ID OPENVAS:1361412562310881118 Type openvas Reporter Copyright (c) 2012 Greenbone Networks GmbH Modified 2019-03-15T00:00:00
Description
The remote host is missing an update for the
###############################################################################
# OpenVAS Vulnerability Test
#
# CentOS Update for kernel CESA-2012:0350 centos6
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2012-March/018468.html");
script_oid("1.3.6.1.4.1.25623.1.0.881118");
script_version("$Revision: 14222 $");
script_tag(name:"last_modification", value:"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $");
script_tag(name:"creation_date", value:"2012-07-30 16:12:12 +0530 (Mon, 30 Jul 2012)");
script_cve_id("CVE-2011-4077", "CVE-2011-4081", "CVE-2011-4132", "CVE-2011-4347",
"CVE-2011-4594", "CVE-2011-4611", "CVE-2011-4622", "CVE-2012-0038",
"CVE-2012-0045", "CVE-2012-0207");
script_tag(name:"cvss_base", value:"7.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_xref(name:"CESA", value:"2012:0350");
script_name("CentOS Update for kernel CESA-2012:0350 centos6");
script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel'
package(s) announced via the referenced advisory.");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 Greenbone Networks GmbH");
script_family("CentOS Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS6");
script_tag(name:"affected", value:"kernel on CentOS 6");
script_tag(name:"solution", value:"Please install the updated packages.");
script_tag(name:"insight", value:"The kernel packages contain the Linux kernel, the core of any Linux
operating system.
This update fixes the following security issues:
* A buffer overflow flaw was found in the way the Linux kernel's XFS file
system implementation handled links with overly long path names. A local,
unprivileged user could use this flaw to cause a denial of service or
escalate their privileges by mounting a specially-crafted disk.
(CVE-2011-4077, Moderate)
* Flaws in ghash_update() and ghash_final() could allow a local,
unprivileged user to cause a denial of service. (CVE-2011-4081, Moderate)
* A flaw was found in the Linux kernel's Journaling Block Device (JBD). A
local, unprivileged user could use this flaw to crash the system by
mounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)
* It was found that the kvm_vm_ioctl_assign_device() function in the KVM
(Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if
the user requesting device assignment was privileged or not. A local,
unprivileged user on the host could assign unused PCI devices, or even
devices that were in use and whose resources were not properly claimed by
the respective drivers, which could result in the host crashing.
(CVE-2011-4347, Moderate)
* Two flaws were found in the way the Linux kernel's __sys_sendmsg()
function, when invoked via the sendmmsg() system call, accessed user-space
memory. A local, unprivileged user could use these flaws to cause a denial
of service. (CVE-2011-4594, Moderate)
* The RHSA-2011:1530 kernel update introduced an integer overflow flaw in
the Linux kernel. On PowerPC systems, a local, unprivileged user could use
this flaw to cause a denial of service. (CVE-2011-4611, Moderate)
* A flaw was found in the way the KVM subsystem of a Linux kernel handled
PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was
no virtual interrupt controller set up. A local, unprivileged user on the
host could force this situation to occur, resulting in the host crashing.
(CVE-2011-4622, Moderate)
* A flaw was found in the way the Linux kernel's XFS file system
implementation handled on-disk Access Control Lists (ACLs). A local,
unprivileged user could use this flaw to cause a denial of service or
escalate their privileges by mounting a specially-crafted disk.
(CVE-2012-0038, Moderate)
* A flaw was found in the way the Linux kernel's KVM hypervisor
implementation emulated the syscall instruction for 32-bit guests. An
unprivileged guest user could trigger this flaw to crash t ...
Description truncated, please see the referenced URL(s) for more information.");
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
if(release == "CentOS6")
{
if ((res = isrpmvuln(pkg:"kernel", rpm:"kernel~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug", rpm:"kernel-debug~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-debug-devel", rpm:"kernel-debug-devel~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-devel", rpm:"kernel-devel~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-doc", rpm:"kernel-doc~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-firmware", rpm:"kernel-firmware~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"kernel-headers", rpm:"kernel-headers~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"perf", rpm:"perf~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if ((res = isrpmvuln(pkg:"python-perf", rpm:"python-perf~2.6.32~220.7.1.el6", rls:"CentOS6")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99);
exit(0);
}
{"id": "OPENVAS:1361412562310881118", "type": "openvas", "bulletinFamily": "scanner", "title": "CentOS Update for kernel CESA-2012:0350 centos6", "description": "The remote host is missing an update for the ", "published": "2012-07-30T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881118", "reporter": "Copyright (c) 2012 Greenbone Networks GmbH", "references": ["http://lists.centos.org/pipermail/centos-announce/2012-March/018468.html", "2012:0350"], "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "lastseen": "2019-05-29T18:39:20", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["UBUNTU_USN-1302-1.NASL", "REDHAT-RHSA-2012-0350.NASL", "FEDORA_2012-0492.NASL", "ORACLELINUX_ELSA-2012-0350.NASL", "ORACLELINUX_ELSA-2012-2003.NASL", "REDHAT-RHSA-2012-0422.NASL", "CENTOS_RHSA-2012-0350.NASL", "SL_20120306_KERNEL_ON_SL6_X.NASL", "ALA_ALAS-2012-55.NASL", "UBUNTU_USN-1363-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310840910", "OPENVAS:1361412562310123959", "OPENVAS:870729", "OPENVAS:840934", "OPENVAS:1361412562310123956", "OPENVAS:881118", "OPENVAS:863931", "OPENVAS:1361412562310120412", "OPENVAS:1361412562310863931", "OPENVAS:1361412562310870729"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-0350", "ELSA-2012-0149", "ELSA-2012-2003"]}, {"type": "redhat", "idList": ["RHSA-2012:0422", "RHSA-2012:0350"]}, {"type": "amazon", "idList": ["ALAS-2011-022", "ALAS-2012-055"]}, {"type": "centos", "idList": ["CESA-2012:0350"]}, {"type": "cve", "idList": ["CVE-2011-4347", "CVE-2012-0038", "CVE-2012-0207", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2011-4611", "CVE-2011-4077", "CVE-2011-4594", "CVE-2011-4132"]}, {"type": "ubuntu", "idList": ["USN-1312-1", "USN-1363-1", "USN-1304-1", "USN-1300-1", "USN-1292-1", "USN-1356-1", "USN-1302-1", "USN-1301-1", "USN-1293-1"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12086", "SECURITYVULNS:DOC:27432"]}], "modified": "2019-05-29T18:39:20", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2019-05-29T18:39:20", "rev": 2}, "vulnersScore": 7.1}, "pluginID": "1361412562310881118", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2012:0350 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-March/018468.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881118\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:12:12 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\",\n \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\",\n \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2012:0350\");\n script_name(\"CentOS Update for kernel CESA-2012:0350 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"kernel on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A buffer overflow flaw was found in the way the Linux kernel's XFS file\n system implementation handled links with overly long path names. A local,\n unprivileged user could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially-crafted disk.\n (CVE-2011-4077, Moderate)\n\n * Flaws in ghash_update() and ghash_final() could allow a local,\n unprivileged user to cause a denial of service. (CVE-2011-4081, Moderate)\n\n * A flaw was found in the Linux kernel's Journaling Block Device (JBD). A\n local, unprivileged user could use this flaw to crash the system by\n mounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)\n\n * It was found that the kvm_vm_ioctl_assign_device() function in the KVM\n (Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if\n the user requesting device assignment was privileged or not. A local,\n unprivileged user on the host could assign unused PCI devices, or even\n devices that were in use and whose resources were not properly claimed by\n the respective drivers, which could result in the host crashing.