r t ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : m e g a r a i d _ s a s : A d d n e w p c i d e v i c e I d s f o r S A S 3 . 5 G e n e r i c M e g a r a i d C o n t r o l l e r s ( S a s i k u m a r C h a n d r a s e k a r a n ) [ O r a b u g : 2 6 0 9 6 3 8 1 ] b r > - s c s i : s d : C h e c k f o r u n a l i g n e d p a r t i a l c o m p l e t i o n ( D a m i e n L e M o a l ) [ O r a b u g : 2 6 1 7 8 3 6 9 ] b r > - P C I / A E R : i n c l u d e h e a d e r f i l e ( S u d i p M u k h e r j e e ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : r e v e r s e I O d i r e c t i o n f o r V U C c o m m a n d c o d e F 7 ( A s h o k V a i r a v a n ) [ O r a b u g : 2 5 2 5 8 0 7 1 ] b r > - n v m e : f a c t o r o u t a a d d n v m e _ i s _ w r i t e h e l p e r ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a l l o w f o r s i z e l i m i t a t i o n s f r o m t r a n s p o r t d r i v e r s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e . h : a d d c o n s t a n t s f o r P S D T a n d F U S E v a l u e s ( J a m e s S m a r t ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e . h : a d d A E R c o n s t a n t s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e . h : a d d N V M c o m m a n d s e t S Q E / C Q E s i z e d e f i n e s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e . h : A d d g e t _ l o g _ p a g e c o m m a n d s t r u c u r e ( A r m e n B a l o y a n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e . h : a d d R T D 3 R , R T D 3 E a n d O A E S f i e l d s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : O n l y r e l e a s e r e q u e s t e d r e g i o n s ( J o h a n n e s T h u m s h i r n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x r e m o v a l i n c a s e o f a c t i v e n a m e s p a c e l i s t s c a n n i n g m e t h o d ( S u n a d B h a n d a r y ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : I m p l e m e n t n a m e s p a c e l i s t s c a n n i n g ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : D o n t u n m a p c o n t r o l l e r r e g i s t e r s o n r e s e t ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : r e d u c e a d m i n q u e u e d e p t h a s w o r k a r o u n d f o r S a m s u n g E P I C S Q e r r a t a ( A s h o k V a i r a v a n ) [ O r a b u g : 2 5 1 8 6 2 1 9 ] b r > - n v m e : L i m i t c o m m a n d r e t r i e s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : r e d u c e q u e u e d e p t h a s w o r k a r o u n d f o r S a m s u n g E P I C S Q e r r a t a ( A s h o k V a i r a v a n ) [ O r a b u g : 2 5 1 3 8 1 2 3 ] b r > - N V M e : C r e a t e d i s c a r d z e r o q u i r k w h i t e l i s t ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : u s e U I N T _ M A X f o r m a x d i s c a r d s e c t o r s ( M i n f e i H u a n g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e n v m e _ c a n c e l _ r e q u e s t ( ) t o c o m m o n c o d e ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : u p d a t e a n d r e n a m e n v m e _ c a n c e l _ i o t o n v m e _ c a n c e l _ r e q u e s t ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - b l k - m q : E x p o r t t a g s e t i t e r f u n c t i o n ( S a g i G r i m b e r g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : A d d d e v i c e I D s w i t h s t r i p e q u i r k ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : S h o r t - c u t r e m o v a l o n s u r p r i s e h o t - u n p l u g ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : A l l o w u s e r i n i t i a t e d r e s c a n ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : R e d u c e d r i v e r l o g s p a m m i n g ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : U n b i n d d r i v e r o n f a i l u r e ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : D e l e t e o n l y c r e a t e d q u e u e s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x r e s e t / r e m o v e r a c e ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f i x n v m e _ n s _ r e m o v e ( ) d e a d l o c k ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s w i t c h t o R C U f r e e i n g t h e n a m e s p a c e ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : c o r r e c t c o m m e n t f o r o f f s e t e n u m o f c o n t r o l l e r r e g i s t e r s i n n v m e . h ( W a n g S h e n g - H u i ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a d d h e l p e r n v m e _ c l e a n u p _ c m d ( ) ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e A E R h a n d l i n g t o c o m m o n c o d e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e n a m e s p a c e s c a n n i n g t o c o r e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : t i g h t e n u p s t a t e c h e c k f o r n a m e s p a c e s c a n n i n g ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : i n t r o d u c e a c o n t r o l l e r s t a t e m a c h i n e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : r e m o v e t h e i o _ i n c a p a b l e m e t h o d ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : n v m e _ c o r e _ e x i t ( ) s h o u l d d o c l e a n u p i n t h e r e v e r s e o r d e r a s n v m e _ c o r e _ i n i t d o e s ( W a n g S h e n g - H u i ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x c h e c k _ f l u s h _ d e p e n d e n c y w a r n i n g ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : s m a l l t y p o i n s e c t i o n B L K _ D E V _ N V M E _ S C S I o f h o s t / K c o n f i g ( W a n g S h e n g - H u i ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f i x c n t l i d t y p e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : A v o i d r e s e t w o r k o n w a t c h d o g t i m e r f u n c t i o n d u r i n g e r r o r r e c o v e r y ( G u i l h e r m e G . P i c c o l i ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : r e m o v e d e a d c o n t r o l l e r s f r o m a w o r k i t e m ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : s i l e n c e w a r n i n g a b o u t u n u s e d ' d e v ' ( J e n s A x b o e ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : s w i t c h t o u s i n g b l k _ q u e u e _ w r i t e _ c a c h e ( ) ( J e n s A x b o e ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - b l o c k : a d d a b i l i t y t o f l a g w r i t e b a c k c a c h i n g o n a d e v i c e ( J e n s A x b o e ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : U s e b l k - m q h e l p e r f o r I O t e r m i n a t i o n ( S a g i G r i m b e r g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : S k i p a s y n c e v e n t s f o r d e g r a d e d c o n t r o l l e r s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a d d h e l p e r n v m e _ s e t u p _ c m d ( ) ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - b l o c k : a d d o f f s e t i n b l k _ a d d _ r e q u e s t _ p a y l o a d ( ) ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : r e w r i t e d i s c a r d s u p p o r t ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a d d h e l p e r n v m e _ m a p _ l e n ( ) ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a d d m i s s i n g l o c k n e s t i n g n o t a t i o n ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : A l w a y s u s e M S I / M S I - x i n t e r r u p t s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x r e s e t / r e m o v e r a c e ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a v o i d c q e c o r r u p t i o n w h e n u p d a t e a t t h e s a m e t i m e a s r e a d ( M a r t a R y b c z y n s k a ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : E x p o s e n s w w i d t h r o u g h s i n g l e s y s f s e n t r y ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : R e m o v e u n u s e d s q _ h e a d r e a d i n c o m p l e t i o n p a t h ( J o n D e r r i c k ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f i x m a x _ s e g m e n t s i n t e g e r t r u n c a t i o n ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s e t q u e u e l i m i t s f o r t h e a d m i n q u e u e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x 0 - l e n g t h i n t e g r i t y p a y l o a d ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : D o n t a l l o w u n s u p p o r t e d f l a g s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : M o v e e r r o r h a n d l i n g t o f a i l e d r e s e t h a n d l e r ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : S i m p l i f y d e v i c e r e s e t f a i l u r e ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x n a m e s p a c e r e m o v a l d e a d l o c k ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : U s e I D A f o r n a m e s p a c e d i s k n a m i n g ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : e x p o s e c n t l i d i n s y s f s ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : r e t u r n t h e w h o l e C Q E t h r o u g h t h e r e q u e s t p a s s t h r o u g h i n t e r f a c e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f i x K c o n f i g d e s c r i p t i o n f o r B L K _ D E V _ N V M E _ S C S I ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : r e p l a c e t h e k t h r e a d w i t h a p e r - d e v i c e w a t c h d o g t i m e r ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : d o n t p o l l t h e C Q f r o m t h e k t h r e a d ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : u s e a w o r k i t e m t o s u b m i t a s y n c e v e n t r e q u e s t s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : R a t e l i m i t n v m e I O w a r n i n g s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : P o l l d e v i c e w h i l e s t i l l a c t i v e d u r i n g r e m o v e ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : R e q u e u e r e q u e s t s o n s u s p e n d e d q u e u e s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : A l l o w r e q u e s t m e r g e s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x i o i n c a p a b l e r e t u r n v a l u e s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s p l i t p c i m o d u l e o u t o f c o r e m o d u l e ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s p l i t d e v _ l i s t _ l o c k ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e t i m e o u t v a r i a b l e s t o c o r e . c ( M i n g L i n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e / h o s t : r e f e r e n c e t h e f a b r i c m o d u l e f o r e a c h b d e v o p e n c a l l o u t ( S a g i G r i m b e r g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : L o g t h e c t r l d e v i c e n a m e i n s t e a d o f t h e u n d e r l y i n g p c i d e v i c e n a m e ( S a g i G r i m b e r g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f i x d r v d a t a s e t u p f o r t h e n v m e d e v i c e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x p o s s i b l e q u e u e u s e a f t e r f r e e d ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s w i t c h a b o r t t o b l k _ e x e c u t e _ r q _ n o w a i t ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - b l k - m q : f i x r a c y u p d a t e s o f r q - > e r r o r s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : E x p o r t N V M e a t t r i b u t e s t o s y s f s g r o u p ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : S h u t d o w n c o n t r o l l e r o n l y f o r p o w e r - o f f ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : I O q u e u e d e l e t i o n r e - w r i t e ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : R e m o v e q u e u e f r e e z i n g o n r e s e t s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : U s e a r e t r y a b l e e r r o r c o d e o n r e s e t ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x a d m i n q u e u e r i n g w r a p ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m a k e S G _ I O s u p p o r t o p t i o n a l ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f i x e s f o r N V M E _ I O C T L _ I O _ C M D o n t h e c h a r d e v i c e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s y n c h r o n i z e a c c e s s t o c t r l - > n a m e s p a c e s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : M o v e n v m e _ f r e e z e / u n f r e e z e _ q u e u e s t o n v m e c o r e ( S a g i G r i m b e r g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : E x p o r t n a m e s p a c e a t t r i b u t e s t o s y s f s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : A d d p c i e r r o r h a n d l e r s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m e r g e i o d a n d c m d _ i n f o ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m e t a _ s g d o e s n t h a v e t o b e a n a r r a y ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : p r o p e r l y f r e e r e s o u r c e s f o r c a n c e l l e d c o m m a n d ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s i m p l i f y c o m p l e t i o n h a n d l i n g ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s p e c i a l c a s e A E N r e q u e s t s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f a c t o r o u t a f e w h e l p e r s f r o m r e q _ c o m p l e t i o n ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f i x a d m i n q u e u e d e p t h ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : S i m p l i f y m e t a d a t a s e t u p ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : R e m o v e d e v i c e m a n a g e m e n t h a n d l e s o n r e m o v e ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : U s e u n b o u n d e d w o r k q u e u e f o r a l l w o r k ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s w i t c h a b o r t _ l i m i t t o a n a t o m i c _ t ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m e r g e p r o b e _ w o r k a n d r e s e t _ w o r k ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : d o n o t r e s t a r t t h e r e q u e s t t i m e o u t i f w e r e r e s e t t i n g t h e c o n t r o l l e r ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s i m p l i f y r e s e t s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a d d N V M E _ S C _ C A N C E L L E D ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m e r g e n v m e _ a b o r t _ r e q a n d n v m e _ t i m e o u t ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : d o n t t a k e t h e I / O q u e u e q _ l o c k i n n v m e _ t i m e o u t ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : p r o t e c t a g a i n s t s i m u l t a n e o u s s h u t d o w n i n v o c a t i o n s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : o n l y a d d a c o n t r o l l e r t o d e v _ l i s t a f t e r i t s b e e n f u l l y i n i t i a l i z e d ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : o n l y i g n o r e h a r d w a r e e r r o r s i n n v m e _ c r e a t e _ i o _ q u e u e s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : p r e c e d e n c e b u g i n n v m e _ p r _ c l e a r ( ) ( D a n C a r p e n t e r ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f i x a n o t h e r 3 2 - b i t b u i l d w a r n i n g ( A r n d B e r g m a n n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : r e f a c t o r s e t _ q u e u e _ c o u n t ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e c h a r d e v a n d s y s f s i n t e r f a c e t o c o m m o n c o d e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e n a m e s p a c e s c a n n i n g t o c o m m o n c o d e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e t h e c a l l t o n v m e _ i n i t _ i d e n t i f y e a r l i e r ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a d d a c o m m o n h e l p e r t o r e a d I d e n t i f y C o n t r o l l e r d a t a ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e n v m e _ { e n a b l e , d i s a b l e , s h u t d o w n } _ c t r l t o c o m m o n c o d e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e r e m a i n i n g C C s e t u p i n t o n v m e _ e n a b l e _ c t r l ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a d d e x p l i c i t q u i r k h a n d l i n g ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e b l o c k _ d e v i c e _ o p e r a t i o n s a n d n s / c t r l f r e e i n g t o c o m m o n c o d e ( A s h o k V a i r a v a n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : u s e t h e b l o c k l a y e r f o r u s e r s p a c e p a s s t h r o u g h m e t a d a t a ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s p l i t _ _ n v m e _ s u b m i t _ s y n c _ c m d ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e n v m e _ s e t u p _ f l u s h a n d n v m e _ s e t u p _ r w t o c o m m o n c o d e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e n v m e _ e r r o r _ s t a t u s t o c o m m o n c o d e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : f a c t o r o u t a n v m e _ u n m a p _ d a t a h e l p e r ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s i m p l i f y n v m e _ s e t u p _ p r p s c a l l i n g c o n v e n t i o n ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s p l i t a n e w s t r u c t n v m e _ c t r l o u t o f s t r u c t n v m e _ d e v ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : u s e v e n d o r i t f r o m i d e n t i f y ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s p l i t n v m e _ t r a n s _ d e v i c e _ i d _ p a g e ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : u s e o f f s e t i n s t e a d o f a s t r u c t f o r r e g i s t e r s ( C h r i s t o p h H e l l w i g ) b r > - n v m e : s p l i t c o m m a n d s u b m i s s i o n h e l p e r s o u t o f p c i . c ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e s t r u c t n v m e _ i o d t o p c i . c ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : P r e c e d e n c e e r r o r i n n v m e _ p r _ c l e a r ( ) ( D a n C a r p e n t e r ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - U p d a t e t a r g e t r e p o f o r n v m e p a t c h c o n t r i b u t i o n s ( J a y F r e y e n s e e ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : a d d m i s s i n g e n d i a n e s s a n n o t a t i o n s i n n v m e _ p r _ c o m m a n d ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - b l o c k : r e n a m e R E Q _ T Y P E _ S P E C I A L t o R E Q _ T Y P E _ D R V _ P R I V ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - b l o c k : a d d a n A P I f o r P e r s i s t e n t R e s e r v a t i o n s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : A d d p e r s i s t e n t r e s e r v a t i o n o p s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : s u s p e n d i / o d u r i n g r u n t i m e b l k _ i n t e g r i t y _ u n r e g i s t e r ( D a n W i l l i a m s ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e i n c l u d e l i n u x t y p e s . h ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - n v m e : m o v e t o a n e w d r i v e r s / n v m e / h o s t d i r e c t o r y ( J a y S t e r n b e r g ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : S e t a f f i n i t y a f t e r a l l o c a t i n g r e q u e s t q u e u e s M I M E - V e r s i o n : 1 . 