\n (CVE-2011-4347, Moderate)\n\n * Two flaws were found in the way the Linux kernel's __sys_sendmsg()\n function, when invoked via the sendmmsg() system call, accessed user-space\n memory. A local, unprivileged user could use these flaws to cause a denial\n of service. (CVE-2011-4594, Moderate)\n\n * The RHSA-2011:1530 kernel update introduced an integer overflow flaw in\n the Linux kernel. On PowerPC systems, a local, unprivileged user could use\n this flaw to cause a denial of service. (CVE-2011-4611, Moderate)\n\n * A flaw was found in the way the KVM subsystem of a Linux kernel handled\n PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was\n no virtual interrupt controller set up. A local, unprivileged user on the\n host could force this situation to occur, resulting in the host crashing.\n (CVE-2011-4622, Moderate)\n\n * A flaw was found in the way the Linux kernel's XFS file system\n implementation handled on-disk Access Control Lists (ACLs). A local,\n unprivileged user could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially-crafted disk.\n (CVE-2012-0038, Moderate)\n\n * A flaw was found in the way the Linux kernel's KVM hypervisor\n implementation emulated the syscall instruction for 32-bit guests. An\n unprivileged guest user could trigger this flaw to crash t ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "CentOS Local Security Checks"}
{"openvas": [{"lastseen": "2018-01-02T10:56:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "Check for the Version of kernel", "modified": "2017-12-27T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881118", "href": "http://plugins.openvas.org/nasl.php?oid=881118", "type": "openvas", "title": "CentOS Update for kernel CESA-2012:0350 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for kernel CESA-2012:0350 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n \n * A buffer overflow flaw was found in the way the Linux kernel's XFS file\n system implementation handled links with overly long path names. A local,\n unprivileged user could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially-crafted disk.\n (CVE-2011-4077, Moderate)\n \n * Flaws in ghash_update() and ghash_final() could allow a local,\n unprivileged user to cause a denial of service. (CVE-2011-4081, Moderate)\n \n * A flaw was found in the Linux kernel's Journaling Block Device (JBD). A\n local, unprivileged user could use this flaw to crash the system by\n mounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)\n \n * It was found that the kvm_vm_ioctl_assign_device() function in the KVM\n (Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if\n the user requesting device assignment was privileged or not. A local,\n unprivileged user on the host could assign unused PCI devices, or even\n devices that were in use and whose resources were not properly claimed by\n the respective drivers, which could result in the host crashing.\n (CVE-2011-4347, Moderate)\n \n * Two flaws were found in the way the Linux kernel's __sys_sendmsg()\n function, when invoked via the sendmmsg() system call, accessed user-space\n memory. A local, unprivileged user could use these flaws to cause a denial\n of service. (CVE-2011-4594, Moderate)\n \n * The RHSA-2011:1530 kernel update introduced an integer overflow flaw in\n the Linux kernel. On PowerPC systems, a local, unprivileged user could use\n this flaw to cause a denial of service. (CVE-2011-4611, Moderate)\n \n * A flaw was found in the way the KVM subsystem of a Linux kernel handled\n PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was\n no virtual interrupt controller set up. A local, unprivileged user on the\n host could force this situation to occur, resulting in the host crashing.\n (CVE-2011-4622, Moderate)\n \n * A flaw was found in the way the Linux kernel's XFS file system\n implementation handled on-disk Access Control Lists (ACLs). A local,\n unprivileged user could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially-crafted disk.\n (CVE-2012-0038, Moderate)\n \n * A flaw was found in the way the Linux kernel's KVM hypervisor\n implementation emulated the syscall instruction for 32-bit guests. An\n unprivileged guest user could trigger this flaw to crash t ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-March/018468.html\");\n script_id(881118);\n script_version(\"$Revision: 8249 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-27 07:29:56 +0100 (Wed, 27 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:12:12 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\",\n \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\",\n \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0350\");\n script_name(\"CentOS Update for kernel CESA-2012:0350 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~220.7.1.el6\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-06T13:07:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "Check for the Version of kernel", "modified": "2018-01-05T00:00:00", "published": "2012-07-09T00:00:00", "id": "OPENVAS:870729", "href": "http://plugins.openvas.org/nasl.php?oid=870729", "type": "openvas", "title": "RedHat Update for kernel RHSA-2012:0350-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2012:0350-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A buffer overflow flaw was found in the way the Linux kernel's XFS file\n system implementation handled links with overly long path names. A local,\n unprivileged user could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially-crafted disk.\n (CVE-2011-4077, Moderate)\n\n * Flaws in ghash_update() and ghash_final() could allow a local,\n unprivileged user to cause a denial of service. (CVE-2011-4081, Moderate)\n\n * A flaw was found in the Linux kernel's Journaling Block Device (JBD). A\n local, unprivileged user could use this flaw to crash the system by\n mounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)\n\n * It was found that the kvm_vm_ioctl_assign_device() function in the KVM\n (Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if\n the user requesting device assignment was privileged or not. A local,\n unprivileged user on the host could assign unused PCI devices, or even\n devices that were in use and whose resources were not properly claimed by\n the respective drivers, which could result in the host crashing.\n (CVE-2011-4347, Moderate)\n\n * Two flaws were found in the way the Linux kernel's __sys_sendmsg()\n function, when invoked via the sendmmsg() system call, accessed user-space\n memory. A local, unprivileged user could use these flaws to cause a denial\n of service. (CVE-2011-4594, Moderate)\n\n * The RHSA-2011:1530 kernel update introduced an integer overflow flaw in\n the Linux kernel. On PowerPC systems, a local, unprivileged user could use\n this flaw to cause a denial of service. (CVE-2011-4611, Moderate)\n\n * A flaw was found in the way the KVM subsystem of a Linux kernel handled\n PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was\n no virtual interrupt controller set up. A local, unprivileged user on the\n host could force this situation to occur, resulting in the host crashing.\n (CVE-2011-4622, Moderate)\n\n * A flaw was found in the way the Linux kernel's XFS file system\n implementation handled on-disk Access Control Lists (ACLs). A local,\n unprivileged user could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially-crafted disk.\n (CVE-2012-0038, Moderate)\n\n * A flaw was found in the way the Linux kernel's KVM hypervisor\n implementa ... \n\n Description truncated, for more information please check the Reference URL\";\n\ntag_affected = \"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-March/msg00002.html\");\n script_id(870729);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:55:49 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\",\n \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\",\n \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2012:0350-01\");\n script_name(\"RedHat Update for kernel RHSA-2012:0350-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2020-03-17T23:03:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120412", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120412", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-55)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120412\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:25:46 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-55)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in the Linux kernel. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update kernel to update your system. You will need to reboot your system in order for the new kernel to be running.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-55.html\");\n script_cve_id(\"CVE-2011-4594\", \"CVE-2011-4347\", \"CVE-2012-0038\", \"CVE-2011-4622\", \"CVE-2012-0045\", \"CVE-2011-4132\", \"CVE-2011-4611\", \"CVE-2011-4081\", \"CVE-2011-4077\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.35.14~107.1.39.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.35.14~107.1.39.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.35.14~107.1.39.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.35.14~107.1.39.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.35.14~107.1.39.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.35.14~107.1.39.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "Oracle Linux Local Security Checks ELSA-2012-0350", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123959", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123959", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0350", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0350.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123959\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:50 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0350\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0350 - kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0350\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0350.html\");\n script_cve_id(\"CVE-2011-4081\", \"CVE-2011-4347\", \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\", \"CVE-2011-4077\", \"CVE-2011-4132\", \"CVE-2011-4622\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~2.6.32~220.7.1.el6\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2012-07-09T00:00:00", "id": "OPENVAS:1361412562310870729", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870729", "type": "openvas", "title": "RedHat Update for kernel RHSA-2012:0350-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for kernel RHSA-2012:0350-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-March/msg00002.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870729\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-09 10:55:49 +0530 (Mon, 09 Jul 2012)\");\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\",\n \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\",\n \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2012:0350-01\");\n script_name(\"RedHat Update for kernel RHSA-2012:0350-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"kernel on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The kernel packages contain the Linux kernel, the core of any Linux\n operating system.\n\n This update fixes the following security issues:\n\n * A buffer overflow flaw was found in the way the Linux kernel's XFS file\n system implementation handled links with overly long path names. A local,\n unprivileged user could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially-crafted disk.\n (CVE-2011-4077, Moderate)\n\n * Flaws in ghash_update() and ghash_final() could allow a local,\n unprivileged user to cause a denial of service. (CVE-2011-4081, Moderate)\n\n * A flaw was found in the Linux kernel's Journaling Block Device (JBD). A\n local, unprivileged user could use this flaw to crash the system by\n mounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)\n\n * It was found that the kvm_vm_ioctl_assign_device() function in the KVM\n (Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if\n the user requesting device assignment was privileged or not. A local,\n unprivileged user on the host could assign unused PCI devices, or even\n devices that were in use and whose resources were not properly claimed by\n the respective drivers, which could result in the host crashing.\n (CVE-2011-4347, Moderate)\n\n * Two flaws were found in the way the Linux kernel's __sys_sendmsg()\n function, when invoked via the sendmmsg() system call, accessed user-space\n memory. A local, unprivileged user could use these flaws to cause a denial\n of service. (CVE-2011-4594, Moderate)\n\n * The RHSA-2011:1530 kernel update introduced an integer overflow flaw in\n the Linux kernel. On PowerPC systems, a local, unprivileged user could use\n this flaw to cause a denial of service. (CVE-2011-4611, Moderate)\n\n * A flaw was found in the way the KVM subsystem of a Linux kernel handled\n PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was\n no virtual interrupt controller set up. A local, unprivileged user on the\n host could force this situation to occur, resulting in the host crashing.\n (CVE-2011-4622, Moderate)\n\n * A flaw was found in the way the Linux kernel's XFS file system\n implementation handled on-disk Access Control Lists (ACLs). A local,\n unprivileged user could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially-crafted disk.\n (CVE-2012-0038, Moderate)\n\n * A flaw was found in the way the Linux kernel's KVM hypervisor\n implementa ...\n\n Description truncated, please see the referenced URL(s) for more information.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-debuginfo\", rpm:\"kernel-debug-debuginfo~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debug-devel\", rpm:\"kernel-debug-devel~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo\", rpm:\"kernel-debuginfo~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-i686\", rpm:\"kernel-debuginfo-common-i686~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf\", rpm:\"perf~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"perf-debuginfo\", rpm:\"perf-debuginfo~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-doc\", rpm:\"kernel-doc~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-firmware\", rpm:\"kernel-firmware~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"kernel-debuginfo-common-x86_64\", rpm:\"kernel-debuginfo-common-x86_64~2.6.32~220.7.1.el6\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4132", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "Oracle Linux Local Security Checks ELSA-2012-2003", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123956", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123956", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-2003", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-2003.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123956\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:48 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-2003\");\n script_tag(name:\"insight\", value:\"ELSA-2012-2003 - Unbreakable Enterprise kernel security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-2003\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-2003.html\");\n script_cve_id(\"CVE-2011-4081\", \"CVE-2011-4347\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\", \"CVE-2011-4077\", \"CVE-2011-4132\", \"CVE-2011-4622\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~300.11.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~300.11.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~300.11.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~300.11.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~300.11.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~300.11.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~300.11.1.el5uek\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~300.11.1.el5uek~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~300.11.1.el5uekdebug~1.5.7~2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~300.11.1.el5uek~1.5.1~4.0.53\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~300.11.1.el5uekdebug~1.5.1~4.0.53\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"kernel-uek\", rpm:\"kernel-uek~2.6.32~300.11.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug\", rpm:\"kernel-uek-debug~2.6.32~300.11.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-debug-devel\", rpm:\"kernel-uek-debug-devel~2.6.32~300.11.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-devel\", rpm:\"kernel-uek-devel~2.6.32~300.11.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-doc\", rpm:\"kernel-uek-doc~2.6.32~300.11.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-firmware\", rpm:\"kernel-uek-firmware~2.6.32~300.11.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"kernel-uek-headers\", rpm:\"kernel-uek-headers~2.6.32~300.11.1.el6uek\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~300.11.1.el6uek~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"mlnx_en\", rpm:\"mlnx_en~2.6.32~300.11.1.el6uekdebug~1.5.7~0.