0 C o n t e n t - T y p e : t e x t / p l a i n ; c h a r s e t = U T F - 8 C o n t e n t - T r a n s f e r - E n c o d i n g : 8 b i t ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : F i x I O f o r e x t e n d e d m e t a d a t a f o r m a t s ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : R e m o v e h c t x r e l i a n c e f o r m u l t i - n a m e s p a c e ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - N V M e : U s e r e q u e s t e d s y n c c o m m a n d t i m e o u t ( K e i t h B u s c h ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - R e v e r t ' n v m e : m o v e t o a n e w d r i v e r s / n v m e / h o s t d i r e c t o r y ' ( A s h o k V a i r a v a n ) [ O r a b u g : 2 5 1 3 0 8 4 5 ] b r > - R e v e r t ' N V M e : r e d u c e a d m i n q u e u e d e p t h a s w o r k a r o u n d f o r S a m s u n g E P I C S Q e r r a t a ' ( A s h o k V a i r a v a n ) b r > - R e v e r t ' n v m e : L i m i t c o m m a n d r e t r i e s ' ( A s h o k V a i r a v a n ) b r > - R e v e r t ' n v m e : a v o i d c q e c o r r u p t i o n w h e n u p d a t e a t t h e s a m e t i m e a s r e a d ' ( A s h o k V a i r a v a n ) b r > - R e v e r t ' N V M e : D o n t u n m a p c o n t r o l l e r r e g i s t e r s o n r e s e t ' ( A s h o k V a i r a v a n ) b r > - R e v e r t ' N V M e : r e v e r s e I O d i r e c t i o n f o r V U C c o m m a n d c o d e F 7 ' ( A s h o k V a i r a v a n ) b r > - R e v e r t ' N V M e : r e d u c e q u e u e d e p t h a s w o r k a r o u n d f o r S a m s u n g E P I C S Q e r r a t a ' ( A s h o k V a i r a v a n ) b r > - f o r c e d e t h : e n a b l e f o r c e d e t h k e r n e l o p t i o n ( Z h u Y a n j u n ) [ O r a b u g : 2 5 5 7 1 9 2 1 ] b r > - i p m i : E d i t a m b i g u o u s e r r o r m e s s a g e f o r u n k n o w n c o m m a n d ( A t i s h P a t r a ) [ O r a b u g : 2 5 4 6 1 9 5 8 ] b r > - k a b i w h i t e l i s t : R e m o v e a l l i b _ s y m b o l s f r o m t h e l i s t . ( K n u t O m a n g ) [ O r a b u g : 2 5 9 5 5 8 2 5 ] b r > - e x t 4 : p r i n t e x t 4 m o u n t o p t i o n d a t a _ e r r = a b o r t c o r r e c t l y ( A l e s N o v a k ) [ O r a b u g : 2 5 6 9 1 0 2 0 ] b r > - I B / s a : A l l o c a t e S A q u e r y w i t h k z a l l o c ( K a i k e W a n ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - I B / s a : F i x n e t l i n k l o c a l s e r v i c e G F P c r a s h ( K a i k e W a n ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - I B / s a : F i x r d m a n e t l i n k m e s s a g e f l a g s ( K a i k e W a n ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - I B / s a : P u t n e t l i n k r e q u e s t i n t o t h e r e q u e s t l i s t b e f o r e s e n d i n g ( K a i k e W a n ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - I B / c o r e : F i x a p o t e n t i a l a r r a y o v e r r u n i n C M A a n d S A a g e n t ( Y u v a l S h a i a ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - I B / S A : U s e c o r r e c t f r e e f u n c t i o n ( M a r k B l o c h ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - I B / s a : R o u t e S A p a t h r e c o r d q u e r y t h r o u g h n e t l i n k ( K a i k e W a n ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - I B / c o r e : A d d r d m a n e t l i n k h e l p e r f u n c t i o n s ( K a i k e W a n ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - I B / n e t l i n k : A d d d e f i n e s f o r l o c a l s e r v i c e r e q u e s t s t h r o u g h n e t l i n k ( K a i k e W a n ) [ O r a b u g : 2 6 1 2 4 1 1 8 ] b r > - s c s i : m p t 3 s a s : r e m o v e r e d u n d a n t w m b ( S i n a n K a y a ) [ O r a b u g : 2 6 0 9 6 3 5 3 ] b r > - s c s i : m p t 3 s a s : U p d a t i n g d r i v e r v e r s i o n t o v 1 5 . 1 0 0 . 0 0 . 0 0 ( C h a i t r a P B ) [ O r a b u g : 2 6 0 9 6 3 5 3 ] b r > - s c s i : m p t 3 s a s : F i x f o r C r u s a d e r t o a c h i e v e p r o d u c t t a r g e t s w i t h S A S d e v i c e s . ( C h a i t r a P B ) [ O r a b u g : 2 6 0 9 6 3 5 3 ] b r > - s c s i : m p t 3 s a s : F i x F i r m w a r e f a u l t s t a t e 0 x 2 1 0 0 d u r i n g h e a v y 4 K R R F I O s t r e s s t e s t . ( C h a i t r a P B ) [ O r a b u g : 2 6 0 9 6 3 5 3 ] b r > - s c s i : m p t 3 s a s : A d d e d p r i n t t o n o t i f y c a b l e r u n n i n g a t a d e g r a d e d s p e e d . ( C h a i t r a P B ) [ O r a b u g : 2 6 0 9 6 3 5 3 ] b r > - x e n - b l k b a c k : r e p o r t h o t p l u g - s t a t u s b u s y w h e n d e t a c h i s i n i t i a t e d b u t f r o n t e n d d e v i c e i s b u s y . ( N i r a n j a n P a t i l ) [ O r a b u g : 2 6 0 7 2 4 3 0 ] b r > - q l a 2 x x x : A l l o w v r e f c o u n t t o t i m e o u t o n v p o r t d e l e t e . ( J o e C a r n u c c i o ) [ O r a b u g : 2 6 0 2 1 1 5 1 ] b r > - B t r f s : d o n t B U G _ O N ( ) i n b t r f s _ o r p h a n _ a d d ( J o s e f B a c i k ) [ O r a b u g : 2 5 9 7 5 3 1 6 ] b r > - B t r f s : c l a r i f y d o _ c h u n k _ a l l o c ( ) s r e t u r n v a l u e ( L i u B o ) [ O r a b u g : 2 5 9 7 5 3 1 6 ] b r > - b t r f s : f l u s h _ s p a c e : t r e a t r e t u r n v a l u e o f d o _ c h u n k _ a l l o c p r o p e r l y ( A l e x L y a k a s ) [ O r a b u g : 2 5 9 7 5 3 1 6 ] b r > - i p v 6 : S k i p X F R M l o o k u p i f d s t _ e n t r y i n s o c k e t c a c h e i s v a l i d ( J a k u b S i t n i c k i ) [ O r a b u g : 2 5 9 5 5 0 8 9 ] b r > - x e n : M a k e V P M U i n i t m e s s a g e l o o k l e s s s c a r y ( J u e r g e n G r o s s ) [ O r a b u g : 2 5 8 7 3 4 1 6 ] b r > - u e k - r p m : c o n f i g s : e n a b l e C O N F I G _ A C P I _ N F I T ( T o d d V i e r l i n g ) [ O r a b u g : 2 5 7 1 9 1 4 9 ] b r > - i p v 6 : D o n t u s e u f o h a n d l i n g o n l a t e r t r a n s f o r m e d p a c k e t s ( J a k u b S i t n i c k i ) [ O r a b u g : 2 5 5 3 3 7 4 3 ] b r > - n e t / p a c k e t : f i x o v e r f l o w i n c h e c k f o r t p _ r e s e r v e ( A n d r e y K o n o v a l o v ) [ O r a b u g : 2 5 8 1 3 7 7 3 ] { C V E - 2 0 1 7 - 7 3 0 8 } b r > - n e t / p a c k e t : f i x o v e r f l o w i n c h e c k f o r t p _ f r a m e _ n r ( A n d r e y K o n o v a l o v ) [ O r a b u g : 2 5 8 1 3 7 7 3 ] { C V E - 2 0 1 7 - 7 3 0 8 } b r > - n e t / p a c k e t : f i x o v e r f l o w i n c h e c k f o r p r i v a r e a s i z e ( A n d r e y K o n o v a l o v ) [ O r a b u g : 2 5 8 1 3 7 7 3 ] { C V E - 2 0 1 7 - 7 3 0 8 } b r > - f s / f i l e . c : _ _ f g e t ( ) a n d d u p 2 ( ) a t o m i c i t y r u l e s ( E r i c D u m a z e t ) [ O r a b u g : 2 5 4 0 8 9 2 1 ] b r > - I B / i p o i b : a d d g e t _ s e t t i n g s i n e t h t o o l ( Z h u Y a n j u n ) [ O r a b u g : 2 5 0 4 8 5 2 1 ] b r > - R D S / I B : a c t i v e b o n d i n g p o r t s t a t e f i x f o r i n t f s a d d e d l a t e ( M u k e s h K a c k e r ) [ O r a b u g : 2 6 0 8 1 0 7 9 ] b r > - R e v e r t ' x e n / e v e n t s : r e m o v e u n n e c e s s a r y c a l l t o b i n d _ e v t c h n _ t o _ c p u ( ) ' ( Z h e n z h o n g D u a n ) b r > - x s i g o : C o m p u t e n o d e c r a s h o n F C f a i l o v e r ( P r a d e e p G o p a n a p a l l i ) [ O r a b u g : 2 5 9 8 1 9 7 3 ] b r > - R e v e r t ' [ S C S I ] l i b i s c s i : R e d u c e l o c k i n g c o n t e n t i o n i n f a s t p a t h ' ( A s h i s h S a m a n t ) [ O r a b u g : 2 5 9 7 5 2 2 3 ] b r > - n f s d : s t r i c t e r d e c o d i n g o f w r i t e - l i k e N F S v 2 / v 3 o p s ( J . B r u c e F i e l d s ) [ O r a b u g : 2 5 9 7 4 7 3 9 ] { C V E - 2 0 1 7 - 7 8 9 5 } b r > - s c h e d / r t : M i n i m i z e r q - > l o c k c o n t e n t i o n i n d o _ s c h e d _ r t _ p e r i o d _ t i m e r ( ) ( D a v e K l e i k a m p ) [ O r a b u g : 2 5 4 9 1 9 7 0 ] b r > - s p a r c 6 4 : c a c h e _ l i n e _ s i z e ( ) r e t u r n s l a r g e r v a l u e f o r c a c h e l i n e s i z e . ( c h r i s h y s e r ) b r > - s p a r c 6 4 : f i x i n c o n s i s t e n t p r i n t i n g o f h a n d l e s i n d e b u g m e s s a g e s ( M e n n o L a g e m a n ) b r > - s p a r c 6 4 : s e t t h e I S C N T R L D b i t f o r S P s e r v i c e h a n d l e s ( M e n n o L a g e m a n ) [ O r a b u g : 2 5 9 8 3 8 6 8 ] b r > - s p a r c 6 4 : D A X r e c u r s i v e l o c k r e m o v e d ( R o b G a r d n e r ) [ O r a b u g : 2 6 1 0 3 4 8 7 ] b r > - s p a r c / f t r a c e : F i x f t r a c e g r a p h t i m e m e a s u r e m e n t ( L i a m R . H o w l e t t ) [ O r a b u g : 2 5 9 9 5 3 5 1 ] b r > - s p a r c 6 4 : I n c r e a s e m a x _ p h y s _ b i t s t o 5 1 f o r M 8 . ( V i j a y K u m a r ) [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > - s p a r c 6 4 : 5 - L e v e l p a g e t a b l e s u p p o r t f o r s p a r c ( V i j a y K u m a r ) [ O r a b u g : 2 6 0 7 6 1 1 0 ] [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > - m m , g u p : f i x t y p o i n g u p _ p 4 d _ r a n g e ( ) ( K i r i l l A . S h u t e m o v ) [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > - m m : i n t r o d u c e _ _ p 4 d _ a l l o c ( ) ( K i r i l l A . S h u t e m o v ) [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > - m m : c o n v e r t g e n e r i c c o d e t o 5 - l e v e l p a g i n g ( V i j a y K u m a r ) [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > ( V i j a y K u m a r ) [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > - a r c h , m m : c o n v e r t a l l a r c h i t e c t u r e s t o u s e 5 l e v e l - f i x u p . h ( V i j a y K u m a r ) [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > - a s m - g e n e r i c : i n t r o d u c e _ _ A R C H _ U S E _ 5 L E V E L _ H A C K ( K i r i l l A . S h u t e m o v ) [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > - a s m - g e n e r i c : i n t r o d u c e 5 l e v e l - f i x u p . h ( K i r i l l A . S h u t e m o v ) [ O r a b u g : 2 5 8 0 8 6 4 7 ] b r > - s p a r c 6 4 : p r e v e n t s u n v d c f r o m s e n d i n g d u p l i c a t e v d i s k r e q u e s t s ( J a g R a m a n ) [ O r a b u g : 2 5 8 6 6 7 7 0 ] b r > - l d m v s w : s t o p t h e c l e a n t i m e r a t b e g i n n i n g o f r e m o v e ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 7 4 8 2 4 1 ] b r > - s p a r c 6 4 : s e t C O N F I G _ E F I i n c o n f i g ( E r i c S n o w b e r g ) [ O r a b u g : 2 6 0 3 7 3 5 8 ] b r > - s p a r c 6 4 : / s y s / f i r m w a r e / e f i m i s s i n g d u r i n g E F I b o o t ( E r i c S n o w b e r g ) [ O r a b u g : 2 6 0 3 7 3 5 8 ] b r > - A l l o w d e f a u l t v a l u e o f n p o o l s u s e d f o r i o m m u t o b e c o n f i g u r e d f r o m c m d l i n e ( A l l e n P a i s ) b r > - S P A R C 6 4 : A d d L i n u x v d s d r i v e r D e v i c e I D s u p p o r t f o r S o l a r i s g u e s t b o o t ( G e o r g e K e n n e d y ) [ O r a b u g : 2 5 8 3 6 2 3 1 ] b r > - s p a r c 6 4 : R e m o v e l o c k i n g o f h u g e p a g e s i n D A X d r i v e r ( S a n a t h K u m a r ) [ O r a b u g : 2 5 9 6 8 1 4 1 ] b r > - l d m v s w : u n r e g i s t e r i n g n e t d e v b e f o r e d i s a b l e h a r d w a r e ( T h o m a s T a i ) b r > - a r c h / s p a r c : M e a s u r e r e c e i v e r f o r w a r d p r o g r e s s t o a v o i d s e n d m o n d o t i m e o u t ( J a n e C h u ) [ O r a b u g : 2 5 4 7 6 5 4 1 ] b r > - s p a r c 6 4 : u p d a t e D A X s u b m i t t o l a t e s t H V s p e c ( J o n a t h a n H e l m a n ) [ O r a b u g : 2 5 9 2 7 5 5 8 ] b r > - a r c h / s p a r c : i n c r e a s e C O N F I G _ N O D E S _ S H I F T o n S P A R C t o 5 ( J a n e C h u ) [ O r a b u g : 2 5 5 7 7 7 5 4 ] b r > - a r c h / s p a r c : s u p p o r t N R _ C P U S = 4 0 9 6 ( j a n e C h u ) [ O r a b u g : 2 5 5 0 5 7 5 0 ] b r > - i p v 6 : c a t c h a n u l l s k b b e f o r e u s i n g i t i n a D T R A C E ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 9 7 3 7 9 7 ] b r > - s p a r c 6 4 : f i x f a u l t h a n d l i n g i n N G b z e r o . S a n d G E N b z e r o . S ( D a v e A l d r i d g e ) [ O r a b u g : 2 5 5 7 7 5 6 0 ] b r > - s p a r c 6 4 : m o d i f y s y s _ d a x . h f o r n e w l i b d a x ( J o n a t h a n H e l m a n ) [ O r a b u g : 2 5 9 2 7 5 7 2 ] b r > - b n x 2 x : A l i g n R X b u f f e r s ( S c o t t W o o d ) [ O r a b u g : 2 5 8 0 6 7 7 8 ] b r > - P C I : F i x u n a l i g n e d a c c e s s e s i n V C c o d e ( D a v i d M i l l e r ) [ O r a b u g : 2 5 8 0 6 7 7 8 ] b r > - s p a r c 6 4 : U s e L O C K D E P _ S M A L L , n o t P R O V E _ L O C K I N G _ S M A L L ( D a n i e l J o r d a n ) [ O r a b u g : 2 5 8 3 0 0 4 1 ] b r > - l o c k d e p : L i m i t s t a t i c a l l o c a t i o n s i f P R O V E _ L O C K I N G _ S M A L L i s d e f i n e d ( B a b u M o g e r ) b r > - c o n f i g : A d d i n g t h e n e w c o n f i g p a r a m e t e r C O N F I G _ P R O V E _ L O C K I N G _ S M A L L f o r s p a r c ( B a b u M o g e r ) b r > - s p a r c 6 4 : f i x c d e v _ p u t ( ) u s e - a f t e r - f r e e w h e n u n b i n d i n g a n L D o m ( T h o m a s T a i ) [ O r a b u g : 2 5 9 1 1 3 8 9 ] b r > - s p a r c 6 4 : c h a n g e D A X C C B _ E X E C E N O B U F S p r i n t t o d e b u g ( J o n a t h a n H e l m a n ) [ O r a b u g : 2 5 9 2 7 5 2 8 ] b r > - x e n - n e t b a c k : c o p y b u f f e r o n x e n v i f _ s t a r t _ x m i t ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t b a c k : s l i g h t l y r e w o r k x e n v i f _ r x _ s k b ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t f r o n t : i n t r o d u c e r x c o p y m o d e ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t f r o n t : u s e g r e f m a p p i n g s f o r T x b u f f e r s ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t f r o n t : g e n e r a l i z e r e c y c l i n g f o r g r a n t s ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t f r o n t : a d d r x p a g e s t a t i s t i c s ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t f r o n t : i n t r o d u c e r x p a g e r e c y l i n g ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t f r o n t : m o v e r x _ g s o _ c h e c k s u m _ f i x u p i n t o n e t f r o n t _ s t a t s ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t f r o n t : i n t r o d u c e s t a g i n g g r e f p o o l s ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t b a c k : u s e g r e f m a p p i n g s f o r T x r e q u e s t s ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t b a c k : u s e g r e f m a p p i n g s f o r R x r e q u e s t s ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t b a c k : s h o r t e n t x g r a n t c o p y ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t b a c k : i n t r o d u c e s t a g i n g g r a n t m a p p i n g s o p s ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - i n c l u d e / x e n : i m p o r t v e n d o r e x t e n s i o n t o n e t i f . h ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - x e n - n e t b a c k : f i x t y p e m i s m a t c h w a r n i n g ( A r n d B e r g m a n n ) b r > - x e n - n e t b a c k : f i x g u e s t R x s t a l l d e t e c t i o n ( a f t e r g u e s t R x r e f a c t o r ) ( D a v i d V r a b e l ) b r > - x e n / n e t b a c k : a d d f r a g l i s t s u p p o r t f o r t o - g u e s t r x ( R o s s L a g e r w a l l ) b r > - x e n - n e t b a c k : b a t c h c o p i e s f o r m u l t i p l e t o - g u e s t r x p a c k e t s ( D a v i d V r a b e l ) b r > - x e n - n e t b a c k : p r o c e s s g u e s t r x p a c k e t s i n b a t c h e s ( D a v i d V r a b e l ) b r > - x e n - n e t b a c k : i m m e d i a t e l y w a k e t x q u e u e w h e n g u e s t r x q u e u e h a s s p a c e ( D a v i d V r a b e l ) b r > - x e n - n e t b a c k : r e f a c t o r g u e s t r x ( D a v i d V r a b e l ) b r > - x e n - n e t b a c k : r e t i r e g u e s t r x s i d e p r e f i x G S O f e a t u r e ( P a u l D u r r a n t ) b r > - x e n - n e t b a c k : s e p a r a t e g u e s t s i d e r x c o d e i n t o s e p a r a t e m o d u l e ( P a u l D u r r a n t ) b r > - x 8 6 / x e n / t i m e : s e t u p s e c o n d a r y t i m e i n f o f o r v d s o ( J o a o M a r t i n s ) [ O r a b u g : 2 6 1 0 7 9 4 2 ] b r > - D r i v e r s : h v : k v p : f i x I P F a i l o v e r ( V i t a l y K u z n e t s o v ) [ O r a b u g : 2 5 9 7 0 6 3 7 ] b r > - D r i v e r s : h v : u t i l : P a s s t h e c h a n n e l i n f o r m a t i o n d u r i n g t h e i n i t c a l l ( K . Y . S r i n i v a s a n ) [ O r a b u g : 2 5 9 7 0 6 3 7 ] b r > - D r i v e r s : h v : u t i l s : r u n p o l l i n g c a l l b a c k a l w a y s i n i n t e r r u p t c o n t e x t ( O l a f H e r i n g ) [ O r a b u g : 2 5 9 7 0 6 3 7 ] b r > - D r i v e r s : h v : u t i l : I n c r e a s e t h e t i m e o u t f o r u t i l s e r v i c e s ( K . Y . S r i n i v a s a n ) [ O r a b u g : 2 5 9 7 0 6 3 7 ] b r > - D r i v e r s : h v : k v p : c h e c k k z a l l o c r e t u r n v a l u e ( V i t a l y K u z n e t s o v ) [ O r a b u g : 2 5 9 7 0 6 3 7 ] b r > - D r i v e r s : h v : f c o p y : d y n a m i c a l l y a l l o c a t e s m s g _ o u t i n f c o p y _ s e n d _ d a t a ( ) ( V i t a l y K u z n e t s o v ) [ O r a b u g : 2 5 9 7 0 6 3 7 ] b r > - D r i v e r s : h v : v s s : f u l l h a n d s h a k e s u p p o r t ( V i t a l y K u z n e t s o v ) [ O r a b u g : 2 5 9 7 0 6 3 7 ] b r > - R D S / I B : 4 K B r e c e i v e b u f f e r s g e t p o s t e d b y m i s t a k e o n 1 6 K B f r a g c o n n e c t i o n s . ( V e n k a t V e n k a t s u b r a ) [ O r a b u g : 2 5 9 2 0 9 1 6 ] b r > - m l x 4 : l i m i t m a x M S I X a l l o c a t i o n s ( A j a y k u m a r H o t c h a n d a n i ) [ O r a b u g : 2 5 9 1 2 7 3 7 ] b r > - s c h e d / w a i t : F i x t h e s i g n a l h a n d l i n g f i x ( P e t e r Z i j l s t r a ) [ O r a b u g : 2 5 9 0 8 2 6 6 ] b r > - s p a r c 6 4 : F i x m a p p i n g o f 6 4 k p a g e s w i t h M A P _ F I X E D ( N i t i n G u p t a ) [ O r a b u g : 2 5 8 8 5 9 9 1 ] b r > - u d p : p r o p e r l y s u p p o r t M S G _ P E E K w i t h t r u n c a t e d b u f f e r s ( E r i c D u m a z e t ) [ O r a b u g : 2 5 8 7 6 4 0 2 ] { C V E - 2 0 1 6 - 1 0 2 2 9 } b r > - n e t / m l x 4 _ c o r e : p a n i c t h e s y s t e m o n u n r e c o v e r a b l e e r r o r s ( S a n t o s h S h i l i m k a r ) [ O r a b u g : 2 5 8 7 3 6 9 0 ] b r > - R e v e r t ' r e s t r i c t / d e v / m e m t o i d l e i o m e m o r y r a n g e s ' ( C h u c k A n d e r s o n ) [ O r a b u g : 2 5 8 3 2 7 5 0 ] b r > - I / O E R R O R W H E N A F I L E O N A C F S F I L E S Y S T E M I S A T T A C H E D T O T H E G U E S T D O M U ( J o e J i n ) [ O r a b u g : 2 5 8 3 1 4 7 1 ] b r > - x s i g o : F i x s p i n l o c k r e l e a s e i n c a s e o f e r r o r ( P r a d e e p G o p a n a p a l l i ) [ O r a b u g : 2 5 7 7 9 8 0 3 ] b r > - m l x 4 _ c o r e : A d d f u n c n a m e t o c o m m o n e r r o r s t r i n g s t o l o c a t e u n i q u e l y ( M u k e s h K a c k e r ) [ O r a b u g : 2 5 4 4 0 3 2 9 ] b r > - x s i g o : O p t i m i z e x s v n i c m o d u l e p a r a m e t e r s f o r U E K 4 ( P r a d e e p G o p a n a p a l l i ) [ O r a b u g : 2 5 7 7 9 8 6 5 ] b r > - x e n : e v e n t s : R e p l a c e B U G ( ) w i t h B U G _ O N ( ) ( S h y a m S a i n i ) b r > - x e n : r e m o v e s t a l e x s _ i n p u t _ a v a i l ( ) f r o m h e a d e r ( J u e r g e n G r o s s ) b r > - x e n : r e t u r n x e n s t o r e c o m m a n d f a i l u r e s v i a r e s p o n s e i n s t e a d o f r c ( J u e r g e n G r o s s ) b r > - x e n : x e n b u s d r i v e r m u s t n o t a c c e p t i n v a l i d t r a n s a c t i o n i d s ( J u e r g e n G r o s s ) b r > - x e n / e v t c h n : u s e r b _ e n t r y ( ) ( G e l i a n g T a n g ) b r > - x e n / s e t u p : D o n t r e l o c a t e p 2 m o v e r e x i s t i n g o n e ( R o s s L a g e r w a l l ) b r > - x e n / b a l l o o n : O n l y m a r k a p a g e a s m a n a g e d w h e n i t i s r e l e a s e d ( R o s s L a g e r w a l l ) b r > - x e n / s c s i f r o n t : d o n t r e q u e s t a s l o t o n t h e r i n g u n t i l r e q u e s t i s r e a d y ( J u e r g e n G r o s s ) b r > - x e n / x 8 6 : I n c r e a s e x e n _ e 8 2 0 _ m a p t o E 8 2 0 _ X _ M A X p o s s i b l e e n t r i e s ( A l e x T h o r l t o n ) b r > - x 8 6 : M a k e E 8 2 0 _ X _ M A X u n c o n d i t i o n a l l y l a r g e r t h a n E 8 2 0 M A X ( A l e x T h o r l t o n ) b r > - x e n / p c i : B u b b l e u p e r r o r a n d f i x d e s c r i p t i o n . ( K o n r a d R z e s z u t e k W i l k ) b r > - x e n : x e n b u s : s e t e r r o r c o d e o n f a i l u r e ( P a n B i a n ) b r > - x e n : s e t e r r o r c o d e o n f a i l u r e s ( P a n B i a n ) b r > - x e n / e v e n t s : u s e x e n _ v c p u _ i d m a p p i n g f o r E V T C H N O P _ s t a t u s ( V i t a l y K u z n e t s o v ) b r > - x e n / g n t d e v : U s e V M _ M I X E D M A P i n s t e a d o f V M _ I O t o a v o i d N U M A b a l a n c i n g ( B o r i s O s t r o v s k y ) b r > - t p m x e n : R e m o v e b o g u s t p m _ c h i p _ u n r e g i s t e r ( J a s o n G u n t h o r p e ) b r > - x e n - s c s i f r o n t : A d d a m i s s i n g c a l l t o k f r e e ( Q u e n t i n L a m b e r t ) b r > - x e n f s : U s e p r o c _ c r e a t e _ m o u n t _ p o i n t ( ) t o c r e a t e / p r o c / x e n ( S e t h F o r s h e e ) b r > - x e n - n e t b a c k : f i x e r r o r h a n d l i n g o u t p u t ( A r n d B e r g m a n n ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n b u s ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - p c i b a c k ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - f b f r o n t ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - s c s i f r o n t ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - p c i f r o n t ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - n e t f r o n t ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - n e t b a c k ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - k b d f r o n t ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - t p m f r o n t ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - b l k f r o n t ( J u e r g e n G r o s s ) b r > - x e n : m a k e u s e o f x e n b u s _ r e a d _ u n s i g n e d ( ) i n x e n - b l k b a c k ( J u e r g e n G r o s s ) b r > - x e n : i n t r o d u c e x e n b u s _ r e a d _ u n s i g n e d ( ) ( J u e r g e n G r o s s ) b r > - x e n - n e t f r o n t : c a s t g r a n t t a b l e r e f e r e n c e f i r s t t o t y p e i n t ( D o n g l i Z h a n g ) b r > - x e n - n e t f r o n t : d o n o t c a s t g r a n t t a b l e r e f e r e n c e t o s i g n e d s h o r t ( D o n g l i Z h a n g ) b r > - x e n b u s : c h e c k r e t u r n v a l u e o f x e n b u s _ s c a n f ( ) ( J a n B e u l i c h ) b r > - x e n b u s : p r e f e r l i s t _ f o r _ e a c h ( ) ( J a n B e u l i c h ) b r > - x e n b u s : a d v e r t i s e c o n t r o l f e a t u r e f l a g s ( J u e r g e n G r o s s ) b r > - x e n / p c i b a c k : s u p p o r t d r i v e r _ o v e r r i d e ( J u e r g e n G r o s s ) b r > - x e n / p c i b a c k : a v o i d m u l t i p l e e n t r i e s i n s l o t l i s t ( J u e r g e n G r o s s ) b r > - x e n / p c i b a c k : s i m p l i f y p c i s t u b d e v i c e h a n d l i n g ( J u e r g e n G r o s s ) b r > - x 8 6 / x e n : a d d m i s s i n g b r > a t e n d o f p r i n t k w a r n i n g m e s s a g e ( C o l i n I a n K i n g ) b r > - x e n - n e t f r o n t : a v o i d p a c k e t l o s s w h e n e t h e r n e t h e a d e r c r o s s e s p a g e b o u n d a r y ( V i t a l y K u z n e t s o v ) b r > - x e n : S y n c x e n h e a d e r ( J u e r g e n G r o s s ) b r > - x e n / g r a n t - t a b l e : U s e k m a l l o c _ a r r a y ( ) i n a r c h _ g n t t a b _ v a l l o c ( ) ( M a r k u s E l f r i n g ) b r > - x e n : M a k e V P M U i n i t m e s s a g e l o o k l e s s s c a r y ( J u e r g e n G r o s s ) b r > - x e n : r e n a m e x e n _ p m u _ i n i t ( ) i n s y s - h y p e r v i s o r . c ( J u e r g e n G r o s s ) b r > - k e x e c : a l l o w k d u m p w i t h c r a s h _ k e x e c _ p o s t _ n o t i f i e r s ( P e t r T e s a r i k ) b r > - x e n / a c p i : a l l o w x e n - a c p i - p r o c e s s o r d r i v e r t o l o a d o n X e n 4 . 7 ( J a n B e u l i c h ) b r > - p r o c : A l l o w c r e a t i n g p e r m a n e n t l y e m p t y d i r e c t o r i e s t h a t s e r v e a s m o u n t p o i n t s ( E r i c W . B i e d e r m a n ) b r > - x e n : R e s u m e P M U f r o m n o n - a t o m i c c o n t e x t ( B o r i s O s t r o v s k y ) b r > b r > [ 4 . 1 . 1 2 - 1 0 2 ] b r > - R e v e r t ' m l x 4 _ i b : M e m o r y l e a k o n D o m 0 w i t h S R I O V . ' ( H a k o n B u g g e ) [ O r a b u g : 2 5 8 2 9 2 3 3 ] b r > - R e v e r t ' m l x 4 : a v o i d m u l t i p l e f r e e o n i d _ m a p _ e n t ' ( H a k o n B u g g e ) [ O r a b u g : 2 5 8 2 9 2 3 3 ] b r > - D r i v e r s : h v : v s s : c o n v e r t t o h v _ u t i l s _ t r a n s p o r t ( V i t a l y K u z n e t s o v ) [ O r a b u g : 2 5 8 1 9 1 0 5 ] b r > - D r i v e r s : h v : v s s : s w i t c h t o u s i n g t h e h v u t i l _ d e v i c e _ s t a t e s t a t e m a c h i n e ( V i t a l y K u z n e t s o v ) [ O r a b u g : 2 5 8 1 9 1 0 5 ] b r > - D r i v e r s : h v : v s s : p r o c e s s d e f e r r e d m e s s a g e s w h e n w e c o m p l e t e t h e t r a n s a c t i o n ( V i t a l y K u z n e t s o v ) [ O r a b u g : 2 5 8 1 9 1 0 5 ] b r > - D r i v e r s : h v : k v p : c o n v e r t t o h v _ u t i l s _ t r a n s p o r t ( V i t a l y K u z n e t s o v ) [ O r a b u g : 2 5 8 1 9 1 0 5 ] b r > - R e v e r t ' i p v 4 : u s e s k b c o a l e s c i n g i n d e f r a g m e n t a t i o n ' ( F l o r i a n W e s t p h a l ) [ O r a b u g : 2 5 8 1 9 1 0 3 ] b r > - x f r m _ u s e r : v a l i d a t e X F R M _ M S G _ N E W A E i n c o m i n g E S N s i z e h a r d e r ( A n d y W h i t c r o f t ) [ O r a b u g : 2 5 8 0 5 9 9 6 ] { C V E - 2 0 1 7 - 7 1 8 4 } b r > - x f r m _ u s e r : v a l i d a t e X F R M _ M S G _ N E W A E X F R M A _ R E P L A Y _ E S N _ V A L r e p l a y _ w i n d o w ( A n d y W h i t c r o f t ) [ O r a b u g : 2 5 8 0 5 9 9 6 ] { C V E - 2 0 1 7 - 7 1 8 4 } b r > - l p f c c a n n o t e s t a b l i s h c o n n e c t i o n w i t h t a r g e t s t h a t s e n d P R L I u n d e r P 2 P m o d e ( J o e J i n ) [ O r a b u g : 2 5 8 0 2 9 1 3 ] b r > - t t y : n _ h d l c : g e t r i d o f r a c y n _ h d l c . t b u f ( A l e x a n d e r P o p o v ) [ O r a b u g : 2 5 8 0 2 6 7 8 ] { C V E - 2 0 1 7 - 2 6 3 6 } b r > - T T Y : n _ h d l c , f i x l o c k d e p f a l s e p o s i t i v e ( J i r i S l a b y ) [ O r a b u g : 2 5 8 0 2 6 7 8 ] { C V E - 2 0 1 7 - 2 6 3 6 } b r > - n e t / l l c : a v o i d B U G _ O N ( ) i n s k b _ o r p h a n ( ) ( E r i c D u m a z e t ) [ O r a b u g : 2 5 8 0 2 5 9 9 ] { C V E - 2 0 1 7 - 6 3 4 5 } b r > - i p : f i x I P _ C H E C K S U M h a n d l i n g ( P a o l o A b e n i ) [ O r a b u g : 2 5 8 0 2 5 7 6 ] { C V E - 2 0 1 7 - 6 3 4 7 } b r > - u d p : f i x I P _ C H E C K S U M h a n d l i n g ( E r i c D u m a z e t ) [ O r a b u g : 2 5 8 0 2 5 7 6 ] { C V E - 2 0 1 7 - 6 3 4 7 } b r > - u d p : d o n o t e x p e c t u d p h e a d e r s i n r e c v c m s g I P _ C M S G _ C H E C K S U M ( W i l l e m d e B r u i j n ) [ O r a b u g : 2 5 8 0 2 5 7 6 ] { C V E - 2 0 1 7 - 6 3 4 7 } b r > - t c p : a v o i d i n f i n i t e l o o p i n t c p _ s p l i c e _ r e a d ( ) ( E r i c D u m a z e t ) [ O r a b u g : 2 5 8 0 2 5 4 9 ] { C V E - 2 0 1 7 - 6 2 1 4 } b r > - s c t p : a v o i d B U G _ O N o n s c t p _ w a i t _ f o r _ s n d b u f ( M a r c e l o R i c a r d o L e i t n e r ) [ O r a b u g : 2 5 8 0 2 5 1 5 ] { C V E - 2 0 1 7 - 5 9 8 6 } b r > - e x t 4 : s t o r e c h e c k s u m s e e d i n s u p e r b l o c k ( D a r r i c k J . W o n g ) [ O r a b u g : 2 5 8 0 2 4 8 1 ] { C V E - 2 0 1 6 - 1 0 2 0 8 } b r > - e x t 4 : r e s e r v e c o d e p o i n t s f o r t h e p r o j e c t q u o t a f e a t u r e ( T h e o d o r e T s o ) [ O r a b u g : 2 5 8 0 2 4 8 1 ] { C V E - 2 0 1 6 - 1 0 2 0 8 } b r > - e x t 4 : v a l i d a t e s _ f i r s t _ m e t a _ b g a t m o u n t t i m e ( E r y u G u a n ) [ O r a b u g : 2 5 8 0 2 4 8 1 ] { C V E - 2 0 1 6 - 1 0 2 0 8 } b r > - e x t 4 : c l e a n u p f e a t u r e t e s t m a c r o s w i t h p r e d i c a t e f u n c t i o n s ( D a r r i c k J . W o n g ) [ O r a b u g : 2 5 8 0 2 4 8 1 ] { C V E - 2 0 1 6 - 1 0 2 0 8 } b r > - K V M : x 8 6 : f i x e m u l a t i o n o f ' M O V S S , n u l l s e l e c t o r ' ( P a o l o B o n z i n i ) [ O r a b u g : 2 5 8 0 2 2 7 8 ] { C V E - 2 0 1 7 - 2 5 8 3 } { C V E - 2 0 1 7 - 2 5 8 3 } b r > - g f s 2 : f i x s l a b c o r r u p t i o n d u r i n g m o u n t i n g a n d u m o u n t i n g g f s f i l e s y s t e m ( T h o m a s T a i ) b r > - g f s 2 : h a n d l e N U L L r g d i n s e t _ r g r p _ p r e f e r e n c e s ( A b h i D a s ) [ O r a b u g : 2 5 7 9 1 6 6 2 ] b r > - R e v e r t ' f i x m i n o r i n f o l e a k i n g e t _ u s e r _ e x ( ) ' ( B r i a n M a l y ) [ O r a b u g : 2 5 7 9 0 3 7 0 ] { C V E - 2 0 1 6 - 9 6 4 4 } b r > - s c h e d / w a i t : F i x s i g n a l h a n d l i n g i n b i t w a i t h e l p e r s ( P e t e r Z i j l s t r a ) [ O r a b u g : 2 5 4 1 6 9 9 0 ] b r > - x e n - p c i f r o n t / h v m : S l u r p u p ' p x m ' e n t r y a n d s e t N U M A n o d e o n P C I e d e v i c e . ( V 5 ) ( K o n r a d R z e s z u t e k W i l k ) b r > - I B / C O R E : s y n c t h e r e s o u c e a c c e s s i n f m r _ p o o l ( W e n g a n g W a n g ) b r > - n e t : p i n g : c h e c k m i n i m u m s i z e o n I C M P h e a d e r l e n g t h ( K e e s C o o k ) [ O r a b u g : 2 5 7 6 6 8 8 4 ] { C V E - 2 0 1 6 - 8 3 9 9 } { C V E - 2 0 1 6 - 8 3 9 9 } b r > - s c s i : s g : c h e c k l e n g t h p a s s e d t o S G _ N E X T _ C M D _ L E N ( p e t e r c h a n g ) [ O r a b u g : 2 5 7 5 1 3 9 5 ] { C V E - 2 0 1 7 - 7 1 8 7 } b r > - x e n - n e t f r o n t : R e w o r k t h e f i x f o r R x s t a l l d u r i n g O O M a n d n e t w o r k s t r e s s ( D o n g l i Z h a n g ) [ O r a b u g : 2 5 7 4 7 7 2 1 ] b r > - x e n - n e t f r o n t : F i x R x s t a l l d u r i n g n e t w o r k s t r e s s a n d O O M ( D o n g l i Z h a n g ) [ O r a b u g : 2 5 7 4 7 7 2 1 ] b r > - i p c / s h m : F i x s h m a t m m a p n i l - p a g e p r o t e c t i o n ( D a v i d l o h r B u e s o ) [ O r a b u g : 2 5 7 1 7 0 9 4 ] { C V E - 2 0 1 7 - 5 6 6 9 } b r > b r > [ 4 . 1 . 1 2 - 1 0 1 ] b r > - s g _ w r i t e ( ) / b s g _ w r i t e ( ) i s n o t f i t t o b e c a l l e d u n d e r K E R N E L _ D S ( A l V i r o ) [ O r a b u g : 2 5 3 4 0 0 7 1 ] { C V E - 2 0 1 6 - 1 0 0 8 8 } b r > - t c p : f i x p o t e n t i a l m e m o r y c o r r u p t i o n ( E r i c D u m a z e t ) [ O r a b u g : 2 5 1 4 0 3 8 2 ] b r > - b l o c k : f i x u s e - a f t e r - f r e e i n s e q f i l e ( V e g a r d N o s s u m ) [ O r a b u g : 2 5 1 3 4 5 4 1 ] { C V E - 2 0 1 6 - 7 9 1 0 } b r > - x f s : C o r r e c t l y l o c k i n o d e w h e n r e m o v i n g s u i d a n d f i l e c a p a b i l i t i e s ( J a n K a r a ) [ O r a b u g : 2 4 8 0 3 5 3 3 ] b r > - f s : C a l l s e c u r i t y _ o p s - > i n o d e _ k i l l p r i v o n t r u n c a t e ( J a n K a r a ) [ O r a b u g : 2 4 8 0 3 5 3 3 ] b r > - f s : P r o v i d e f u n c t i o n t e l l i n g w h e t h e r f i l e _ r e m o v e _ p r i v s ( ) w i l l d o a n y t h i n g ( J a n K a r a ) [ O r a b u g : 2 4 8 0 3 5 3 3 ] b r > - f s : R e n a m e f i l e _ r e m o v e _ s u i d ( ) t o f i l e _ r e m o v e _ p r i v s ( ) ( J a n K a r a ) [ O r a b u g : 2 4 8 0 3 5 3 3 ] b r > - I B / u v e r b s : F i x l e a k o f X R C t a r g e t Q P s ( T a r i q T o u k a n ) [ O r a b u g : 2 4 7 6 1 7 3 2 ] b r > - S o m e u n s u p p o r t e d i o c t l s g e t l o g g e d u n n e c e s s a r i l y ( V e n k a t V e n k a t s u b r a ) [ O r a b u g : 2 4 5 1 0 1 3 7 ] b r > - I B / i p o i b : E x p o s e a c l _ e n a b l e s y s f s f i l e a s r e a d o n l y ( Y u v a l S h a i a ) [ O r a b u g : 2 5 9 9 3 9 5 1 ] b r > - d t r a c e : i m p r o v e i o p r o v i d e r c o v e r a g e ( N i c o l a s D r o u x ) [ O r a b u g : 2 5 8 1 6 5 3 7 ] b r > b r > [ 4 . 1 . 1 2 - 1 0 0 ] b r > - o l 7 / c o n f i g : e n a b l e n f _ t a b l e s p a c k e t d u p l i c a t i o n s u p p o r t ( E t h a n Z h a o ) [ O r a b u g : 2 4 6 9 4 5 7 0 ] b r > - n e t f i l t e r : n f _ d u p : a d d m i s s i n g d e p e n d e n c i e s w i t h N F _ C O N N T R A C K ( P a b l o N e i r a A y u s o ) [ O r a b u g : 2 4 6 9 4 5 7 0 ] b r > - n e t f i l t e r : n f _ t a b l e s : a d d n f t _ d u p e x p r e s s i o n ( P a b l o N e i r a A y u s o ) [ O r a b u g : 2 4 6 9 4 5 7 0 ] b r > - n e t f i l t e r : f a c t o r o u t p a c k e t d u p l i c a t i o n f o r I P v 4 / I P v 6 ( P a b l o N e i r a A y u s o ) [ O r a b u g : 2 4 6 9 4 5 7 0 ] b r > - n e t f i l t e r : x t _ T E E : g e t r i d o f W I T H _ C O N N T R A C K d e f i n i t i o n ( P a b l o N e i r a A y u s o ) [ O r a b u g : 2 4 6 9 4 5 7 0 ] b r > - n e t f i l t e r : m o v e t e e _ a c t i v e t o c o r e ( F l o r i a n W e s t p h a l ) [ O r a b u g : 2 4 6 9 4 5 7 0 ] b r > - i p v 6 : S e t F L O W I _ F L A G _ K N O W N _ N H a t f l o w i 6 _ f l a g s ( M a r t i n K a F a i L a u ) [ O r a b u g : 2 4 6 9 4 5 7 0 ] b r > - e x t 4 : F i x d a t a e x p o s u r e a f t e r f a i l e d A I O D I O ( J a n K a r a ) [ O r a b u g : 2 4 3 9 3 8 1 1 ] b r > - x f s : f o l d x f s _ v m _ d o _ d i o i n t o x f s _ v m _ d i r e c t _ I O ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 4 3 9 3 8 1 1 ] b r > - x f s : d o n t u s e i o e n d s f o r d i r e c t w r i t e c o m p l e t i o n s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 4 3 9 3 8 1 1 ] b r > - d i r e c t - i o : a l w a y s c a l l - > e n d _ i o i f n o n - N U L L ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 4 3 9 3 8 1 1 ] b r > - B t r f s : s e n d , f i x f a i l u r e t o r e n a m e t o p l e v e l i n o d e d u e t o n a m e c o l l i s i o n ( R o b b i e K o ) [ O r a b u g : 2 5 9 9 4 2 8 0 ] b r > - P C I : C h e c k p r e f c o m p a t i b l e b i t f o r m e m 6 4 r e s o u r c e o f P C I e d e v i c e ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - O F / P C I : A d d I O R E S O U R C E _ M E M _ 6 4 f o r 6 4 - b i t r e s o u r c e ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - s p a r c / P C I : K e e p r e s o u r c e i d x o r d e r w i t h b r i d g e r e g i s t e r n u m b e r ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - s p a r c / P C I : A d d I O R E S O U R C E _ M E M _ 6 4 f o r 6 4 - b i t r e s o u r c e i n O F p a r s i n g ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - s p a r c / P C I : R e s e r v e l e g a c y m m i o a f t e r P C I m m i o ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - P C I : A d d p c i _ f i n d _ b u s _ r e s o u r c e ( ) ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - s p a r c / P C I : U s e c o r r e c t o f f s e t f o r b u s a d d r e s s t o r e s o u r c e ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - P C I : R e m o v e _ _ p c i _ m m a p _ m a k e _ o f f s e t ( ) ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - P C I : L e t p c i _ m m a p _ p a g e _ r a n g e ( ) t a k e r e s o u r c e a d d r e s s ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - P C I : F i x p r o c m m a p o n s p a r c ( Y i n g h a i L u ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - P C I : S u p p l y C P U p h y s i c a l a d d r e s s ( n o t b u s a d d r e s s ) t o i o m e m _ i s _ e x c l u s i v e ( ) ( B j o r n H e l g a a s ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' s p a r c / P C I : U s e c o r r e c t b u s a d d r e s s t o r e s o u r c e o f f s e t ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' s p a r c / P C I : U n i f y p c i _ r e g i s t e r _ r e g i o n ( ) ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' s p a r c / P C I : R e s e r v e l e g a c y m m i o a f t e r P C I m m i o ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' s p a r c / P C I : A d d I O R E S O U R C E _ M E M _ 6 4 f o r 6 4 - b i t r e s o u r c e i n O F p a r s i n g ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' s p a r c / P C I : K e e p r e s o u r c e i d x o r d e r w i t h b r i d g e r e g i s t e r n u m b e r ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' P C I : k i l l w r o n g q u i r k a b o u t M 7 1 0 1 ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' O F / P C I : A d d I O R E S O U R C E _ M E M _ 6 4 f o r 6 4 - b i t r e s o u r c e ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' P C I : C h e c k p r e f c o m p a t i b l e b i t f o r m e m 6 4 r e s o u r c e o f P C I e d e v i c e ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' P C I : O n l y t r e a t n o n - p r e f m m i o 6 4 a s p r e f i f a l l b r i d g e s h a v e M E M _ 6 4 ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' P C I : A d d h a s _ m e m 6 4 f o r s t r u c t h o s t _ b r i d g e ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' P C I : O n l y t r e a t n o n - p r e f m m i o 6 4 a s p r e f i f h o s t b r i d g e h a s m m i o 6 4 ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' P C I : R e s t o r e p r e f M M I O a l l o c a t i o n l o g i c f o r h o s t b r i d g e w i t h o u t m m i o 6 4 ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - R e v e r t ' s p a r c : A c c o m m o d a t e m e m 6 4 _ o f f s e t ! = m e m _ o f f s e t i n p b m c o n f i g u r a t i o n ' ( K h a l i d A z i z ) [ O r a b u g : 2 2 8 5 5 1 3 3 ] b r > - P C I : P r e v e n t V P D a c c e s s f o r Q L o g i c I S P 2 7 2 2 ( E t h a n Z h a o ) [ O r a b u g : 2 5 9 7 5 4 8 2 ] b r > - P C I : P r e v e n t V P D a c c e s s f o r b u g g y d e v i c e s ( B a b u M o g e r ) [ O r a b u g : 2 5 9 7 5 4 8 2 ] b r > - t a r g e t : c o n s o l i d a t e b a c k e n d a t t r i b u t e i m p l e m e n t a t i o n s ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 7 9 1 7 8 9 ] b r > - t a r g e t : s i m p l i f y b a c k e n d d r i v e r r e g i s t r