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~300.11.1.el6uek~1.5.1~4.0.47\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ofa\", rpm:\"ofa~2.6.32~300.11.1.el6uekdebug~1.5.1~4.0.47\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:1361412562310863931", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863931", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-0480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-0480\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071950.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863931\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:37:03 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2012-0045\", \"CVE-2011-4347\", \"CVE-2011-4622\", \"CVE-2011-4131\",\n \"CVE-2011-4132\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-0480\");\n script_name(\"Fedora Update for kernel FEDORA-2012-0480\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.1.9~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-11T11:07:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045"], "description": "Check for the Version of kernel", "modified": "2018-01-09T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:863931", "href": "http://plugins.openvas.org/nasl.php?oid=863931", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-0480", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-0480\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 16\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071950.html\");\n script_id(863931);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:37:03 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2012-0045\", \"CVE-2011-4347\", \"CVE-2011-4622\", \"CVE-2011-4131\",\n \"CVE-2011-4132\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-0480\");\n script_name(\"Fedora Update for kernel FEDORA-2012-0480\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.1.9~1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:34", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622"], "description": "Check for the Version of kernel", "modified": "2018-01-02T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:863874", "href": "http://plugins.openvas.org/nasl.php?oid=863874", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-0363", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-0363\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"kernel on Fedora 16\";\ntag_insight = \"The kernel package contains the Linux kernel (vmlinuz), the core of any\n Linux operating system. The kernel handles the basic functions\n of the operating system: memory allocation, process allocation, device\n input and output, etc.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071905.html\");\n script_id(863874);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:27:20 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4347\", \"CVE-2011-4622\", \"CVE-2011-4131\", \"CVE-2011-4132\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"FEDORA\", value: \"2012-0363\");\n script_name(\"Fedora Update for kernel FEDORA-2012-0363\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of kernel\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.1.8~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:1361412562310863874", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863874", "type": "openvas", "title": "Fedora Update for kernel FEDORA-2012-0363", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kernel FEDORA-2012-0363\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071905.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863874\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:27:20 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-4347\", \"CVE-2011-4622\", \"CVE-2011-4131\", \"CVE-2011-4132\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"FEDORA\", value:\"2012-0363\");\n script_name(\"Fedora Update for kernel FEDORA-2012-0363\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"kernel on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~3.1.8~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-17T13:10:30", "description": "Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A buffer overflow flaw was found in the way the Linux kernel's XFS\nfile system implementation handled links with overly long path names.\nA local, unprivileged user could use this flaw to cause a denial of\nservice or escalate their privileges by mounting a specially crafted\ndisk. (CVE-2011-4077, Moderate)\n\n* Flaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081,\nModerate)\n\n* A flaw was found in the Linux kernel's Journaling Block Device\n(JBD). A local, unprivileged user could use this flaw to crash the\nsystem by mounting a specially crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the\nKVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347, Moderate)\n\n* Two flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed\nuser-space memory. A local, unprivileged user could use these flaws to\ncause a denial of service. (CVE-2011-4594, Moderate)\n\n* The RHSA-2011:1530 kernel update introduced an integer overflow flaw\nin the Linux kernel. On PowerPC systems, a local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2011-4611,\nModerate)\n\n* A flaw was found in the way the KVM subsystem of a Linux kernel\nhandled PIT (Programmable Interval Timer) IRQs (interrupt requests)\nwhen there was no virtual interrupt controller set up. A local,\nunprivileged user on the host could force this situation to occur,\nresulting in the host crashing. (CVE-2011-4622, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Nick Bowler for reporting CVE-2011-4081;\nSasha Levin for reporting CVE-2011-4347; Tetsuo Handa for reporting\nCVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi\nfor reporting CVE-2012-0038; Stephan Barwolf for reporting\nCVE-2012-0045; and Simon McVittie for reporting CVE-2012-0207.\nUpstream acknowledges Mathieu Desnoyers as the original reporter of\nCVE-2011-4594.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.", "edition": 24, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2012-03-07T00:00:00", "title": "RHEL 6 : kernel (RHSA-2012:0350)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "modified": "2012-03-07T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x", "p-cpe:/a:redhat:enterprise_linux:kernel-firmware", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:perf-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel", "cpe:/o:redhat:enterprise_linux:6.2", "p-cpe:/a:redhat:enterprise_linux:python-perf", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686"], "id": "REDHAT-RHSA-2012-0350.NASL", "href": "https://www.tenable.com/plugins/nessus/58261", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0350. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58261);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_bugtraq_id(50366, 50370, 50663, 50811, 50984, 51081, 51172, 51343, 51380, 51389);\n script_xref(name:\"RHSA\", value:\"2012:0350\");\n\n script_name(english:\"RHEL 6 : kernel (RHSA-2012:0350)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A buffer overflow flaw was found in the way the Linux kernel's XFS\nfile system implementation handled links with overly long path names.\nA local, unprivileged user could use this flaw to cause a denial of\nservice or escalate their privileges by mounting a specially crafted\ndisk. (CVE-2011-4077, Moderate)\n\n* Flaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081,\nModerate)\n\n* A flaw was found in the Linux kernel's Journaling Block Device\n(JBD). A local, unprivileged user could use this flaw to crash the\nsystem by mounting a specially crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the\nKVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347, Moderate)\n\n* Two flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed\nuser-space memory. A local, unprivileged user could use these flaws to\ncause a denial of service. (CVE-2011-4594, Moderate)\n\n* The RHSA-2011:1530 kernel update introduced an integer overflow flaw\nin the Linux kernel. On PowerPC systems, a local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2011-4611,\nModerate)\n\n* A flaw was found in the way the KVM subsystem of a Linux kernel\nhandled PIT (Programmable Interval Timer) IRQs (interrupt requests)\nwhen there was no virtual interrupt controller set up. A local,\nunprivileged user on the host could force this situation to occur,\nresulting in the host crashing. (CVE-2011-4622, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Nick Bowler for reporting CVE-2011-4081;\nSasha Levin for reporting CVE-2011-4347; Tetsuo Handa for reporting\nCVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi\nfor reporting CVE-2012-0038; Stephan Barwolf for reporting\nCVE-2012-0045; and Simon McVittie for reporting CVE-2012-0207.\nUpstream acknowledges Mathieu Desnoyers as the original reporter of\nCVE-2011-4594.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.\"\n );\n # https://rhn.redhat.com/errata/RHSA-2011-1530.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1530\"\n );\n # https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?056c0c27\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0350\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4132\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4077\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4081\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4622\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0038\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-4611\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-s390x\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for RHSA-2012:0350\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0350\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-debuginfo-common-s390x-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-devel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-devel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-doc-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"kernel-firmware-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"kernel-headers-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-headers-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"perf-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"perf-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"perf-debuginfo-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"python-perf-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"python-perf-2.6.32-220.7.1.el6\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"python-perf-2.6.32-220.7.1.el6\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:46:28", "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n - A buffer overflow flaw was found in the way the Linux\n kernel's XFS file system implementation handled links\n with overly long path names. A local, unprivileged user\n could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially\n crafted disk. (CVE-2011-4077, Moderate)\n\n - Flaws in ghash_update() and ghash_final() could allow a\n local, unprivileged user to cause a denial of service.\n (CVE-2011-4081, Moderate)\n\n - A flaw was found in the Linux kernel's Journaling Block\n Device (JBD). A local, unprivileged user could use this\n flaw to crash the system by mounting a specially crafted\n ext3 or ext4 disk. (CVE-2011-4132, Moderate)\n\n - It was found that the kvm_vm_ioctl_assign_device()\n function in the KVM (Kernel-based Virtual Machine)\n subsystem of a Linux kernel did not check if the user\n requesting device assignment was privileged or not. A\n local, unprivileged user on the host could assign unused\n PCI devices, or even devices that were in use and whose\n resources were not properly claimed by the respective\n drivers, which could result in the host crashing.\n (CVE-2011-4347, Moderate)\n\n - Two flaws were found in the way the Linux kernel's\n __sys_sendmsg() function, when invoked via the\n sendmmsg() system call, accessed user-space memory. A\n local, unprivileged user could use these flaws to cause\n a denial of service. (CVE-2011-4594, Moderate)\n\n - A flaw was found in the way the KVM subsystem of a Linux\n kernel handled PIT (Programmable Interval Timer) IRQs\n (interrupt requests) when there was no virtual interrupt\n controller set up. A local, unprivileged user on the\n host could force this situation to occur, resulting in\n the host crashing. (CVE-2011-4622, Moderate)\n\n - A flaw was found in the way the Linux kernel's XFS file\n system implementation handled on-disk Access Control\n Lists (ACLs). A local, unprivileged user could use this\n flaw to cause a denial of service or escalate their\n privileges by mounting a specially crafted disk.\n (CVE-2012-0038, Moderate)\n\n - A flaw was found in the way the Linux kernel's KVM\n hypervisor implementation emulated the syscall\n instruction for 32-bit guests. An unprivileged guest\n user could trigger this flaw to crash the guest.\n (CVE-2012-0045, Moderate)\n\n - A divide-by-zero flaw was found in the Linux kernel's\n igmp_heard_query() function. An attacker able to send\n certain IGMP (Internet Group Management Protocol)\n packets to a target system could use this flaw to cause\n a denial of service. (CVE-2012-0207, Moderate)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.", "edition": 18, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20120306)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "modified": "2012-08-01T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686", "p-cpe:/a:fermilab:scientific_linux:kernel-firmware", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:perf"], "id": "SL_20120306_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61277", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61277);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20120306)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n - A buffer overflow flaw was found in the way the Linux\n kernel's XFS file system implementation handled links\n with overly long path names. A local, unprivileged user\n could use this flaw to cause a denial of service or\n escalate their privileges by mounting a specially\n crafted disk. (CVE-2011-4077, Moderate)\n\n - Flaws in ghash_update() and ghash_final() could allow a\n local, unprivileged user to cause a denial of service.\n (CVE-2011-4081, Moderate)\n\n - A flaw was found in the Linux kernel's Journaling Block\n Device (JBD). A local, unprivileged user could use this\n flaw to crash the system by mounting a specially crafted\n ext3 or ext4 disk. (CVE-2011-4132, Moderate)\n\n - It was found that the kvm_vm_ioctl_assign_device()\n function in the KVM (Kernel-based Virtual Machine)\n subsystem of a Linux kernel did not check if the user\n requesting device assignment was privileged or not. A\n local, unprivileged user on the host could assign unused\n PCI devices, or even devices that were in use and whose\n resources were not properly claimed by the respective\n drivers, which could result in the host crashing.\n (CVE-2011-4347, Moderate)\n\n - Two flaws were found in the way the Linux kernel's\n __sys_sendmsg() function, when invoked via the\n sendmmsg() system call, accessed user-space memory. A\n local, unprivileged user could use these flaws to cause\n a denial of service. (CVE-2011-4594, Moderate)\n\n - A flaw was found in the way the KVM subsystem of a Linux\n kernel handled PIT (Programmable Interval Timer) IRQs\n (interrupt requests) when there was no virtual interrupt\n controller set up. A local, unprivileged user on the\n host could force this situation to occur, resulting in\n the host crashing. (CVE-2011-4622, Moderate)\n\n - A flaw was found in the way the Linux kernel's XFS file\n system implementation handled on-disk Access Control\n Lists (ACLs). A local, unprivileged user could use this\n flaw to cause a denial of service or escalate their\n privileges by mounting a specially crafted disk.\n (CVE-2012-0038, Moderate)\n\n - A flaw was found in the way the Linux kernel's KVM\n hypervisor implementation emulated the syscall\n instruction for 32-bit guests. An unprivileged guest\n user could trigger this flaw to crash the guest.\n (CVE-2012-0045, Moderate)\n\n - A divide-by-zero flaw was found in the Linux kernel's\n igmp_heard_query() function. An attacker able to send\n certain IGMP (Internet Group Management Protocol)\n packets to a target system could use this flaw to cause\n a denial of service. (CVE-2012-0207, Moderate)\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues. The system must be\nrebooted for this update to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1203&L=scientific-linux-errata&T=0&P=1112\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0596e75a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"i386\", reference:\"kernel-debuginfo-common-i686-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-220.7.1.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-debuginfo / kernel-debug-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:46:46", "description": "From Red Hat Security Advisory 2012:0350 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A buffer overflow flaw was found in the way the Linux kernel's XFS\nfile system implementation handled links with overly long path names.