a t i o n ( C h r i s t o p h H e l l w i g ) [ O r a b u g : 2 5 7 9 1 7 8 9 ] b r > - x 8 6 / t s c : E n u m e r a t e S K L c p u _ k h z a n d t s c _ k h z v i a C P U I D ( L e n B r o w n ) [ O r a b u g : 2 5 9 4 8 9 1 3 ] b r > - x 8 6 / t s c : S a v e a n i n d e n t a t i o n l e v e l i n r e c a l i b r a t e _ c p u _ k h z ( ) ( B o r i s l a v P e t k o v ) [ O r a b u g : 2 5 9 4 8 9 1 3 ] b r > - x 8 6 / t s c _ m s r : R e m o v e i r q o f f a r o u n d M S R - b a s e d T S C e n u m e r a t i o n ( L e n B r o w n ) [ O r a b u g : 2 5 9 4 8 9 1 3 ] b r > - p e r f / x 8 6 : F i x t i m e _ s h i f t i n p e r f _ e v e n t _ m m a p _ p a g e ( A d r i a n H u n t e r ) [ O r a b u g : 2 5 9 4 8 9 1 3 ] b r > - p e r f / x 8 6 : I m p r o v e a c c u r a c y o f p e r f / s c h e d c l o c k ( A d r i a n H u n t e r ) [ O r a b u g : 2 5 9 4 8 9 1 3 ] b r > - x 8 6 / a p i c : H a n d l e z e r o v e c t o r g r a c e f u l l y i n c l e a r _ v e c t o r _ i r q ( ) ( K e i t h B u s c h ) [ O r a b u g : 2 4 5 1 5 9 9 8 ] b r > - d t r a c e : p r o c : : : e x i t s h o u l d t r i g g e r o n l y i f t h r e a d g r o u p e x i t s ( T o m a s J e d l i c k a ) [ O r a b u g : 2 5 9 0 4 2 9 8 ] b r > - H I D : h i d - c y p r e s s : v a l i d a t e l e n g t h o f r e p o r t ( G r e g K r o a h - H a r t m a n ) [ O r a b u g : 2 5 7 9 5 9 8 5 ] { C V E - 2 0 1 7 - 7 2 7 3 } b r > - c t f : p r e v e n t m o d u l e s o n t h e d e d u p b l a c k l i s t f r o m s h a r i n g a n y t y p e s a t a l l ( N i c k A l c o c k ) [ O r a b u g : 2 6 1 3 7 2 2 0 ] b r > - c t f : e m i t b i t f i e l d s i n i n - m e m o r y o r d e r ( N i c k A l c o c k ) [ O r a b u g : 2 5 8 1 5 1 2 9 ] b r > - c t f : b i t f i e l d s u p p o r t ( N i c k A l c o c k ) [ O r a b u g : 2 5 8 1 5 1 2 9 ] b r > - c t f : e m i t f i l e - s c o p e s t a t i c v a r i a b l e s ( N i c k A l c o c k ) [ O r a b u g : 2 5 9 6 2 3 8 7 ] b r > - c t f : s p e e d u p t h e d w a r f 2 c t f d u p l i c a t e d e t e c t o r s o m e m o r e ( N i c k A l c o c k ) [ O r a b u g : 2 5 8 1 5 3 0 6 ] b r > - c t f : s t r d u p ( ) - > x s t r d u p ( ) ( N i c k A l c o c k ) [ O r a b u g : 2 5 8 1 5 3 0 6 ] b r > - c t f : s p e e d u p t h e d w a r f 2 c t f d u p l i c a t e d e t e c t o r ( N i c k A l c o c k ) [ O r a b u g : 2 5 8 1 5 3 0 6 ] b r > - c t f : a d d m o d u l e p a r a m e t e r t o s i m p l e _ d w f l _ n e w ( ) a n d a d j u s t b o t h c a l l e r s ( N i c k A l c o c k ) b r > - c t f : f i x t h e s i z e o f i n t a n d a v o i d d u p l i c a t i n g i t ( N i c k A l c o c k ) [ O r a b u g : 2 5 8 1 5 1 2 9 ] b r > - c t f : a l l o w o v e r r i d i n g o f D I E a t t r i b u t e s : u s e i t f o r p a r e n t b i a s ( N i c k A l c o c k ) [ O r a b u g : 2 5 8 1 5 1 2 9 ] b r > - D T r a c e t c p / u d p p r o v i d e r p r o b e s ( A l a n M a g u i r e ) [ O r a b u g : 2 5 8 1 5 1 9 7 ] b r > - d t r a c e : d e f i n e D T R A C E _ P R O B E _ E N A B L E D t o 0 w h e n ! C O N F I G _ D T R A C E ( N i c k A l c o c k ) [ O r a b u g : 2 6 1 4 5 7 8 8 ] b r > - d t r a c e : e n s u r e l i m i t i s e n f o r c e d e v e n w h e n p c s i s N U L L ( K r i s V a n H e e s ) [ O r a b u g : 2 5 9 4 9 6 9 2 ] b r > - d t r a c e : m a k e x 8 6 _ 6 4 F B T r e t u r n p r o b e d e t e c t i o n l e s s r e s t r i c t i v e ( K r i s V a n H e e s ) [ O r a b u g : 2 5 9 4 9 0 4 8 ] b r > - d t r a c e : s u p p o r t p a s s i n g o f f s e t a s a r g 0 t o F B T r e t u r n p r o b e s ( K r i s V a n H e e s ) [ O r a b u g : 2 5 9 4 9 0 8 6 ] b r > - d t r a c e : m a k e F B T e n t r y p r o b e d e t e c t i o n l e s s r e s t r i c t i v e o n x 8 6 _ 6 4 ( K r i s V a n H e e s ) [ O r a b u g : 2 5 9 4 9 0 3 0 ] b r > - d t r a c e : a d j u s t F B T e n t r y p r o b e d e c t i o n f o r O L 7 ( K r i s V a n H e e s ) [ O r a b u g : 2 5 9 2 1 3 6 1 ] b r > b r > [ 4 . 1 . 1 2 - 9 9 ] b r > - R e - e n a b l e S D P f o r u e k - n a n o k e r n e l ( A s h o k V a i r a v a n ) [ O r a b u g : 2 5 9 9 9 9 3 7 ] b r > - q l a 2 x x x : F i x N U L L p o i n t e r d e r e f i n Q L A i n t e r r u p t ( B r u n o P r a m o n t ) [ O r a b u g : 2 5 9 0 8 3 1 7 ] b r > - R e v e r t ' b e 2 n e t : f i x M A C a d d r s e t t i n g o n p r i v i l e g e d B E 3 V F s ' ( S o m a s u n d a r a m K r i s h n a s a m y ) [ O r a b u g : 2 5 8 7 0 3 0 3 ] b r > - R e v e r t ' b e 2 n e t : f i x i n i t i a l M A C s e t t i n g ' ( S o m a s u n d a r a m K r i s h n a s a m y ) [ O r a b u g : 2 5 8 0 2 8 4 2 ] b r > - x f s : t r a c k a n d s e r i a l i z e i n - f l i g h t a s y n c b u f f e r s a g a i n s t u n m o u n t ( B r i a n F o s t e r ) [ O r a b u g : 2 5 5 5 0 7 1 2 ] b r > - x f s : e x c l u d e n e v e r - r e l e a s e d b u f f e r s f r o m b u f t a r g I / O a c c o u n t i n g ( B r i a n F o s t e r ) [ O r a b u g : 2 5 5 5 0 7 1 2 ] b r > - d m e r a : s a v e s p a c e m a p m e t a d a t a r o o t a f t e r t h e p r e - c o m m i t ( S o m a s u n d a r a m K r i s h n a s a m y ) [ O r a b u g : 2 5 5 4 7 8 2 0 ] b r > - B t r f s : i n c r e m e n t a l s e n d , d o n o t i s s u e i n v a l i d r m d i r o p e r a t i o n s ( R o b b i e K o ) [ O r a b u g : 2 6 0 0 0 6 5 7 ] b r > - x 8 6 / p l a t f o r m / u v / B A U : R e m o v e _ _ r o _ a f t e r _ i n i t d e c l a r a t i o n ( S o m a s u n d a r a m K r i s h n a s a m y ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - x 8 6 / p l a t f o r m : R e m o v e w a r n i n g m e s s a g e f o r d u p l i c a t e N M I h a n d l e r s ( M i k e T r a v i s ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - x 8 6 / p l a t f o r m / u v / B A U : I m p l e m e n t u v 4 _ w a i t _ c o m p l e t i o n w i t h r e a d _ s t a t u s ( A n d r e w B a n m a n ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - x 8 6 / p l a t f o r m / u v / B A U : A d d w a i t _ c o m p l e t i o n t o b a u _ o p e r a t i o n s ( A n d r e w B a n m a n ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - x 8 6 / p l a t f o r m / u v / B A U : A d d s t a t u s m m r l o c a t i o n f i e l d s t o b a u _ c o n t r o l ( A n d r e w B a n m a n ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - x 8 6 / p l a t f o r m / u v / B A U : C l e a n u p b a u _ o p e r a t i o n s d e c l a r a t i o n a n d i n s t a n c e s ( A n d r e w B a n m a n ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - x 8 6 / p l a t f o r m / u v / B A U : A d d p a y l o a d d e s c r i p t o r q u a l i f i e r ( A n d r e w B a n m a n ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - x 8 6 / p l a t f o r m / u v / B A U : A d d u v _ b a u _ v e r s i o n e n u m e r a t e d c o n s t a n t s ( A n d r e w B a n m a n ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - x 8 6 / p l a t f o r m / u v / B A U : F i x H U B e r r o r s b y r e m o v e i n i t i a l w r i t e t o s w - a c k r e g i s t e r ( A n d r e w B a n m a n ) [ O r a b u g : 2 5 9 2 0 2 3 7 ] b r > - f n i c : F i x i n g s c a b t s s t a t u s a n d f l a g s a s s i g n m e n t . ( S a t i s h K h a r a t ) [ O r a b u g : 2 5 6 3 8 8 8 0 ] b r > - f n i c : A d d i n g d e b u g I O , A b o r t l a t e n c y c o u n t e r a n d c h e c k c o n d i t i o n c o u n t t o f n i c s t a t s ( S a t i s h K h a r a t ) [ O r a b u g : 2 5 6 3 8 8 8 0 ] b r > - f n i c : A v o i d f a l s e o u t - o f - o r d e r d e t e c t i o n f o r a b o r t e d c o m m a n d ( S a t i s h K h a r a t ) [ O r a b u g : 2 5 6 3 8 8 8 0 ] b r > - s c s i : f n i c : C o r r e c t i n g r p o r t c h e c k l o c a t i o n i n f n i c _ q u e u e c o m m a n d _ l c k ( S a t i s h K h a r a t ) [ O r a b u g : 2 5 6 3 8 8 8 0 ] b r > - f n i c : m i n o r w h i t e s p a c e c h a n g e s ( S a t i s h K h a r a t ) [ O r a b u g : 2 5 6 3 8 8 8 0 ] b r > - s c s i : f n i c : A v o i d s e n d i n g r e s e t t o f i r m w a r e w h e n a n o t h e r r e s e t i s i n p r o g r e s s ( S a t i s h K h a r a t ) [ O r a b u g : 2 5 6 3 8 8 8 0 ] b r > - o v l : D o d _ t y p e c h e c k o n l y i f w o r k d i r c r e a t i o n w a s s u c c e s s f u l ( V i v e k G o y a l ) [ O r a b u g : 2 5 8 0 2 6 2 0 ] b r > - o v l : E n s u r e u p p e r f i l e s y s t e m s u p p o r t s d _ t y p e ( V i v e k G o y a l ) [ O r a b u g : 2 5 8 0 2 6 2 0 ] b r > - s p a r c 6 4 : A d d h a r d w a r e c a p a b i l i t i e s f o r M 8 ( D a v e A l d r i d g e ) [ O r a b u g : 2 5 5 5 5 7 4 6 ] b r > - s p a r c 6 4 : S t o p p e r f o r m a n c e c o u n t e r b e f o r e u p d a t i n g ( D a v e A l d r i d g e ) [ O r a b u g : 2 5 4 4 1 7 0 7 ] b r > - s p a r c 6 4 : F i x a r a c e c o n d i t i o n w h e n s t o p p i n g p e r f o r m a n c e c o u n t e r s ( D a v e A l d r i d g e ) [ O r a b u g : 2 5 4 4 1 7 0 7 ] b r > - a r c h / s p a r c : U s e n e w m i s a l i g n e d l o a d i n s t r u c t i o n s f o r m e m c p y a n d c o p y _ f r o m _ u s e r ( A l l e n P a i s ) [ O r a b u g : 2 5 3 8 1 5 6 7 ] b r > - a r c h / s p a r c : A d d a s e p a r a t e k e r n e l m e m c p y f u n c t i o n s f o r M 8 ( A l l e n P a i s ) [ O r a b u g : 2 5 3 8 1 5 6 7 ] b r > - s p a r c 6 4 : p e r f : m a k e s u r e w e d o n o t s e t t h e ' p i c n h t ' b i t i n t h e P C R ( D a v e A l d r i d g e ) [ O r a b u g : 2 4 9 2 6 0 9 7 ] b r > - s p a r c 6 4 : p e r f : m o v e M 7 p m u e v e n t d e f i n i t i o n s t o s e p e r a t e f i l e ( D a v e A l d r i d g e ) [ O r a b u g : 2 3 3 3 3 5 7 2 ] b r > - s p a r c 6 4 : p e r f : a d d p e r f s u p p o r t f o r M 8 d e v i c e s ( D a v e A l d r i d g e ) [ O r a b u g : 2 3 3 3 3 5 7 2 ] b r > - s p a r c 6 4 : p e r f : F i x t h e m a p p i n g b e t w e e n p e r f e v e n t s a n d p e r f c o u n t e r s ( D a v e A l d r i d g e ) [ O r a b u g : 2 3 3 3 3 5 7 2 ] b r > - S P A R C 6 4 : E n a b l e I O M M U b y p a s s f o r I B ( A l l e n P a i s ) [ O r a b u g : 2 5 5 7 3 5 5 7 ] b r > - S P A R C 6 4 : I n t r o d u c e I O M M U B Y P A S S m e t h o d ( A l l e n P a i s ) [ O r a b u g : 2 5 5 7 3 5 5 7 ] b r > - P C I : A d d P C I I D s f o r I n f i n i b a n d ( T u s h a r D a v e ) [ O r a b u g : 2 5 5 7 3 5 5 7 ] b r > - s c h e d / f a i r : D i s a b l e t h e t a s k g r o u p l o a d _ a v g u p d a t e f o r t h e r o o t _ t a s k _ g r o u p ( W a i m a n L o n g ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : M o v e t h e c a c h e - h o t ' l o a d _ a v g ' v a r i a b l e i n t o i t s o w n c a c h e l i n e ( A t i s h P a t r a ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : A v o i d r e d u n d a n t i d l e _ c p u ( ) c a l l i n u p d a t e _ s g _ l b _ s t a t s ( ) ( W a i m a n L o n g ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : C l e a n u p l o a d a v e r a g e r e f e r e n c e s ( A t i s h P a t r a ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : P r o v i d e r u n n a b l e _ l o a d _ a v g b a c k t o c f s _ r q ( Y u y a n g D u ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : R e m o v e t a s k a n d g r o u p e n t i t y l o a d w h e n t h e y a r e d e a d ( Y u y a n g D u ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : I n i t c f s _ r q s s c h e d _ e n t i t y l o a d a v e r a g e ( Y u y a n g D u ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : I m p l e m e n t u p d a t e _ b l o c k e d _ a v e r a g e s ( ) f o r C O N F I G _ F A I R _ G R O U P _ S C H E D = n ( V i n c e n t G u i t t o t ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : R e w r i t e r u n n a b l e l o a d a n d u t i l i z a t i o n a v e r a g e t r a c k i n g ( A t i s h P a t r a ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s c h e d / f a i r : R e m o v e r q s r u n n a b l e a v g ( Y u y a n g D u ) [ O r a b u g : 2 5 5 4 4 5 6 0 ] b r > - s p a r c 6 4 : A l l o w e n a b l i n g A D I o n h u g e p a g e s o n l y ( K h a l i d A z i z ) [ O r a b u g : 2 5 9 6 9 3 7 7 ] b r > - s p a r c 6 4 : S a v e A D I t a g s o n A D I e n a b l e d p l a t f o r m s o n l y ( K h a l i d A z i z ) [ O r a b u g : 2 5 9 6 1 5 9 2 ] b r > - s p a r c 6 4 : i n c r e a s e F O R C E _ M A X _ Z O N E O R D E R t o 1 6 ( A l l e n P a i s ) [ O r a b u g : 2 5 4 4 8 1 0 8 ] b r > - s p a r c 6 4 : t s b s i z e e x p a n s i o n ( b o b p i c c o ) [ O r a b u g : 2 5 4 4 8 1 0 8 ] b r > - s p a r c 6 4 : m a k e t s b p o i n t e r c o m p u t a t i o n s y m b o l i c ( b o b p i c c o ) [ O r a b u g : 2 5 4 4 8 1 0 8 ] b r > - s p a r c 6 4 : f i x i n t e r m i t t e n t L D o m h a n g w a i t i n g f o r v d c _ p o r t _ u p ( T h o m a s T a i ) b r > - s p a r c 6 4 : b l o c k / s u n v d c : R e n a m e d b i o v a r i a b l e n a m e f r o m r e q t o b i o ( V i j a y K u m a r ) [ O r a b u g : 2 5 1 2 8 2 6 5 ] b r > - s p a r c 6 4 : b l o c k / s u n v d c : A d d e d i o s t a t s a c c o u n t i n g f o r b i o b a s e d v d i s k ( V i j a y K u m a r ) [ O r a b u g : 2 5 1 2 8 2 6 5 ] b r > - s p a r c 6 4 : R e m o v e n o d e r e s t r i c t i o n f r o m P R I Q M S I a s s i g n m e n t s ( c h r i s h y s e r ) [ O r a b u g : 2 5 1 1 0 7 4 8 ] b r > - b l k - m q : C l e a n u p a l l _ q _ l i s t o n r e q u e s t _ q u e u e d e l e t i o n ( c h r i s h y s e r ) [ O r a b u g : 2 5 5 6 9 3 3 1 ] b r > - s p a r c 6 4 : k e r n _ a d d r _ v a l i d r e g r e s s i o n ( b o b p i c c o ) [ O r a b u g : 2 5 8 6 0 5 4 2 ] b r > b r > [ 4 . 1 . 1 2 - 9 8 ] b r > - s p a r c 6 4 : D e t e c t D A X r a + p g s z w h e n h v a p i m i n o r d o e s n t i n d i c a t e i t ( R o b G a r d n e r ) [ O r a b u g : 2 5 9 1 1 0 0 8 ] b r > - s p a r c 6 4 : D A X m e m o r y w i l l u s e R A + P G S Z f e a t u r e i n H V ( R o b G a r d n e r ) [ O r a b u g : 2 5 9 1 1 0 0 8 ] [ O r a b u g : 2 5 9 3 1 4 1 7 ] b r > - s p a r c 6 4 : D i s a b l e D A X f l o w c o n t r o l ( R o b G a r d n e r ) [ O r a b u g : 2 5 9 9 7 2 0 2 ] b r > - s p a r c 6 4 : A d d D A X h y p e r v i s o r s e r v i c e s ( A l l e n P a i s ) [ O r a b u g : 2 5 9 9 6 4 1 1 ] b r > - K V M : V M X : f i x v m w r i t e t o i n v a l i d V M C S ( R a d i m K r c m a r ) b r > - R e v e r t ' i 4 0 e : e n a b l e V S I b r o a d c a s t p r o m i s c u o u s m o d e i n s t e a d o f a d d i n g b r o a d c a s t f i l t e r ' ( B r i a n M a l y ) [ O r a b u g : 2 5 8 7 7 4 4 7 ] b r > - s p a r c 6 4 : D A X m e m o r y n e e d s p e r s i s t e n t m a p p i n g s ( R o b G a r d n e r ) [ O r a b u g : 2 5 8 8 8 5 9 6 ] b r > - s p a r c 6 4 : F i x i n c o r r e c t e r r o r p r i n t i n D A X d r i v e r w h e n v a l i d a t i n g c c b ( S a n a t h K u m a r ) [ O r a b u g : 2 5 8 3 5 2 5 4 ] b r > - s p a r c 6 4 : D A X r e q u e s t f o r n o n 4 M B m e m o r y s h o u l d r e t u r n w i t h u n i q u e e r r n o ( S a n a t h K u m a r ) [ O r a b u g : 2 5 8 5 2 9 1 0 ] b r > - R e v e r t ' s p a r c 6 4 : D A X r e q u e s t f o r n o n 4 M B m e m o r y s h o u l d r e t u r n w i t h u n i q u e e r r n o ' ( A l l e n P a i s ) b r > - s p a r c 6 4 : D A X r e q u e s t t o m m a p n o n 4 M B m e m o r y s h o u l d f a i l w i t h a d e b u g p r i n t ( S a n a t h K u m a r ) [ O r a b u g : 2 5 8 5 2 9 1 0 ] b r > - s p a r c 6 4 : D A X r e q u e s t f o r n o n 4 M B m e m o r y s h o u l d r e t u r n w i t h u n i q u e e r r n o ( S a n a t h K u m a r ) [ O r a b u g : 2 5 8 5 2 9 1 0 ] b r > - s p a r c 6 4 : I n c o r r e c t p r i n t b y D A X d r i v e r w h e n o l d d r i v e r A P I i s u s e d ( S a n a t h K u m a r ) [ O r a b u g : 2 5 8 3 5 1 3 3 ] b r > - s p a r c 6 4 : D A X r e q u e s t t o d e q u e u e h a l f o f a l o n g C C B s h o u l d n o t s u c c e e d ( S a n a t h K u m a r ) [ O r a b u g : 2 5 8 2 7 2 5 4 ] b r > - s p a r c 6 4 : d a x _ o v e r f l o w _ c h e c k r e p o r t s i n c o r r e c t d a t a ( S a n a t h K u m a r ) [ O r a b u g : 2 5 8 2 0 3 9 5 ] b r > - s p a r c 6 4 : I g n o r e d D A X r e f c o u n t c a u s e s l o c k u p ( R o b G a r d n e r ) [ O r a b u g : 2 5 8 7 0 7 0 5 ] b r > - s p a r c 6 4 : d i s a b l e d a x p a g e r a n g e c h e c k i n g o n R A ( R o b G a r d n e r ) [ O r a b u g : 2 5 8 2 0 8 1 2 ] b r > - s p a r c 6 4 : O r a c l e D a t a A n a l y t i c s A c c e l e r a t o r ( D A X ) d r i v e r ( S a n a t h K u m a r ) [ O r a b u g : 2 3 0 7 2 8 0 9 ] b r > - s p a r c 6 4 : f i x a n i s s u e w h e n t r y i n g t o b r i n g h o t p l u g c p u s o n l i n e ( D a v e A l d r i d g e ) [ O r a b u g : 2 5 6 6 7 2 7 7 ] b r > - s p a r c 6 4 : F i x m e m o r y c o r r u p t i o n w h e n T H P i s e n a b l e d ( N i t i n G u p t a ) [ O r a b u g : 2 5 7 0 4 4 2 6 ] b r > - s p a r c 6 4 : F i x a d d r e s s r a n g e f o r p a g e t a b l e f r e e O r a b u g : 2 5 7 0 4 4 2 6 ( N i t i n G u p t a ) b r > - s p a r c 6 4 : A d d s u p p o r t f o r 2 G h u g e p a g e s ( N i t i n G u p t a ) [ O r a b u g : 2 5 7 0 4 4 2 6 ] b r > - s p a r c 6 4 : F i x s i z e c h e c k i n h u g e _ p t e _ a l l o c ( N i t i n G u p t a ) [ O r a b u g : 2 5 7 0 4 4 2 6 ] b r > - s p a r c 6 4 : F i x b u i l d e r r o r i n f l u s h _ t s b _ u s e r _ p a g e ( N i t i n G u p t a ) [ O r a b u g : 2 5 7 0 4 4 2 6 ] b r > - s p a r c 6 4 : A d d 6 4 K p a g e s i z e s u p p o r t ( N i t i n G u p t a ) [ O r a b u g : 2 5 7 0 4 4 2 6 ] b r > - s p a r c 6 4 : R e m o v e x l - h u g e p a g e s a n d a d d m u l t i - p a g e s i z e s u p p o r t ( A l l e n P a i s ) [ O r a b u g : 2 5 7 0 4 4 2 6 ] b r > - s p a r c 6 4 : d o n o t d e q u e u e s t a l e V D S I O w o r k e n t r i e s ( J a g R a m a n ) [ O r a b u g : 2 5 4 5 5 1 3 8 ] b r > - S P A R C 6 4 : V i r t u a l D i s k D e v i c e ( v d s d e v ) R e a d - O n l y O p t i o n ( o p t i o n s = r o ) n o t w o r k i n g ( G e o r g e K e n n e d y ) [ O r a b u g : 2 3 6 2 3 8 5 3 ] b r > - a r c h / s p a r c : F i x F P U r e g i s t e r c o r r u p t i o n w i t h A E S c r y p t o t e s t o n M 7 ( B a b u M o g e r ) [ O r a b u g : 2 5 2 6 5 8 7 8 ] b r > - s u n v n e t : x o f f n o t n e e d e d w h e n r e m o v i n g p o r t l i n k ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 9 0 5 3 7 ] b r > - s u n v n e t : c o u n t m u l t i c a s t p a c k e t s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 9 0 5 3 7 ] b r > - s u n v n e t : t r a c k p o r t q u e u e s c o r r e c t l y ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 9 0 5 3 7 ] b r > - s u n v n e t : a d d s t a t s t o t r a c k l d o m t o l d o m p a c k e t s a n d b y t e s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 9 0 5 3 7 ] b r > - l d m v s w : b e t t e r u s e o f l i n k u p a n d d o w n o n l d o m v s w i t c h ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 5 2 5 3 1 2 ] b r > - d t r a c e : f i x h a n d l i n g o f s a v e _ s t a c k _ t r a c e s e n t i n e l ( x 8 6 o n l y ) ( K r i s V a n H e e s ) [ O r a b u g : 2 5 7 2 7 0 4 6 ] b r > - d t r a c e : D T r a c e w a l l t i m e l o c k - f r e e i m p l e m e n t a t i o n ( T o m a s J e d l i c k a ) [ O r a b u g : 2 5 7 1 5 2 5 6 ] b r > b r > [ 4 . 