\nA local, unprivileged user could use this flaw to cause a denial of\nservice or escalate their privileges by mounting a specially crafted\ndisk. (CVE-2011-4077, Moderate)\n\n* Flaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081,\nModerate)\n\n* A flaw was found in the Linux kernel's Journaling Block Device\n(JBD). A local, unprivileged user could use this flaw to crash the\nsystem by mounting a specially crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the\nKVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347, Moderate)\n\n* Two flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed\nuser-space memory. A local, unprivileged user could use these flaws to\ncause a denial of service. (CVE-2011-4594, Moderate)\n\n* The RHSA-2011:1530 kernel update introduced an integer overflow flaw\nin the Linux kernel. On PowerPC systems, a local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2011-4611,\nModerate)\n\n* A flaw was found in the way the KVM subsystem of a Linux kernel\nhandled PIT (Programmable Interval Timer) IRQs (interrupt requests)\nwhen there was no virtual interrupt controller set up. A local,\nunprivileged user on the host could force this situation to occur,\nresulting in the host crashing. (CVE-2011-4622, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Nick Bowler for reporting CVE-2011-4081;\nSasha Levin for reporting CVE-2011-4347; Tetsuo Handa for reporting\nCVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi\nfor reporting CVE-2012-0038; Stephan Barwolf for reporting\nCVE-2012-0045; and Simon McVittie for reporting CVE-2012-0207.\nUpstream acknowledges Mathieu Desnoyers as the original reporter of\nCVE-2011-4594.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.", "edition": 22, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 6 : kernel (ELSA-2012-0350)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-debug", "p-cpe:/a:oracle:linux:kernel-devel", "p-cpe:/a:oracle:linux:kernel-doc", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:kernel-debug-devel", "p-cpe:/a:oracle:linux:kernel-headers", "p-cpe:/a:oracle:linux:kernel", "p-cpe:/a:oracle:linux:kernel-firmware", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2012-0350.NASL", "href": "https://www.tenable.com/plugins/nessus/68491", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0350 and \n# Oracle Linux Security Advisory ELSA-2012-0350 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68491);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_bugtraq_id(50366, 50370, 50663, 50811, 50984, 51081, 51172, 51343, 51380, 51389);\n script_xref(name:\"RHSA\", value:\"2012:0350\");\n\n script_name(english:\"Oracle Linux 6 : kernel (ELSA-2012-0350)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"From Red Hat Security Advisory 2012:0350 :\n\nUpdated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A buffer overflow flaw was found in the way the Linux kernel's XFS\nfile system implementation handled links with overly long path names.\nA local, unprivileged user could use this flaw to cause a denial of\nservice or escalate their privileges by mounting a specially crafted\ndisk. (CVE-2011-4077, Moderate)\n\n* Flaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081,\nModerate)\n\n* A flaw was found in the Linux kernel's Journaling Block Device\n(JBD). A local, unprivileged user could use this flaw to crash the\nsystem by mounting a specially crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the\nKVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347, Moderate)\n\n* Two flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed\nuser-space memory. A local, unprivileged user could use these flaws to\ncause a denial of service. (CVE-2011-4594, Moderate)\n\n* The RHSA-2011:1530 kernel update introduced an integer overflow flaw\nin the Linux kernel. On PowerPC systems, a local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2011-4611,\nModerate)\n\n* A flaw was found in the way the KVM subsystem of a Linux kernel\nhandled PIT (Programmable Interval Timer) IRQs (interrupt requests)\nwhen there was no virtual interrupt controller set up. A local,\nunprivileged user on the host could force this situation to occur,\nresulting in the host crashing. (CVE-2011-4622, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Nick Bowler for reporting CVE-2011-4081;\nSasha Levin for reporting CVE-2011-4347; Tetsuo Handa for reporting\nCVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi\nfor reporting CVE-2012-0038; Stephan Barwolf for reporting\nCVE-2012-0045; and Simon McVittie for reporting CVE-2012-0207.\nUpstream acknowledges Mathieu Desnoyers as the original reporter of\nCVE-2011-4594.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-March/002693.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2012-0350\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-debug-devel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-devel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-doc-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-firmware-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-headers-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"perf-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"python-perf-2.6.32-220.7.1.el6\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-14T13:13:38", "description": "A buffer overflow flaw was found in the way the Linux kernel's XFS\nfile system implementation handled links with overly long path names.\nA local, unprivileged user could use this flaw to cause a denial of\nservice or escalate their privileges by mounting a specially crafted\ndisk. (CVE-2011-4077 , Moderate)\n\nFlaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081 ,\nModerate)\n\nA flaw was found in the Linux kernel's Journaling Block Device (JBD).\nA local, unprivileged user could use this flaw to crash the system by\nmounting a specially crafted ext3 or ext4 disk. (CVE-2011-4132 ,\nModerate)\n\nIt was found that the kvm_vm_ioctl_assign_device() function in the KVM\n(Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347 , Moderate)\n\nTwo flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed\nuser-space memory. A local, unprivileged user could use these flaws to\ncause a denial of service. (CVE-2011-4594 , Moderate)\n\nA previous update introduced an integer overflow flaw in the Linux\nkernel. On PowerPC systems, a local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2011-4611 , Moderate)\n\nA flaw was found in the way the KVM subsystem of a Linux kernel\nhandled PIT (Programmable Interval Timer) IRQs (interrupt requests)\nwhen there was no virtual interrupt controller set up. A local,\nunprivileged user on the host could force this situation to occur,\nresulting in the host crashing. (CVE-2011-4622 , Moderate)\n\nA flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038 , Moderate)\n\nA flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045 , Moderate)\n\nA divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207 , Moderate)", "edition": 20, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : kernel (ALAS-2012-55)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "modified": "2013-09-04T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-doc", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-headers", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-55.NASL", "href": "https://www.tenable.com/plugins/nessus/69662", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-55.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69662);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/31\");\n\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_xref(name:\"ALAS\", value:\"2012-55\");\n script_xref(name:\"RHSA\", value:\"2012:0350\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2012-55)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"A buffer overflow flaw was found in the way the Linux kernel's XFS\nfile system implementation handled links with overly long path names.\nA local, unprivileged user could use this flaw to cause a denial of\nservice or escalate their privileges by mounting a specially crafted\ndisk. (CVE-2011-4077 , Moderate)\n\nFlaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081 ,\nModerate)\n\nA flaw was found in the Linux kernel's Journaling Block Device (JBD).\nA local, unprivileged user could use this flaw to crash the system by\nmounting a specially crafted ext3 or ext4 disk. (CVE-2011-4132 ,\nModerate)\n\nIt was found that the kvm_vm_ioctl_assign_device() function in the KVM\n(Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347 , Moderate)\n\nTwo flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed\nuser-space memory. A local, unprivileged user could use these flaws to\ncause a denial of service. (CVE-2011-4594 , Moderate)\n\nA previous update introduced an integer overflow flaw in the Linux\nkernel. On PowerPC systems, a local, unprivileged user could use this\nflaw to cause a denial of service. (CVE-2011-4611 , Moderate)\n\nA flaw was found in the way the KVM subsystem of a Linux kernel\nhandled PIT (Programmable Interval Timer) IRQs (interrupt requests)\nwhen there was no virtual interrupt controller set up. A local,\nunprivileged user on the host could force this situation to occur,\nresulting in the host crashing. (CVE-2011-4622 , Moderate)\n\nA flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038 , Moderate)\n\nA flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045 , Moderate)\n\nA divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207 , Moderate)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-55.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Run 'yum update kernel' to update your system. You will need to reboot\nyour system in order for the new kernel to be running.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-2.6.35.14-107.1.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-2.6.35.14-107.1.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-2.6.35.14-107.1.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.35.14-107.1.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-2.6.35.14-107.1.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-doc-2.6.35.14-107.1.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-2.6.35.14-107.1.39.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-2.6.35.14-107.1.39.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:27:35", "description": "Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A buffer overflow flaw was found in the way the Linux kernel's XFS\nfile system implementation handled links with overly long path names.\nA local, unprivileged user could use this flaw to cause a denial of\nservice or escalate their privileges by mounting a specially crafted\ndisk. (CVE-2011-4077, Moderate)\n\n* Flaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081,\nModerate)\n\n* A flaw was found in the Linux kernel's Journaling Block Device\n(JBD). A local, unprivileged user could use this flaw to crash the\nsystem by mounting a specially crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the\nKVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347, Moderate)\n\n* Two flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed\nuser-space memory. A local, unprivileged user could use these flaws to\ncause a denial of service. (CVE-2011-4594, Moderate)\n\n* The RHSA-2011:1530 kernel update introduced an integer overflow flaw\nin the Linux kernel. On PowerPC systems, a local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2011-4611,\nModerate)\n\n* A flaw was found in the way the KVM subsystem of a Linux kernel\nhandled PIT (Programmable Interval Timer) IRQs (interrupt requests)\nwhen there was no virtual interrupt controller set up. A local,\nunprivileged user on the host could force this situation to occur,\nresulting in the host crashing. (CVE-2011-4622, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Nick Bowler for reporting CVE-2011-4081;\nSasha Levin for reporting CVE-2011-4347; Tetsuo Handa for reporting\nCVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi\nfor reporting CVE-2012-0038; Stephan Barwolf for reporting\nCVE-2012-0045; and Simon McVittie for reporting CVE-2012-0207.\nUpstream acknowledges Mathieu Desnoyers as the original reporter of\nCVE-2011-4594.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.", "edition": 25, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2012-03-08T00:00:00", "title": "CentOS 6 : kernel (CESA-2012:0350)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "modified": "2012-03-08T00:00:00", "cpe": ["cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:perf", "p-cpe:/a:centos:centos:python-perf", "p-cpe:/a:centos:centos:kernel-doc", "p-cpe:/a:centos:centos:kernel-devel", "p-cpe:/a:centos:centos:kernel", "p-cpe:/a:centos:centos:kernel-debug", "p-cpe:/a:centos:centos:kernel-headers", "p-cpe:/a:centos:centos:kernel-firmware", "p-cpe:/a:centos:centos:kernel-debug-devel"], "id": "CENTOS_RHSA-2012-0350.NASL", "href": "https://www.tenable.com/plugins/nessus/58275", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0350 and \n# CentOS Errata and Security Advisory 2012:0350 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58275);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4594\", \"CVE-2011-4611\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_bugtraq_id(50366, 50370, 50663, 50811, 50984, 51081, 51172, 51343, 51380, 51389);\n script_xref(name:\"RHSA\", value:\"2012:0350\");\n\n script_name(english:\"CentOS 6 : kernel (CESA-2012:0350)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated kernel packages that fix various security issues and several\nbugs are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues :\n\n* A buffer overflow flaw was found in the way the Linux kernel's XFS\nfile system implementation handled links with overly long path names.\nA local, unprivileged user could use this flaw to cause a denial of\nservice or escalate their privileges by mounting a specially crafted\ndisk. (CVE-2011-4077, Moderate)\n\n* Flaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081,\nModerate)\n\n* A flaw was found in the Linux kernel's Journaling Block Device\n(JBD). A local, unprivileged user could use this flaw to crash the\nsystem by mounting a specially crafted ext3 or ext4 disk.\n(CVE-2011-4132, Moderate)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the\nKVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not\ncheck if the user requesting device assignment was privileged or not.\nA local, unprivileged user on the host could assign unused PCI\ndevices, or even devices that were in use and whose resources were not\nproperly claimed by the respective drivers, which could result in the\nhost crashing. (CVE-2011-4347, Moderate)\n\n* Two flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed\nuser-space memory. A local, unprivileged user could use these flaws to\ncause a denial of service. (CVE-2011-4594, Moderate)\n\n* The RHSA-2011:1530 kernel update introduced an integer overflow flaw\nin the Linux kernel. On PowerPC systems, a local, unprivileged user\ncould use this flaw to cause a denial of service. (CVE-2011-4611,\nModerate)\n\n* A flaw was found in the way the KVM subsystem of a Linux kernel\nhandled PIT (Programmable Interval Timer) IRQs (interrupt requests)\nwhen there was no virtual interrupt controller set up. A local,\nunprivileged user on the host could force this situation to occur,\nresulting in the host crashing. (CVE-2011-4622, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially crafted disk.\n(CVE-2012-0038, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Nick Bowler for reporting CVE-2011-4081;\nSasha Levin for reporting CVE-2011-4347; Tetsuo Handa for reporting\nCVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi\nfor reporting CVE-2012-0038; Stephan Barwolf for reporting\nCVE-2012-0045; and Simon McVittie for reporting CVE-2012-0207.\nUpstream acknowledges Mathieu Desnoyers as the original reporter of\nCVE-2011-4594.\n\nThis update also fixes several bugs. Documentation for these changes\nwill be available shortly from the Technical Notes document linked to\nin the References section.\n\nUsers should upgrade to these updated packages, which contain\nbackported patches to correct these issues, and fix the bugs noted in\nthe Technical Notes. The system must be rebooted for this update to\ntake effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-March/018468.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec4c33b1\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0207\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-debug-devel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-devel-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-doc-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-firmware-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"kernel-headers-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"perf-2.6.32-220.7.1.el6\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"python-perf-2.6.32-220.7.1.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debug / kernel-debug-devel / kernel-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:47:27", "description": "Description of changes:\n\n* CVE-2012-0207: Denial of service bug in IGMP.