1 . 1 2 - 9 7 ] b r > - m e g a r a i d : F i x u n a l i g n e d w a r n i n g ( A l l e n P a i s ) [ O r a b u g : 2 4 8 1 7 7 9 9 ] b r > - s p a r c 6 4 : R e s t r i c t n u m b e r o f p r o c e s s e s ( S a n a t h K u m a r ) [ O r a b u g : 2 4 5 2 3 6 8 0 ] b r > - S P A R C 6 4 : v d s _ b l k _ r w ( ) d o e s n o t h a n d l e d r i v e s w i t h q - > l i m i t s . c h u n k _ s e c t o r s > 0 ( G e o r g e K e n n e d y ) [ O r a b u g : 2 5 3 7 3 8 1 8 ] b r > - s p a r c 6 4 : I m p r o v e b o o t t i m e b y p e r c p u m a p u p d a t e ( A t i s h P a t r a ) [ O r a b u g : 2 5 4 9 6 4 6 3 ] b r > - a r c h / s p a r c : m e m b l o c k r e s i z e s a r e n o t h a n d l e d p r o p e r l y ( P a v e l T a t a s h i n ) [ O r a b u g : 2 5 4 1 5 3 9 6 ] b r > - S P A R C 6 4 : L D O M v n e t ' G o t u n e x p e c t e d M C A S T r e p l y ' ( G e o r g e K e n n e d y ) [ O r a b u g : 2 4 9 5 4 7 0 2 ] b r > - l d m v s w : d i s a b l e t s o a n d g s o f o r b r i d g e o p e r a t i o n s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 3 2 9 3 1 0 4 ] b r > - l d m v s w : u p d a t e a n d s i m p l i f y v e r s i o n s t r i n g ( S h a n n o n N e l s o n ) [ O r a b u g : 2 3 2 9 3 1 0 4 ] b r > - s u n v n e t : r e m o v e e x t r a r c u _ r e a d _ u n l o c k s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 3 2 9 3 1 0 4 ] b r > - s u n v n e t : s t r a i g h t e n u p m e s s a g e e v e n t h a n d l i n g l o g i c ( S h a n n o n N e l s o n ) [ O r a b u g : 2 3 2 9 3 1 0 4 ] b r > - s u n v n e t : a d d m e m o r y b a r r i e r b e f o r e c h e c k f o r t x e n a b l e ( S h a n n o n N e l s o n ) [ O r a b u g : 2 3 2 9 3 1 0 4 ] b r > - s u n v n e t : u p d a t e v e r s i o n a n d v e r s i o n p r i n t i n g ( S h a n n o n N e l s o n ) [ O r a b u g : 2 3 2 9 3 1 0 4 ] b r > - s u n v n e t : r e m o v e u n u s e d v a r i a b l e i n m a y b e _ t x _ w a k e u p ( S o w m i n i V a r a d h a n ) [ O r a b u g : 2 3 2 9 3 1 0 4 ] b r > - s u n v n e t : m a k e s u n v n e t c o m m o n c o d e d y n a m i c a l l y l o a d a b l e ( S h a n n o n N e l s o n ) [ O r a b u g : 2 3 2 9 3 1 0 4 ] b r > - h w r n g : n 2 - u p d a t e v e r s i o n i n f o ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 2 7 7 9 5 ] b r > - h w r n g : n 2 - s u p p o r t n e w h a r d w a r e r e g i s t e r l a y o u t ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 2 7 7 9 5 ] b r > - h w r n g : n 2 - a d d d e v i c e d a t a d e s c r i p t i o n s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 2 7 7 9 5 ] b r > - h w r n g : n 2 - l i m i t e r r o r s p e w a g e w h e n s e l f - t e s t f a i l s ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 2 7 7 9 5 ] b r > - h w r n g : n 2 - A t t a c h o n T 5 / M 5 , T 7 / M 7 S P A R C C P U s ( A n a t o l y P u g a c h e v ) [ O r a b u g : 2 5 1 2 7 7 9 5 ] b r > - t c p : f i x t c p _ f a s t o p e n u n a l i g n e d a c c e s s c o m p l a i n t s o n s p a r c ( S h a n n o n N e l s o n ) [ O r a b u g : 2 5 1 6 3 4 0 5 ] b r > - v d s : A d d p h y s i c a l b l o c k s u p p o r t ( L i a m R . H o w l e t t ) [ O r a b u g : 1 9 4 2 0 1 2 3 ] b r > - s p a r c 6 4 : A d d m i s s i n g h a r d w a r e c a p a b i l i t i e s f o r M 7 ( D a v e A l d r i d g e ) [ O r a b u g : 2 5 5 5 5 7 4 6 ] b r > - S P A R C 6 4 : F i x v d s _ v t o c _ s e t _ d e f a u l t d e b u g w i t h l a r g e d i s k s ( G e o r g e K e n n e d y ) [ O r a b u g : 2 5 4 2 3 8 0 2 ] b r > - s p a r c 6 4 : V D C t h r e a d s i n g u e s t d o m a i n d o n o t r e s u m e a f t e r p r i m a r y d o m a i n r e b o o t ( J a g R a m a n ) [ O r a b u g : 2 5 5 1 9 9 6 1 ] b r > - s u n v d c : A d d s u p p o r t f o r s e t t i n g p h y s i c a l s e c t o r s i z e ( L i a m R . H o w l e t t ) [ O r a b u g : 1 9 4 2 0 1 2 3 ] b r > - s p a r c 6 4 : c r e a t e / d e s t r o y c p u s y s f s d y n a m i c a l l y ( A t i s h P a t r a ) [ O r a b u g : 2 1 7 7 5 8 9 0 ] [ O r a b u g : 2 5 2 1 6 4 6 9 ] b r > - s p a r c 6 4 : D o n o t r e t a i n o l d V M _ S P A R C _ A D I f l a g w h e n p r o t e c t i o n c h a n g e s o n p a g e ( K h a l i d A z i z ) [ O r a b u g : 2 5 6 4 1 3 7 1 ] b r > - S P A R C 6 4 : V I O : S u p p o r t f o r v i r t u a l - d e v i c e M D n o d e p r o b i n g ( A a r o n Y o u n g ) [ O r a b u g : 2 4 8 4 1 9 0 6 ] b r > b r > [ 4 . 1 . 1 2 - 9 6 ] b r > - n e t / m l x 4 _ c o r e : D i s a l l o w c r e a t i o n o f R A W Q P s o n a V F ( E l i C o h e n ) [ O r a b u g : 2 5 7 8 4 6 0 2 2 ] b r > b r > [ 4 . 1 . 1 2 - 9 5 ] b r > - P C I : h v : M i c r o s o f t c h a n g e s i n s u p p o r t o f R H E L a n d U E K 4 ( J a k e O s h i n s ) [ O r a b u g : 2 5 5 0 7 6 3 5 ] b r > - A d d t h e P C I H o s t d r i v e r i n t o t h e U E K c o n f i g f i l e s ( J a c k V o g e l ) [ O r a b u g : 2 5 5 0 7 6 3 5 ] / p > \n \n \n b r > h 2 > R e l a t e d C V E s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 2 1 3 4 . h t m l \" > C V E - 2 0 1 7 - 1 2 1 3 4 / a > / t d > / t r > t r > t d > a h r e f = \" h t t p : / / l i n u x . o r a c l e . c o m / c v e / C V E - 2 0 1 7 - 1 0 0 0 3 6 5 . h t m l \" > C V E - 2 0 1 7 - 1 0 0 0 3 6 5 / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n b r > h 2 > U p d a t e d P a c k a g e s / h 2 > \n b r > t a b l e c e l l p a d d i n g = \" 2 \" c e l l s p a c i n g = \" 2 \" b o r d e r = \" 0 \" w i d t h = \" 1 0 0 % \" > t b o d y > \n t r s t y l e = \" c o l o r : # F F 0 0 0 0 ; \" > t d > b > R e l e a s e / A r c h i t e c t u r e / b > t d > b > F i l e n a m e / b > / t d > t d > b > M D 5 s u m / b > / t d > t d > b > S u p e r s e d e d B y A d v i s o r y / b > / t d > / t r > \n t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 6 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k - 0 . 6 . 1 - 3 . e l 6 . s r c . r p m / t d > t d > 6 3 3 0 1 d 6 6 d 7 c 4 1 3 b 3 d 1 2 9 2 6 4 2 5 c d d a 4 1 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k . s r c . r p m / t d > t d > b 1 b 6 f 6 5 5 6 1 b c 8 1 d b f 7 d 0 d 5 e 3 c e 1 5 b 4 6 a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k - 0 . 6 . 1 - 3 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 3 e 2 5 2 c e e 9 5 d c c 8 6 f 2 2 3 8 1 0 0 8 1 f 5 3 5 3 d 0 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - p r o v i d e r - h e a d e r s - 0 . 6 . 1 - 3 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 6 e 5 a 5 b 7 6 6 1 7 2 7 9 f 3 a a 6 5 9 1 8 4 e 7 d 7 e 9 3 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - s h a r e d - h e a d e r s - 0 . 6 . 1 - 3 . e l 6 . x 8 6 _ 6 4 . r p m / t d > t d > 9 9 e 4 6 5 9 6 1 c 9 3 9 1 f 4 d 6 6 2 5 1 9 8 c 8 8 e 0 7 3 c / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 7 2 1 2 0 7 5 f 5 3 7 c e 5 5 3 5 a 6 6 c 0 9 b 7 5 e 4 3 f 6 c / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 5 1 1 8 5 9 c a 5 9 4 6 3 9 b 0 2 c a e 2 4 1 1 c 9 a 8 1 a b e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 5 a 1 3 6 4 e b e a 4 4 b 6 0 4 3 9 e 9 5 e 4 8 3 3 1 8 c 1 3 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 8 0 c 2 c 0 f a 2 1 7 8 6 c 9 2 3 f 8 9 6 7 7 1 d d 3 a 9 2 9 1 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k . n o a r c h . r p m / t d > t d > 5 b a 7 3 1 7 9 8 6 2 d 5 1 d 3 e a c 5 f 3 6 e 1 c e 4 d 2 2 7 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 6 u e k . n o a r c h . r p m / t d > t d > 0 5 7 7 7 1 f e f 9 1 0 7 1 f 7 e 7 2 1 c f 6 c 1 e f 8 5 0 0 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d c o l s p a n = \" 4 \" > / t d > / t r > t r > t d > O r a c l e L i n u x 7 ( x 8 6 _ 6 4 ) / t d > t d > d t r a c e - m o d u l e s - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k - 0 . 6 . 1 - 3 . e l 7 . s r c . r p m / t d > t d > 2 9 6 3 6 a 1 1 3 0 6 a f c 3 b f d e a 3 1 d 9 7 1 8 a b e 2 5 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k . s r c . r p m / t d > t d > 2 2 1 6 b c 0 0 0 1 e 3 a 4 e 9 f f 7 3 c 3 8 8 c e f a c 2 9 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k - 0 . 6 . 1 - 3 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > b 1 a b e 3 7 3 0 1 5 9 3 e b e 2 c 4 9 8 f 0 5 f 8 c 3 d 4 0 d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - p r o v i d e r - h e a d e r s - 0 . 6 . 1 - 3 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > d e 4 b c 3 f 5 3 0 8 1 0 d c 2 4 1 e f 7 3 c 4 f 1 4 7 f 5 4 d / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > d t r a c e - m o d u l e s - s h a r e d - h e a d e r s - 0 . 6 . 1 - 3 . e l 7 . x 8 6 _ 6 4 . r p m / t d > t d > c 6 8 1 f 7 7 e 9 2 9 6 d e 7 a d 9 8 0 f 0 6 f a f 4 1 7 3 6 8 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 8 7 8 5 1 c 0 d 1 c e c b 0 c 9 d b 8 4 6 9 2 7 1 3 b 5 0 d d 4 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > e 6 b f 2 a 4 7 1 8 4 d 6 a 4 e 4 4 9 9 0 6 6 3 0 8 5 3 4 3 0 f / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e b u g - d e v e l - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 0 9 8 e c 3 d c e f 9 1 0 d 1 1 6 f 4 c d 3 b c 6 7 4 8 9 0 2 e / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d e v e l - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k . x 8 6 _ 6 4 . r p m / t d > t d > 0 9 6 d 3 f 8 6 a f 9 e 4 a b 1 d 4 5 e 5 e d 1 1 f d 3 b 1 6 9 / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - d o c - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k . n o a r c h . r p m / t d > t d > a b 2 6 a 1 f 6 8 0 f a 7 f 7 7 3 6 8 9 2 6 7 d f 4 5 8 8 1 9 a / t d > t d > a h r e f = # > - / a > / t d > / t r > t r > t d > / t d > t d > k e r n e l - u e k - f i r m w a r e - 4 . 1 . 1 2 - 1 0 3 . 3 . 8 . e l 7 u e k . n o a r c h . r p m / t d > t d > 3 c f 7 2 2 6 3 d 4 4 1 0 8 b 4 1 7 5 f 5 9 5 4 f d 3 b 0 7 f 2 / t d > t d > a h r e f = # > - / a > / t d > / t r > \n / t b o d y > / t a b l e > \n \n \n b r > b r > \n b r > p > \n T h i s p a g e i s g e n e r a t e d a u t o m a t i c a l l y a n d h a s n o t b e e n c h e c k e d f o r e r r o r s o r o m i s s i o n s . F o r c l a r i f i c a t i o n \n o r c o r r e c t i o n s p l e a s e c o n t a c t t h e a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / \" > O r a c l e L i n u x U L N t e a m / a > / p > \n \n \n \n / d i v > \n ! - - \n / d i v > \n - - > \n / d i v > \n / d i v > \n \n \n d i v i d = \" m c 1 6 \" c l a s s = \" m c 1 6 v 0 \" > \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > T e c h n i c a l i n f o r m a t i o n / h 2 > \n u l > \n l i > a h r e f = \" h t t p s : / / l i n u x . o r a c l e . c o m / h a r d w a r e - c e r t i f i c a t i o n s \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x C e r t i f i e d H a r d w a r e / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / l i b r a r y / e l s p - l i f e t i m e - 0 6 9 3 3 8 . p d f \" > O r a c l e L i n u x S u p p o r t e d R e l e a s e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 1 \" > \n h 2 > O r a c l e L i n u x S u p p o r t / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / t e c h n o l o g i e s / l i n u x / O r a c l e L i n u x S u p p o r t / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e L i n u x S u p p o r t / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / p r e m i e r / s e r v e r s - s t o r a g e / o v e r v i e w / i n d e x . h t m l \" t a r g e t = \" _ b l a n k \" > O r a c l e P r e m i e r S u p p o r t f o r S y s t e m s / a > / l i > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / s u p p o r t / a d v a n c e d - c u s t o m e r - s e r v i c e s / o v e r v i e w / \" > A d v a n c e d C u s t o m e r S e r v i c e s / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 2 \" > \n h 2 > C o n n e c t / h 2 > \n u l > \n l i c l a s s = \" f b i c o n \" > a h r e f = \" h t t p : / / w w w . f a c e b o o k . c o m / o r a c l e l i n u x \" t i t l e = \" F a c e b o o k \" n a m e = \" F a c e b o o k \" t a r g e t = \" _ b l a n k \" i d = \" F a c e b o o k \" > F a c e b o o k / a > / l i > \n l i c l a s s = \" t w i c o n \" > a h r e f = \" h t t p : / / w w w . t w i t t e r . c o m / O r a c l e L i n u x \" t i t l e = \" T w i t t e r \" n a m e = \" T w i t t e r \" t a r g e t = \" _ b l a n k \" i d = \" T w i t t e r \" > T w i t t e r / a > / l i > \n l i c l a s s = \" i n i c o n \" > a h r e f = \" h t t p : / / w w w . l i n k e d i n . c o m / g r o u p s ? g i d = 1 2 0 2 3 8 \" t i t l e = \" L i n k e d I n \" n a m e = \" L i n k e d I n \" t a r g e t = \" _ b l a n k \" i d = \" L i n k e d I n \" > L i n k e d I n / a > / l i > \n l i c l a s s = \" y t i c o n \" > a h r e f = \" h t t p : / / w w w . y o u t u b e . c o m / o r a c l e l i n u x c h a n n e l \" t i t l e = \" Y o u T u b e \" n a m e = \" Y o u T u b e \" t a r g e t = \" _ b l a n k \" i d = \" Y o u T u b e \" > Y o u T u b e / a > / l i > \n l i c l a s s = \" b l o g i c o n \" > a h r e f = \" h t t p : / / b l o g s . o r a c l e . c o m / l i n u x \" t i t l e = \" B l o g \" n a m e = \" B l o g \" > B l o g / a > / l i > \n / u l > \n / d i v > \n \n d i v c l a s s = \" m c 1 6 w 3 \" > \n h 2 > C o n t a c t U s / h 2 > \n u l > \n l i > a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / u s / c o r p o r a t e / c o n t a c t / g l o b a l - 0 7 0 5 1 1 . h t m l \" > G l o b a l c o n t a c t s / a > / l i > \n l i > O r a c l e 1 - 8 0 0 - 6 3 3 - 0 6 9 1 / l i > \n / u l > \n / d i v > \n / d i v > \n / d i v > \n \n d i v i d = \" m c 0 4 \" c l a s s = \" m c 0 4 v 1 \" > \n d i v c l a s s = \" m c 0 4 w 1 \" > \n a h r e f = \" h t t p : / / o r a c l e . c o m \" > i m g s r c = \" / / w w w . o r a c l e i m g . c o m / a s s e t s / m c 0 4 - f o o t e r - l o g o . p n g \" b o r d e r = \" 0 \" a l t = \" s o f t w a r e . h a r d w a r e . c o m p l e t e \" / > / a > \n / d i v > \n \n d i v c l a s s = \" m c 0 4 w 2 \" > \n a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / s u b s c r i b e / i n d e x . h t m l \" > S u b s c r i b e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / e m p l o y m e n t / i n d e x . h t m l \" > C a r e e r s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / c o r p o r a t e / c o n t a c t / i n d e x . h t m l \" > C o n t a c t U s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / c o p y r i g h t . h t m l \" > L e g a l N o t i c e s / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / t e r m s . h t m l \" > T e r m s o f U s e / a > | a h r e f = \" h t t p : / / w w w . o r a c l e . c o m / h t m l / p r i v a c y . h t m l \" > Y o u r P r i v a c y R i g h t s / a > \n / d i v > \n / d i v > \n / d i v > \n / b o d y > \n / h t m l > \n ", "edition": 4, "reporter": "Oracle", "published": "2017-08-23T00:00:00", "title": "Unbreakable Enterprise kernel security update", "type": "oraclelinux", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-10208", "CVE-2016-9604", "CVE-2017-7895", "CVE-2017-7184", "CVE-2016-7910", "CVE-2017-1000380", "CVE-2016-8399", "CVE-2016-6213", "CVE-2017-9059", "CVE-2017-9074", "CVE-2016-10088", "CVE-2017-7645", "CVE-2017-9242", "CVE-2017-7273", "CVE-2016-10200", "CVE-2017-2636", "CVE-2017-2671", "CVE-2017-7533", "CVE-2017-2583", "CVE-2017-6214", "CVE-2017-1000364", "CVE-2017-7308", "CVE-2017-6345", "CVE-2017-5669", "CVE-2017-12134", "CVE-2017-5986", "CVE-2016-10229", "CVE-2017-7477", "CVE-2016-1576", "CVE-2017-1000363", "CVE-2017-7187", "CVE-2017-9077", "CVE-2016-1575", "CVE-2016-9644", "CVE-2017-1000365", "CVE-2017-8890", "CVE-2017-8797", "CVE-2017-6347"], "modified": "2017-08-23T00:00:00", "id": "ELSA-2017-3609", "href": "http://linux.oracle.com/errata/ELSA-2017-3609.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cloudfoundry": [{"lastseen": "2018-09-07T03:25:44", "references": [], "description": "# \n\n# **Severity**\n\nHigh\n\n# **Vendor**\n\nCanonical Ubuntu\n\n# **Versions Affected**\n\n * Canonical Ubuntu 14.04 LTS\n\n# **Description**\n\nIt was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. ([CVE-2016-10088](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10088>)) \n \nCAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service (system hang). ([CVE-2016-9191](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9191>)) \n \nJim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash). ([CVE-2016-9588](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9588>)) \n \nAndy Lutomirski and Willy Tarreau discovered that the KVM implementation in the Linux kernel did not properly emulate instructions on the SS segment register. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash) or possibly gain administrative privileges in the guest OS. ([CVE-2017-2583](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-2583>)) \n \nDmitry Vyukov discovered that the KVM implementation in the Linux kernel improperly emulated certain instructions. A local attacker could use this to obtain sensitive information (kernel memory). ([CVE-2017-2584](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-2584>)) \n \nIt was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in the Linux kernel did not properly initialize memory related to logging. A local attacker could use this to expose sensitive information (kernel memory). ([CVE-2017-5549](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-5549>)) \n \nAndrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. ([CVE-2017-6074](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-6074>))\n\n# **Affected Cloud Foundry Products and Versions**\n\n_Severity is high unless otherwise noted._\n\n * Cloud Foundry BOSH stemcells are vulnerable, including:\n * 3151.x versions prior to 3151.11\n * 3233.x versions prior to 3233.14\n * 3263.x versions prior to 3263.20\n * 3312.x versions prior to 3312.20\n * 3363.x versions prior to 3363.9\n\n# **Mitigation**\n\nOSS users are strongly encouraged to follow one of the mitigations below:\n\n * The Cloud Foundry team recommends upgrading to the following BOSH stemcells:\n * Upgrade 3151.x versions to 3151.11\n * Upgrade 3233.x versions to 3233.14\n * Upgrade 3263.x versions to 3263.20\n * Upgrade 3312.x versions to 3312.20\n * Upgrade 3363.x versions to 3363.9\n\n# **References**\n\n * [https://www.ubuntu.com/usn/usn-3208-2/](<https://www.ubuntu.com/usn/usn-3208-2/>)\n * [CVE-2016-10088](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-10088>)\n * [CVE-2016-9191](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9191>)\n * [CVE-2016-9588](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2016-9588>)\n * [CVE-2017-2583](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-2583>)\n * [CVE-2017-2584](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-2584>)\n * [CVE-2017-5549](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-5549>)\n * [CVE-2017-6074](<http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-6074>)\n", "edition": 4, "reporter": "Cloud Foundry", "published": "2017-03-01T00:00:00", "title": "USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2016-10088", "CVE-2017-2583", "CVE-2016-9588", "CVE-2017-5549"], "modified": "2017-03-01T00:00:00", "id": "CFOUNDRY:59BA3F002F833C86F9D716E2A3575DCB", "href": "https://www.cloudfoundry.org/blog/usn-3208-2/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:38", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5549", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6074", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9191", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2583", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2584", "https://usn.ubuntu.com/usn/usn-3208-1", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9588", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10088"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.64.50", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-smp-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-64.85~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-64.85~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.64.50", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lpae-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.64.50", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-lowlatency-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.64.50", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-emb-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-64.85~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-64.85~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-64.85~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-64.85~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0-64.85~14.04.1", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.64.50", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-e500mc-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.64.50", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-smp-lts-xenial", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "4.4.0.64.50", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lts-xenial", "operator": "lt"}], "description": "USN-3208-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nIt was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-10088)\n\nCAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service (system hang). (CVE-2016-9191)\n\nJim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash). (CVE-2016-9588)\n\nAndy Lutomirski and Willy Tarreau discovered that the KVM implementation in the Linux kernel did not properly emulate instructions on the SS segment register. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash) or possibly gain administrative privileges in the guest OS. (CVE-2017-2583)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel improperly emulated certain instructions. A local attacker could use this to obtain sensitive information (kernel memory). (CVE-2017-2584)\n\nIt was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in the Linux kernel did not properly initialize memory related to logging. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-5549)\n\nAndrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2017-6074)", "edition": 3, "reporter": "Ubuntu", "published": "2017-02-22T00:00:00", "title": "Linux kernel (Xenial HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2016-10088", "CVE-2017-2583", "CVE-2016-9588", "CVE-2017-5549"], "modified": "2017-02-22T00:00:00", "id": "USN-3208-2", "href": "https://usn.ubuntu.com/3208-2/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:10:25", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5549", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6074", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9191", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2583", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2584", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9588", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10088"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-emb - 4.4.0.64.68", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-lowlatency - 4.4.0.64.68", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-smp - 4.4.0.64.68", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-64.85", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-64.85", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lpae - 4.4.0.64.68", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-64.85", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-snapdragon - 4.4.0.1048.40", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-64.85", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-64.85", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-1048.52", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-1048-snapdragon", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-e500mc - 4.4.0.64.68", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic - 4.4.0.64.68", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-64.85", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "any", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-smp - 4.4.0.64.68", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.4.0-64.85", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.4.0-64-powerpc-smp", "operator": "lt"}], "description": "It was discovered that the generic SCSI block layer in the Linux kernel did not properly restrict write operations in certain situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2016-10088)\n\nCAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service (system hang). (CVE-2016-9191)\n\nJim Mattson discovered that the KVM implementation in the Linux kernel mismanages the #BP and #OF exceptions. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash). (CVE-2016-9588)\n\nAndy Lutomirski and Willy Tarreau discovered that the KVM implementation in the Linux kernel did not properly emulate instructions on the SS segment register. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash) or possibly gain administrative privileges in the guest OS. (CVE-2017-2583)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel improperly emulated certain instructions. A local attacker could use this to obtain sensitive information (kernel memory). (CVE-2017-2584)\n\nIt was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in the Linux kernel did not properly initialize memory related to logging. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-5549)\n\nAndrey Konovalov discovered a use-after-free vulnerability in the DCCP implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2017-6074)", "edition": 3, "reporter": "Ubuntu", "published": "2017-02-22T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-9191", "CVE-2017-2584", "CVE-2017-6074", "CVE-2016-10088", "CVE-2017-2583", "CVE-2016-9588", "CVE-2017-5549"], "modified": "2017-02-22T00:00:00", "id": "USN-3208-1", "href": "https://usn.ubuntu.com/3208-1/", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-05T20:18:46", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5897", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10881", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16531", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16538", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10877", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16526", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16529", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16532", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6345", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10208", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16644", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10940", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12233", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16645", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16643", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5549", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8831", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10124", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16535", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9984", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16533", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11473", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6348", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10021", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16650", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2583", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9985", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18255", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18270", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7518", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-1000204", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14991", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13406", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16527", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17558", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15649", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-1092", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16536", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2584", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16537", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-1093", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16914", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10087", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2671", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13405", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10675", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16911", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16913", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13094", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16912", "https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10323", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7645", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11472"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-157.207", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-157-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-157.207", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-157-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0.157.167", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-157.207", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-157-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0.157.167", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-e500", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-157.207", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-157-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0.157.167", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0.157.167", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0.157.167", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-157.207", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-157-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-157.207", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-157-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0.157.167", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc-e500mc", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0.157.167", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-emb", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-157.207", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-157-powerpc64-smp", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0-157.207", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-3.13.0-157-powerpc-e500", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "14.04", "packageVersion": "3.13.0.157.167", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-powerpc64-smp", "operator": "lt"}], "description": "Ralf Spenneberg discovered that the ext4 implementation in the Linux kernel did not properly validate meta block groups. An attacker with physical access could use this to specially craft an ext4 image that causes a denial of service (system crash). (CVE-2016-10208)\n\nIt was discovered that an information disclosure vulnerability existed in the ACPI implementation of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory addresses). (CVE-2017-11472)\n\nIt was discovered that a buffer overflow existed in the ACPI table parsing implementation in the Linux kernel. A local attacker could use this to construct a malicious ACPI table that, when loaded, caused a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-11473)\n\nIt was discovered that the generic SCSI driver in the Linux kernel did not properly initialize data returned to user space in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-14991)\n\nIt was discovered that a race condition existed in the packet fanout implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-15649)\n\nAndrey Konovalov discovered that the Ultra Wide Band driver in the Linux kernel did not properly check for an error condition. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16526)\n\nAndrey Konovalov discovered that the ALSA subsystem in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16527)\n\nAndrey Konovalov discovered that the ALSA subsystem in the Linux kernel did not properly validate USB audio buffer descriptors. A physically proximate attacker could use this cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16529)\n\nAndrey Konovalov discovered that the USB subsystem in the Linux kernel did not properly validate USB interface association descriptors. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16531)\n\nAndrey Konovalov discovered that the usbtest device driver in the Linux kernel did not properly validate endpoint metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16532)\n\nAndrey Konovalov discovered that the USB subsystem in the Linux kernel did not properly validate USB HID descriptors. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16533)\n\nAndrey Konovalov discovered that the USB subsystem in the Linux kernel did not properly validate USB BOS metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16535)\n\nAndrey Konovalov discovered that the Conexant cx231xx USB video capture driver in the Linux kernel did not properly validate interface descriptors. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16536)\n\nAndrey Konovalov discovered that the SoundGraph iMON USB driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16537)\n\nIt was discovered that the DM04/QQBOX USB driver in the Linux kernel did not properly handle device attachment and warm-start. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16538)\n\nAndrey Konovalov discovered an out-of-bounds read in the GTCO digitizer USB driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16643)\n\nAndrey Konovalov discovered that the video4linux driver for Hauppauge HD PVR USB devices in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16644)\n\nAndrey Konovalov discovered that the IMS Passenger Control Unit USB driver in the Linux kernel did not properly validate device descriptors. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16645)\n\nAndrey Konovalov discovered that the QMI WWAN USB driver did not properly validate device descriptors. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-16650)\n\nIt was discovered that the USB Virtual Host Controller Interface (VHCI) driver in the Linux kernel contained an information disclosure vulnerability. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2017-16911)\n\nIt was discovered that the USB over IP implementation in the Linux kernel did not validate endpoint numbers. A remote attacker could use this to cause a denial of service (system crash). (CVE-2017-16912)\n\nIt was discovered that the USB over IP implementation in the Linux kernel did not properly validate CMD_SUBMIT packets. A remote attacker could use this to cause a denial of service (excessive memory consumption). (CVE-2017-16913)\n\nIt was discovered that the USB over IP implementation in the Linux kernel contained a NULL pointer dereference error. A remote attacker could use this to cause a denial of service (system crash). (CVE-2017-16914)\n\nIt was discovered that the core USB subsystem in the Linux kernel did not validate the number of configurations and interfaces in a device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-17558)\n\nIt was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-18255)\n\nIt was discovered that the keyring subsystem in the Linux kernel did not properly prevent a user from creating keyrings for other users. A local attacker could use this cause a denial of service or expose sensitive information. (CVE-2017-18270)\n\nAndy Lutomirski and Willy Tarreau discovered that the KVM implementation in the Linux kernel did not properly emulate instructions on the SS segment register. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash) or possibly gain administrative privileges in the guest OS. (CVE-2017-2583)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel improperly emulated certain instructions. A local attacker could use this to obtain sensitive information (kernel memory). (CVE-2017-2584)\n\nIt was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in the Linux kernel did not properly initialize memory related to logging. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-5549)\n\nAndrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation (GRE) tunneling implementation in the Linux kernel. An attacker could use this to possibly expose sensitive information. (CVE-2017-5897)\n\nAndrey Konovalov discovered that the LLC subsytem in the Linux kernel did not properly set up a destructor in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-6345)\n\nDmitry Vyukov discovered race conditions in the Infrared (IrDA) subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (deadlock). (CVE-2017-6348)\n\nAndy Lutomirski discovered that the KVM implementation in the Linux kernel was vulnerable to a debug exception error when single-stepping through a syscall. A local attacker in a non-Linux guest vm could possibly use this to gain administrative privileges in the guest vm. (CVE-2017-7518)\n\nTuomas Haanp\u221a\u00a7\u221a\u00a7 and Ari Kauppi discovered that the NFSv2 and NFSv3 server implementations in the Linux kernel did not properly handle certain long RPC replies. A remote attacker could use this to cause a denial of service (system crash). (CVE-2017-7645)\n\nPengfei Wang discovered that a race condition existed in the NXP SAA7164 TV Decoder driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-8831)\n\nPengfei Wang discovered that the Turtle Beach MultiSound audio device driver in the Linux kernel contained race conditions when fetching from the ring-buffer. A local attacker could use this to cause a denial of service (infinite loop). (CVE-2017-9984, CVE-2017-9985)\n\nIt was discovered that the wait4() system call in the Linux kernel did not properly validate its arguments in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2018-10087)\n\nIt was discovered that the kill() system call implementation in the Linux kernel did not properly validate its arguments in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2018-10124)\n\nWen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10323)\n\nZhong Jiang discovered that a use-after-free vulnerability existed in the NUMA memory policy implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10675)\n\nWen Xu discovered that a buffer overflow existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10877)\n\nWen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly keep meta-data information consistent in some situations. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10881)\n\nWen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service (system crash) when mounted. (CVE-2018-1092)\n\nWen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service (system crash) when mounted. (CVE-2018-1093)\n\nIt was discovered that the cdrom driver in the Linux kernel contained an incorrect bounds check. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-10940)\n\nShankara Pailoor discovered that the JFS filesystem implementation in the Linux kernel contained a buffer overflow when handling extended attributes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-12233)\n\nWen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly handle an error condition with a corrupted xfs image. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-13094)\n\nIt was discovered that the Linux kernel did not properly handle setgid file creation when performed by a non-member of the group. A local attacker could use this to gain elevated privileges. (CVE-2018-13405)\n\nSilvio Cesare discovered that the generic VESA frame buffer driver in the Linux kernel contained an integer overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-13406)\n\nDaniel Jiang discovered that a race condition existed in the ipv4 ping socket implementation in the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2017-2671)\n\nIt was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-1000204)\n\nIt was discovered that a memory leak existed in the Serial Attached SCSI (SAS) implementation in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-10021)", "edition": 1, "reporter": "Ubuntu", "published": "2018-08-24T00:00:00", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"modified": "2018-09-05T20:18:46", "vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-10208", "CVE-2018-10021", "CVE-2017-18255", "CVE-2018-10877", "CVE-2017-17558", "CVE-2017-2584", "CVE-2018-10940", "CVE-2017-16913", "CVE-2018-13405", "CVE-2017-14991", "CVE-2017-7518", "CVE-2018-13406", "CVE-2017-15649", "CVE-2017-7645", "CVE-2017-16912", "CVE-2017-16532", "CVE-2017-9984", "CVE-2018-10881", "CVE-2017-16535", "CVE-2017-11472", "CVE-2017-16537", "CVE-2017-8831", "CVE-2017-2671", "CVE-2017-11473", "CVE-2017-16527", "CVE-2017-6348", "CVE-2018-10675", "CVE-2017-2583", "CVE-2017-16526", "CVE-2017-16533", "CVE-2017-16536", "CVE-2017-9985", "CVE-2017-16911", "CVE-2018-1000204", "CVE-2017-18270", "CVE-2018-1093", "CVE-2017-16529", "CVE-2017-6345", "CVE-2017-16650", "CVE-2017-16643", "CVE-2018-10323", "CVE-2017-16531", "CVE-2018-12233", "CVE-2017-16538", "CVE-2018-10087", "CVE-2017-16644", "CVE-2018-10124", "CVE-2018-1092", "CVE-2017-5897", "CVE-2017-5549", "CVE-2017-16914", "CVE-2018-13094", "CVE-2017-16645"], "modified": "2018-08-24T00:00:00", "id": "USN-3754-1", "href": "https://usn.ubuntu.com/3754-1/", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T00:09:20", "references": ["https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5897", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7889", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2618", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6001", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9083", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5550", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6345", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10208", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9755", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9604", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9084", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5669", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8925", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5549", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9191", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5546", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6214", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6348", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2583", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8636", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7618", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7895", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7472", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6347", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5576", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5970", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2584", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6346", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7187", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2596", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-2671", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8924", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-5551", "https://people.canonical.com/~ubuntu-security/cve/CVE-2015-1350", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7616", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9150", "https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8405", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7645", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7261", "https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7273"], "affectedPackage": [{"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.10.0-27.30~16.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.10.0-27-lowlatency", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.10.0-27.30~16.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.10.0-27-generic", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.10.0.27.30", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-lowlatency-hwe-16.04", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.10.0.27.30", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-lpae-hwe-16.04", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.10.0-27.30~16.04.2", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-4.10.0-27-generic-lpae", "operator": "lt"}, {"OS": "Ubuntu", "OSVersion": "16.04", "packageVersion": "4.10.0.27.30", "arch": "noarch", "packageFilename": "UNKNOWN", "packageName": "linux-image-generic-hwe-16.04", "operator": "lt"}], "description": "USN-3358-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Please note that this update changes the Linux HWE kernel to the 4.10 based kernel from Ubuntu 17.04, superseding the 4.8 based HWE kernel from Ubuntu 16.10.\n\nBen Harris discovered that the Linux kernel would strip extended privilege attributes of files when performing a failed unprivileged system call. A local attacker could use this to cause a denial of service. (CVE-2015-1350)\n\nRalf Spenneberg discovered that the ext4 implementation in the Linux kernel did not properly validate meta block groups. An attacker with physical access could use this to specially craft an ext4 image that causes a denial of service (system crash). (CVE-2016-10208)\n\nPeter Pi discovered that the colormap handling for frame buffer devices in the Linux kernel contained an integer overflow. A local attacker could use this to disclose sensitive information (kernel memory). (CVE-2016-8405)\n\nIt was discovered that an integer overflow existed in the InfiniBand RDMA over ethernet (RXE) transport implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-8636)\n\nVlad Tsyrklevich discovered an integer overflow vulnerability in the VFIO PCI driver for the Linux kernel. A local attacker with access to a vfio PCI device file could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-9083, CVE-2016-9084)\n\nCAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service (system hang). (CVE-2016-9191)\n\nIt was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. (CVE-2016-9604)\n\nDmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the netfiler subsystem in the Linux kernel mishandled IPv6 packet reassembly. A local user could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-9755)\n\nAndy Lutomirski and Willy Tarreau discovered that the KVM implementation in the Linux kernel did not properly emulate instructions on the SS segment register. A local attacker in a guest virtual machine could use this to cause a denial of service (guest OS crash) or possibly gain administrative privileges in the guest OS. (CVE-2017-2583)\n\nDmitry Vyukov discovered that the KVM implementation in the Linux kernel improperly emulated certain instructions. A local attacker could use this to obtain sensitive information (kernel memory). (CVE-2017-2584)\n\nDmitry Vyukov discovered that KVM implementation in the Linux kernel improperly emulated the VMXON instruction. A local attacker in a guest OS could use this to cause a denial of service (memory consumption) in the host OS. (CVE-2017-2596)\n\nIt was discovered that SELinux in the Linux kernel did not properly handle empty writes to /proc/pid/attr. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-2618)\n\nDaniel Jiang discovered that a race condition existed in the ipv4 ping socket implementation in the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2017-2671)\n\nIt was discovered that the freelist-randomization in the SLAB memory allocator allowed duplicate freelist entries. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-5546)\n\nIt was discovered that the KLSI KL5KUSB105 serial-to-USB device driver in the Linux kernel did not properly initialize memory related to logging. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-5549)\n\nIt was discovered that a fencepost error existed in the pipe_advance() function in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-5550)\n\nIt was discovered that the Linux kernel did not clear the setgid bit during a setxattr call on a tmpfs filesystem. A local attacker could use this to gain elevated group privileges. (CVE-2017-5551)\n\nMurray McAllister discovered that an integer overflow existed in the VideoCore DRM driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-5576)\n\nGareth Evans discovered that the shm IPC subsystem in the Linux kernel did not properly restrict mapping page zero. A local privileged attacker could use this to execute arbitrary code. (CVE-2017-5669)\n\nAndrey Konovalov discovered an out-of-bounds access in the IPv6 Generic Routing Encapsulation (GRE) tunneling implementation in the Linux kernel. An attacker could use this to possibly expose sensitive information. (CVE-2017-5897)\n\nAndrey Konovalov discovered that the IPv4 implementation in the Linux kernel did not properly handle invalid IP options in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2017-5970)\n\nDi Shen discovered that a race condition existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2017-6001)\n\nDmitry Vyukov discovered that the Linux kernel did not properly handle TCP packets with the URG flag. A remote attacker could use this to cause a denial of service. (CVE-2017-6214)\n\nAndrey Konovalov discovered that the LLC subsytem in the Linux kernel did not properly set up a destructor in certain situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-6345)\n\nIt was discovered that a race condition existed in the AF_PACKET handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-6346)\n\nAndrey Konovalov discovered that the IP layer in the Linux kernel made improper assumptions about internal data layout when performing checksums. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-6347)\n\nDmitry Vyukov discovered race conditions in the Infrared (IrDA) subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (deadlock). (CVE-2017-6348)\n\nDmitry Vyukov discovered that the generic SCSI (sg) subsystem in the Linux kernel contained a stack-based buffer overflow. A local attacker with access to an sg device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7187)\n\nIt was discovered that a NULL pointer dereference existed in the Direct Rendering Manager (DRM) driver for VMWare devices in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-7261)\n\nIt was discovered that the USB Cypress HID drivers for the Linux kernel did not properly validate reported information from the device. An attacker with physical access could use this to expose sensitive information (kernel memory). (CVE-2017-7273)\n\nEric Biggers discovered a memory leak in the keyring implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory consumption). (CVE-2017-7472)\n\nIt was discovered that an information leak existed in the set_mempolicy and mbind compat syscalls in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2017-7616)\n\nSabrina Dubroca discovered that the asynchronous cryptographic hash (ahash) implementation in the Linux kernel did not properly handle a full request queue. A local attacker could use this to cause a denial of service (infinite recursion). (CVE-2017-7618)\n\nTuomas Haanp\u00e4\u00e4 and Ari Kauppi discovered that the NFSv2 and NFSv3 server implementations in the Linux kernel did not properly handle certain long RPC replies. A remote attacker could use this to cause a denial of service (system crash). (CVE-2017-7645)\n\nTommi Rantala and Brad Spengler discovered that the memory manager in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism. A local attacker with access to /dev/mem could use this to expose sensitive information or possibly execute arbitrary code. (CVE-2017-7889)\n\nTuomas Haanp\u00e4\u00e4 and Ari Kauppi discovered that the NFSv2 and NFSv3 server implementations in the Linux kernel did not properly check for the end of buffer. A remote attacker could use this to craft requests that cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7895)\n\nIt was discovered that an integer underflow existed in the Edgeport USB Serial Converter device driver of the Linux kernel. An attacker with physical access could use this to expose sensitive information (kernel memory). (CVE-2017-8924)\n\nIt was discovered that the USB ZyXEL omni.net LCD PLUS driver in the Linux kernel did not properly perform reference counting. A local attacker could use this to cause a denial of service (tty exhaustion). (CVE-2017-8925)\n\nJann Horn discovered that bpf in Linux kernel does not restrict the output of the print_bpf_insn function. A local attacker could use this to obtain sensitive address information. (CVE-2017-9150)", "edition": 3, "reporter": "Ubuntu", "published": "2017-07-21T00:00:00", "title": "Linux kernel (HWE) vulnerabilities", "type": "ubuntu", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "bulletinFamily": "unix", "cvelist": ["CVE-2016-10208", "CVE-2017-7472", "CVE-2017-5576", "CVE-2016-9604", "CVE-2016-9191", "CVE-2017-7261", "CVE-2017-7895", "CVE-2017-2584", "CVE-2016-9084", "CVE-2017-7616", "CVE-2017-7889", "CVE-2017-6001", "CVE-2017-7618", "CVE-2017-7645", "CVE-2017-5970", "CVE-2017-7273", "CVE-2017-5551", "CVE-2017-2671", "CVE-2017-5550", "CVE-2017-6348", "CVE-2016-8636", "CVE-2017-2583", "CVE-2017-8924", "CVE-2017-6214", "CVE-2017-9150", "CVE-2015-1350", "CVE-2016-9083", "CVE-2017-6345", "CVE-2017-5669", "CVE-2017-5546", "CVE-2016-8405", "CVE-2017-8925", "CVE-2017-6346", "CVE-2017-2596", "CVE-2017-7187", "CVE-2017-2618", "CVE-2017-6347", "CVE-2017-5897", "CVE-2017-5549", "CVE-2016-9755"], "modified": "2017-07-21T00:00:00", "id": "USN-3361-1", "href": "https://usn.ubuntu.com/3361-1/", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "suse": [{"lastseen": "2017-02-28T23:11:36", "references": ["https://bugzilla.suse.com/1016250", "https://bugzilla.suse.com/1021082", "https://bugzilla.suse.com/1018913", "https://bugzilla.suse.com/1012422", "https://bugzilla.suse.com/1013540", "https://bugzilla.suse.com/1006472", "https://bugzilla.suse.com/1016517", "https://bugzilla.suse.com/1019631", "https://bugzilla.suse.com/1019784", "https://bugzilla.suse.com/1024234", "https://bugzilla.suse.com/1021260", "https://bugzilla.suse.com/1016403", "https://bugzilla.suse.com/1020048", "https://bugzilla.suse.com/1015840", "https://bugzilla.suse.com/1016979", "https://bugzilla.suse.com/1005918", "https://bugzilla.suse.com/959709", "https://bugzilla.suse.com/1020488", "https://bugzilla.suse.com/1009718", "https://bugzilla.suse.com/1019630", "https://bugzilla.suse.com/971975", "https://bugzilla.suse.com/989056", "https://bugzilla.suse.com/1009546", "https://bugzilla.suse.com/921494", "https://bugzilla.suse.com/1022304", "https://bugzilla.suse.com/1021248", "https://bugzilla.suse.com/1023175", "https://bugzilla.suse.com/1013994", "https://bugzilla.suse.com/1010612", "https://bugzilla.suse.com/1017164", "https://bugzilla.suse.com/1021258", "https://bugzilla.suse.com/969476", "https://bugzilla.suse.com/1016884", "https://bugzilla.suse.com/1022559", "https://bugzilla.suse.com/1019061", "https://bugzilla.suse.com/1019851", "https://bugzilla.suse.com/1010690", "https://bugzilla.suse.com/1019168", "https://bugzilla.suse.com/1020945", "https://bugzilla.suse.com/1022971", "https://bugzilla.suse.com/1020214", "https://bugzilla.suse.com/1019351", "https://bugzilla.suse.com/1013000", "https://bugzilla.suse.com/1012382", "https://bugzilla.suse.com/1023762", "https://bugzilla.suse.com/982783", "https://bugzilla.suse.com/998106", "https://bugzilla.suse.com/1017170", "https://bugzilla.suse.com/1020602", "https://bugzilla.suse.com/1024081", "https://bugzilla.suse.com/1007729", "https://bugzilla.suse.com/1003077", "https://bugzilla.suse.com/1018813", "https://bugzilla.suse.com/1020817", "https://bugzilla.suse.com/1020975", "https://bugzilla.suse.com/1008742", "https://bugzilla.suse.com/1012829", "https://bugzilla.suse.com/1019260", "https://bugzilla.suse.com/1023888", "https://bugzilla.suse.com/1022547", "https://bugzilla.suse.com/987192", "https://bugzilla.suse.com/1014410", "https://bugzilla.suse.com/1013001", "https://bugzilla.suse.com/1022429", "https://bugzilla.suse.com/1019148", "https://bugzilla.suse.com/1023884", "https://bugzilla.suse.com/1020685", "https://bugzilla.suse.com/985561", "https://bugzilla.suse.com/1024938", "https://bugzilla.suse.com/1009911", "https://bugzilla.suse.com/1011602", "https://bugzilla.suse.com/1011660", "https://bugzilla.suse.com/1021474", "https://bugzilla.suse.com/1023101", "https://bugzilla.suse.com/1021455", "https://bugzilla.suse.com/1021294", "https://bugzilla.suse.com/991273", "https://bugzilla.suse.com/1000619", "https://bugzilla.suse.com/1014120", "https://bugzilla.suse.com/1018358", "https://bugzilla.suse.com/974215", "https://bugzilla.suse.com/1019594", "https://bugzilla.suse.com/1013273", "https://bugzilla.suse.com/964944", "https://bugzilla.suse.com/1015367", "https://bugzilla.suse.com/969479", "https://bugzilla.suse.com/1006469", "https://bugzilla.suse.com/1021251", "https://bugzilla.suse.com/981709", "https://bugzilla.suse.com/1018446", "https://bugzilla.suse.com/969477", "https://bugzilla.suse.com/1009674", "https://bugzilla.suse.com/1015038", "https://bugzilla.suse.com/1022476", "https://bugzilla.suse.com/1013792", "https://bugzilla.suse.com/1017410", "https://bugzilla.suse.com/1011913", "https://bugzilla.suse.com/1012910", "https://bugzilla.suse.com/1010933", "https://bugzilla.suse.com/987576", "https://bugzilla.suse.com/1018316", "https://bugzilla.suse.com/1011176", "https://bugzilla.suse.com/1025235", "https://bugzilla.suse.com/1000092", "https://bugzilla.suse.com/1018100", "https://bugzilla.suse.com/1024508"], "affectedPackage": [{"OS": "OpenStack Cloud Magnum Orchestration", "OSVersion": "7", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-obs-build", "packageFilename": "kernel-obs-build-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-source", "packageFilename": "kernel-source-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "ocfs2-kmp-default", "packageFilename": "ocfs2-kmp-default-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "kernel-obs-build-debugsource", "packageFilename": "kernel-obs-build-debugsource-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "cluster-network-kmp-default", "packageFilename": "cluster-network-kmp-default-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default", "packageFilename": "kernel-default-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "OpenStack Cloud Magnum Orchestration", "OSVersion": "7", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "dlm-kmp-default-debuginfo", "packageFilename": "dlm-kmp-default-debuginfo-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-extra", "packageFilename": "kernel-default-extra-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-source", "packageFilename": "kernel-source-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-syms", "packageFilename": "kernel-syms-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "cluster-md-kmp-default-debuginfo", "packageFilename": "cluster-md-kmp-default-debuginfo-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-source", "packageFilename": "kernel-source-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "cluster-network-kmp-default", "packageFilename": "cluster-network-kmp-default-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "cluster-md-kmp-default-debuginfo", "packageFilename": "cluster-md-kmp-default-debuginfo-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "ocfs2-kmp-default", "packageFilename": "ocfs2-kmp-default-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-obs-build-debugsource", "packageFilename": "kernel-obs-build-debugsource-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-syms", "packageFilename": "kernel-syms-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-macros", "packageFilename": "kernel-macros-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "cluster-network-kmp-default-debuginfo", "packageFilename": "cluster-network-kmp-default-debuginfo-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "cluster-md-kmp-default", "packageFilename": "cluster-md-kmp-default-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "ocfs2-kmp-default-debuginfo", "packageFilename": "ocfs2-kmp-default-debuginfo-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "cluster-network-kmp-default-debuginfo", "packageFilename": "cluster-network-kmp-default-debuginfo-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Workstation Extension", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-extra-debuginfo", "packageFilename": "kernel-default-extra-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "cluster-network-kmp-default-debuginfo", "packageFilename": "cluster-network-kmp-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-obs-build", "packageFilename": "kernel-obs-build-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "gfs2-kmp-default", "packageFilename": "gfs2-kmp-default-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "cluster-md-kmp-default", "packageFilename": "cluster-md-kmp-default-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default", "packageFilename": "kernel-default-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Live Patching", "OSVersion": "12", "packageVersion": "6.1", "arch": "x86_64", "packageName": "kgraft-patch-4_4_49-92_11-default-1", "packageFilename": "kgraft-patch-4_4_49-92_11-default-1-6.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.3", "arch": "noarch", "packageName": "kernel-docs", "packageFilename": "kernel-docs-4.4.49-92.11.3.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-obs-build-debugsource", "packageFilename": "kernel-obs-build-debugsource-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "gfs2-kmp-default", "packageFilename": "gfs2-kmp-default-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "dlm-kmp-default-debuginfo", "packageFilename": "dlm-kmp-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "dlm-kmp-default-debuginfo", "packageFilename": "dlm-kmp-default-debuginfo-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-extra-debuginfo", "packageFilename": "kernel-default-extra-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-macros", "packageFilename": "kernel-macros-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-devel", "packageFilename": "kernel-devel-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-base-debuginfo", "packageFilename": "kernel-default-base-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "gfs2-kmp-default-debuginfo", "packageFilename": "gfs2-kmp-default-debuginfo-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "gfs2-kmp-default-debuginfo", "packageFilename": "gfs2-kmp-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-syms", "packageFilename": "kernel-syms-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "cluster-md-kmp-default-debuginfo", "packageFilename": "cluster-md-kmp-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-obs-build-debugsource", "packageFilename": "kernel-obs-build-debugsource-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-default-base-debuginfo", "packageFilename": "kernel-default-base-debuginfo-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "dlm-kmp-default", "packageFilename": "dlm-kmp-default-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-devel", "packageFilename": "kernel-devel-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-syms", "packageFilename": "kernel-syms-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "dlm-kmp-default", "packageFilename": "dlm-kmp-default-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "gfs2-kmp-default-debuginfo", "packageFilename": "gfs2-kmp-default-debuginfo-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "cluster-md-kmp-default", "packageFilename": "cluster-md-kmp-default-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default", "packageFilename": "kernel-default-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-base-debuginfo", "packageFilename": "kernel-default-base-debuginfo-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-default", "packageFilename": "kernel-default-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default", "packageFilename": "kernel-default-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "ocfs2-kmp-default-debuginfo", "packageFilename": "ocfs2-kmp-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "cluster-network-kmp-default", "packageFilename": "cluster-network-kmp-default-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "kernel-obs-build", "packageFilename": "kernel-obs-build-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-devel", "packageFilename": "kernel-default-devel-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "ocfs2-kmp-default", "packageFilename": "ocfs2-kmp-default-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-devel", "packageFilename": "kernel-devel-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-base-debuginfo", "packageFilename": "kernel-default-base-debuginfo-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Software Development Kit", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-obs-build", "packageFilename": "kernel-obs-build-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "gfs2-kmp-default", "packageFilename": "gfs2-kmp-default-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "ocfs2-kmp-default-debuginfo", "packageFilename": "ocfs2-kmp-default-debuginfo-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "OpenStack Cloud Magnum Orchestration", "OSVersion": "7", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default", "packageFilename": "kernel-default-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server for Raspberry Pi", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-syms", "packageFilename": "kernel-syms-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "aarch64", "packageName": "kernel-default-base", "packageFilename": "kernel-default-base-4.4.49-92.11.1.aarch64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Desktop", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "noarch", "packageName": "kernel-macros", "packageFilename": "kernel-macros-4.4.49-92.11.1.noarch.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "s390x", "packageName": "dlm-kmp-default", "packageFilename": "dlm-kmp-default-4.4.49-92.11.1.s390x.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debuginfo", "packageFilename": "kernel-default-debuginfo-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise Server", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "x86_64", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.x86_64.rpm", "operator": "lt"}, {"OS": "SUSE Linux Enterprise High Availability", "OSVersion": "12.2", "packageVersion": "4.4.49-92.11.1", "arch": "ppc64le", "packageName": "kernel-default-debugsource", "packageFilename": "kernel-default-debugsource-4.4.49-92.11.1.ppc64le.rpm", "operator": "lt"}], "edition": 1, "description": "The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.49 to receive\n various security and bugfixes.\n\n\n The following security bugs were fixed:\n\n - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg\n function in net/socket.c in the Linux kernel allowed remote attackers to\n execute arbitrary code via vectors involving a recvmmsg system call that\n was mishandled during error processing (bnc#1003077).\n - CVE-2017-5576: Integer overflow in the vc4_get_bcl function in\n drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux\n kernel allowed local users to cause a denial of service or possibly have\n unspecified\n other impact via a crafted size value in a VC4_SUBMIT_CL ioctl call\n (bnc#1021294).\n - CVE-2017-5577: The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c\n in the VideoCore DRM driver in the Linux kernel did not set an errno\n value upon certain overflow detections, which allowed local users to\n cause a denial of service (incorrect pointer dereference and OOPS) via\n inconsistent size values in a VC4_SUBMIT_CL ioctl call (bnc#1021294).\n - CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the\n Linux kernel preserved the setgid bit during a setxattr call involving a\n tmpfs filesystem, which allowed local users to gain group privileges by\n leveraging the existence of a setgid program with restrictions on\n execute permissions. (bnc#1021258).\n - CVE-2017-2583: The load_segment_descriptor implementation in\n arch/x86/kvm/emulate.c in the Linux kernel improperly emulated a &quot;MOV\n SS, NULL selector&quot; instruction, which allowed guest OS users to cause a\n denial of service (guest OS crash) or gain guest OS privileges via a\n crafted application (bnc#1020602).\n - CVE-2017-2584: arch/x86/kvm/emulate.c in the Linux kernel allowed local\n users to obtain sensitive information from kernel memory or cause a\n denial of service (use-after-free) via a crafted application that\n leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt\n (bnc#1019851).\n - CVE-2015-8709: kernel/ptrace.c in the Linux kernel mishandled uid and\n gid mappings, which allowed local users to gain privileges by\n establishing a user namespace, waiting for a root process to enter that\n namespace with an unsafe uid or gid, and then using the ptrace system\n call. NOTE: the vendor states &quot;there is no kernel bug here&quot;\n (bnc#1010933).\n - CVE-2016-9806: Race condition in the netlink_dump function in\n net/netlink/af_netlink.c in the Linux kernel allowed local users to\n cause a denial of service (double free) or possibly have unspecified\n other impact via a crafted application that made sendmsg system calls,\n leading to a free\n operation associated with a new dump that started earlier than\n anticipated (bnc#1013540).\n - CVE-2017-5897: fixed a bug in the Linux kernel IPv6 implementation which\n allowed remote attackers to trigger an out-of-bounds access, leading to\n a denial-of-service attack (bnc#1023762).\n - CVE-2017-5970: Fixed a possible denial-of-service that could have been\n triggered by sending bad IP options on a socket (bsc#1024938).\n - CVE-2017-5986: an application could have triggered a BUG_ON() in\n sctp_wait_for_sndbuf() if the socket TX buffer was full, a thread was\n waiting\n on it to queue more data, and meanwhile another thread peeled off the\n association being used by the first thread (bsc#1025235).\n\n The following non-security bugs were fixed:\n\n - 8250: fintek: rename IRQ_MODE macro (boo#1009546).\n - acpi: nfit, libnvdimm: fix / harden ars_status output length handling\n (bsc#1023175).\n - acpi: nfit: fix bus vs dimm confusion in xlat_status (bsc#1023175).\n - acpi: nfit: validate ars_status output buffer size (bsc#1023175).\n - arm64: numa: fix incorrect log for memory-less node (bsc#1019631).\n - asoc: cht_bsw_rt5645: Fix leftover kmalloc (bsc#1010690).\n - asoc: rt5670: add HS ground control (bsc#1016250).\n - bcache: Make gc wakeup sane, remove set_task_state() (bsc#1021260).\n - bcache: partition support: add 16 minors per bcacheN device\n (bsc#1019784).\n - blk-mq: Allow timeouts to run while queue is freezing (bsc#1020817).\n - blk-mq: Always schedule hctx-&gt;next_cpu (bsc#1020817).\n - blk-mq: Avoid memory reclaim when remapping queues (bsc#1020817).\n - blk-mq: Fix failed allocation path when mapping queues (bsc#1020817).\n - blk-mq: do not overwrite rq-&gt;mq_ctx (bsc#1020817).\n - blk-mq: improve warning for running a queue on the wrong CPU\n (bsc#1020817).\n - block: Change extern inline to static inline (bsc#1023175).\n - bluetooth: btmrvl: fix hung task warning dump (bsc#1018813).\n - bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).\n - brcmfmac: Change error print on wlan0 existence (bsc#1000092).\n - btrfs: add support for RENAME_EXCHANGE and RENAME_WHITEOUT (bsc#1020975).\n - btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in\n btrfs_ioctl (bsc#1018100).\n - btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls\n (bsc#1018100).\n - btrfs: fix inode leak on failure to setup whiteout inode in rename\n (bsc#1020975).\n - btrfs: fix lockdep warning about log_mutex (bsc#1021455).\n - btrfs: fix lockdep warning on deadlock against an inode's log mutex\n (bsc#1021455).\n - btrfs: fix number of transaction units for renames with whiteout\n (bsc#1020975).\n - btrfs: increment ctx-&gt;pos for every emitted or skipped dirent in readdir\n (bsc#981709).\n - btrfs: incremental send, fix invalid paths for rename operations\n (bsc#1018316).\n - btrfs: incremental send, fix premature rmdir operations (bsc#1018316).\n - btrfs: pin log earlier when renaming (bsc#1020975).\n - btrfs: pin logs earlier when doing a rename exchange operation\n (bsc#1020975).\n - btrfs: remove old tree_root dirent processing in btrfs_real_readdir()\n (bsc#981709).\n - btrfs: send, add missing error check for calls to path_loop()\n (bsc#1018316).\n - btrfs: send, avoid incorrect leaf accesses when sending utimes\n operations (bsc#1018316).\n - btrfs: send, fix failure to move directories with the same name around\n (bsc#1018316).\n - btrfs: send, fix invalid leaf accesses due to incorrect utimes\n operations (bsc#1018316).\n - btrfs: send, fix warning due to late freeing of orphan_dir_info\n structures (bsc#1018316).\n - btrfs: test_check_exists: Fix infinite loop when searching for free\n space entries (bsc#987192).\n - btrfs: unpin log if rename operation fails (bsc#1020975).\n - btrfs: unpin logs if rename exchange operation fails (bsc#1020975).\n - ceph: fix bad endianness handling in parse_reply_info_extra\n (bsc#1020488).\n - clk: xgene: Add PMD clock (bsc#1019351).\n - clk: xgene: Do not call __pa on ioremaped address (bsc#1019351).\n - clk: xgene: Remove CLK_IS_ROOT (bsc#1019351).\n - config: enable CONFIG_OCFS2_DEBUG_MASKLOG for ocfs2 (bsc#1015038)\n - config: enable Ceph kernel client modules for ppc64le\n - config: enable Ceph kernel client modules for s390x\n - crypto: FIPS - allow tests to be disabled in FIPS mode (bsc#1018913).\n - crypto: drbg - do not call drbg_instantiate in healt test (bsc#1018913).\n - crypto: drbg - remove FIPS 140-2 continuous test (bsc#1018913).\n - crypto: qat - fix bar discovery for c62x (bsc#1021251).\n - crypto: qat - zero esram only for DH85x devices (bsc#1021248).\n - crypto: rsa - allow keys &gt;= 2048 bits in FIPS mode (bsc#1018913).\n - crypto: xts - consolidate sanity check for keys (bsc#1018913).\n - crypto: xts - fix compile errors (bsc#1018913).\n - cxl: fix potential NULL dereference in free_adapter() (bsc#1016517).\n - dax: fix deadlock with DAX 4k holes (bsc#1012829).\n - dax: fix device-dax region base (bsc#1023175).\n - device-dax: check devm_nsio_enable() return value (bsc#1023175).\n - device-dax: fail all private mapping attempts (bsc#1023175).\n - device-dax: fix percpu_ref_exit ordering (bsc#1023175).\n - driver core: fix race between creating/querying glue dir and its cleanup\n (bnc#1008742).\n - drivers: hv: Introduce a policy for controlling channel affinity.\n - drivers: hv: balloon: Add logging for dynamic memory operations.\n - drivers: hv: balloon: Disable hot add when CONFIG_MEMORY_HOTPLUG is not\n set.\n - drivers: hv: balloon: Fix info request to show max page count.\n - drivers: hv: balloon: Use available memory value in pressure report.\n - drivers: hv: balloon: account for gaps in hot add regions.\n - drivers: hv: balloon: keep track of where ha_region starts.\n - drivers: hv: balloon: replace ha_region_mutex with spinlock.\n - drivers: hv: cleanup vmbus_open() for wrap around mappings.\n - drivers: hv: do not leak memory in vmbus_establish_gpadl().\n - drivers: hv: get rid of id in struct vmbus_channel.\n - drivers: hv: get rid of redundant messagecount in create_gpadl_header().\n - drivers: hv: get rid of timeout in vmbus_open().\n - drivers: hv: make VMBus bus ids persistent.\n - drivers: hv: ring_buffer: count on wrap around mappings in\n get_next_pkt_raw() (v2).\n - drivers: hv: ring_buffer: use wrap around mappings in hv_copy{from,\n to}_ringbuffer().\n - drivers: hv: ring_buffer: wrap around mappings for ring buffers.\n - drivers: hv: utils: Check VSS daemon is listening before a hot backup.\n - drivers: hv: utils: Continue to poll VSS channel after handling requests.\n - drivers: hv: utils: Fix the mapping between host version and protocol to\n use.\n - drivers: hv: utils: reduce HV_UTIL_NEGO_TIMEOUT timeout.\n - drivers: hv: vmbus: Base host signaling strictly on the ring state.\n - drivers: hv: vmbus: Enable explicit signaling policy for NIC channels.\n - drivers: hv: vmbus