\n\nThe IGMP subsystem's compatibility handling of v2 packets had a bug in\nthe computation of a delay field which could result in division by\nzero (causing a kernel panic).\n\n\n* CVE-2012-0045: Denial of service in KVM system call emulation.\n\nA bug in the system call emulation for allowed local users on a 32-bit\nKVM guest system to cause the guest system to panic.\n\n\n* CVE-2012-0038: In-memory corruption in XFS ACL processing.\n\nA missing check in xfs_acl_from_disk on the number of XFS ACLs could\nresult in in-memory corruption and a kernel panic.\n\n\n* CVE-2011-4622: NULL pointer deference in KVM interval timer emulation.\n\nStarting PIT timers in the absence of irqchip support could cause a\nNULL pointer dereference and kernel OOPs.\n\n\n* CVE-2011-4347: Denial of service in KVM device assignment.\n\nSeveral bugs that allowed unprivileged users to improperly assign\ndevices to KVM guests could result in a denial of service.\n\n\n* CVE-2011-4132: Denial of service in Journaling Block Device layer.\n\nA flaw in the way the Journaling Block Device (JBD) layer handled an\ninvalid log first block value allowed an attacker to mount a malicious\next3 or ext4 image that would crash the system.\n\n\n* CVE-2011-4081: NULL pointer dereference in GHASH cryptographic algorithm.\n\nNick Bowler reported an issue in the GHASH message digest\nalgorithm. ghash_update can pass a NULL pointer to gf128mul_4k_lle in some\ncases, leading to a NULL pointer dereference (kernel OOPS).\n\n\n* CVE-2011-4077: Buffer overflow in xfs_readlink.\n\nA flaw in the way the XFS filesystem implementation handled links with\npathnames larger than MAXPATHLEN allowed an attacker to mount a\nmalicious XFS image that could crash the system or result in privilege\nescalation.\n\n[2.6.32-300.11.1.el6uek]\n- [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos \nMaiolino) {CVE-2011-4077}\n- [scsi] increase qla2xxx firmware ready time-out (Joe Jin)\n- [scsi] qla2xxx: Module parameter to control use of async or sync port \nlogin (Joe Jin)\n- [net] tg3: Fix single-vector MSI-X code (Joe Jin)\n- [net] qlge: fix size of external list for TX address descriptors (Joe Jin)\n- [net] e1000e: Avoid wrong check on TX hang (Joe Jin)\n- crypto: ghash - Avoid NULL pointer dereference if no key is set (Nick \nBowler) {CVE-2011-4081}\n- jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) \n{CVE-2011-4132}\n- KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347}\n- KVM: x86: Prevent starting PIT timers in the absence of irqchip \nsupport (Jan Kiszka) {CVE-2011-4622}\n- xfs: validate acl count (Joe Jin) {CVE-2012-0038}\n- KVM: x86: fix missing checks in syscall emulation (Joe Jin) \n{CVE-2012-0045}\n- KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) \n{CVE-2012-0045}\n- igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben \nHutchings) {CVE-2012-0207}\n- ipv4: correct IGMP behavior on v3 query during v2-compatibility mode \n(David Stevens)\n- fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349]\n\n[2.6.32-300.10.1.el6uek]\n- net: remove extra register in ip_gre (Guru Anbalagane) [Orabug: 13633287]\n\n[2.6.32-300.9.1.el6uek]\n- [netdrv] fnic: return zero on fnic_reset() success (Joe Jin)\n- [e1000e] Add entropy generation back for network interrupts (John Sobecki)\n- [nfs4] LINUX CLIENT TREATS NFS4ERR_GRACE AS A PERMANENT ERROR [orabug \n13476821] (John Sobecki)\n- [nfs] NFS CLIENT CONNECTS TO SERVER THEN DISCONNECTS [orabug 13516759] \n(John Sobecki)\n- [sunrpc] Add patch for a mount crash in __rpc_create_common [orabug \n13322773] (John Sobecki)\n\n[2.6.32-300.8.1.el6uek]\n- SPEC: fix dependency on firmware/mkinitrd (Guru Anbalagane) [orabug \n13637902]\n- xfs: fix acl count validation in xfs_acl_from_disk() (Dan Carpenter)\n- [SCSI] scsi_dh: check queuedata pointer before proceeding further \n(Moger Babu)\n [orabug 13615419]", "edition": 21, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2003)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4132", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.11.1.el5uek", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:ofa-2.6.32-300.11.1.el6uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-300.11.1.el5uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.11.1.el5uekdebug", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.11.1.el6uek", "p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.11.1.el6uekdebug", "p-cpe:/a:oracle:linux:ofa-2.6.32-300.11.1.el6uek", "p-cpe:/a:oracle:linux:ofa-2.6.32-300.11.1.el5uekdebug", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-debug"], "id": "ORACLELINUX_ELSA-2012-2003.NASL", "href": "https://www.tenable.com/plugins/nessus/68669", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2012-2003.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68669);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\");\n script_bugtraq_id(50366, 50370, 50663, 50811, 51172, 51343, 51380, 51389);\n\n script_name(english:\"Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2012-2003)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Description of changes:\n\n* CVE-2012-0207: Denial of service bug in IGMP.\n\nThe IGMP subsystem's compatibility handling of v2 packets had a bug in\nthe computation of a delay field which could result in division by\nzero (causing a kernel panic).\n\n\n* CVE-2012-0045: Denial of service in KVM system call emulation.\n\nA bug in the system call emulation for allowed local users on a 32-bit\nKVM guest system to cause the guest system to panic.\n\n\n* CVE-2012-0038: In-memory corruption in XFS ACL processing.\n\nA missing check in xfs_acl_from_disk on the number of XFS ACLs could\nresult in in-memory corruption and a kernel panic.\n\n\n* CVE-2011-4622: NULL pointer deference in KVM interval timer emulation.\n\nStarting PIT timers in the absence of irqchip support could cause a\nNULL pointer dereference and kernel OOPs.\n\n\n* CVE-2011-4347: Denial of service in KVM device assignment.\n\nSeveral bugs that allowed unprivileged users to improperly assign\ndevices to KVM guests could result in a denial of service.\n\n\n* CVE-2011-4132: Denial of service in Journaling Block Device layer.\n\nA flaw in the way the Journaling Block Device (JBD) layer handled an\ninvalid log first block value allowed an attacker to mount a malicious\next3 or ext4 image that would crash the system.\n\n\n* CVE-2011-4081: NULL pointer dereference in GHASH cryptographic algorithm.\n\nNick Bowler reported an issue in the GHASH message digest\nalgorithm. ghash_update can pass a NULL pointer to gf128mul_4k_lle in some\ncases, leading to a NULL pointer dereference (kernel OOPS).\n\n\n* CVE-2011-4077: Buffer overflow in xfs_readlink.\n\nA flaw in the way the XFS filesystem implementation handled links with\npathnames larger than MAXPATHLEN allowed an attacker to mount a\nmalicious XFS image that could crash the system or result in privilege\nescalation.\n\n[2.6.32-300.11.1.el6uek]\n- [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos \nMaiolino) {CVE-2011-4077}\n- [scsi] increase qla2xxx firmware ready time-out (Joe Jin)\n- [scsi] qla2xxx: Module parameter to control use of async or sync port \nlogin (Joe Jin)\n- [net] tg3: Fix single-vector MSI-X code (Joe Jin)\n- [net] qlge: fix size of external list for TX address descriptors (Joe Jin)\n- [net] e1000e: Avoid wrong check on TX hang (Joe Jin)\n- crypto: ghash - Avoid NULL pointer dereference if no key is set (Nick \nBowler) {CVE-2011-4081}\n- jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) \n{CVE-2011-4132}\n- KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347}\n- KVM: x86: Prevent starting PIT timers in the absence of irqchip \nsupport (Jan Kiszka) {CVE-2011-4622}\n- xfs: validate acl count (Joe Jin) {CVE-2012-0038}\n- KVM: x86: fix missing checks in syscall emulation (Joe Jin) \n{CVE-2012-0045}\n- KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) \n{CVE-2012-0045}\n- igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben \nHutchings) {CVE-2012-0207}\n- ipv4: correct IGMP behavior on v3 query during v2-compatibility mode \n(David Stevens)\n- fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349]\n\n[2.6.32-300.10.1.el6uek]\n- net: remove extra register in ip_gre (Guru Anbalagane) [Orabug: 13633287]\n\n[2.6.32-300.9.1.el6uek]\n- [netdrv] fnic: return zero on fnic_reset() success (Joe Jin)\n- [e1000e] Add entropy generation back for network interrupts (John Sobecki)\n- [nfs4] LINUX CLIENT TREATS NFS4ERR_GRACE AS A PERMANENT ERROR [orabug \n13476821] (John Sobecki)\n- [nfs] NFS CLIENT CONNECTS TO SERVER THEN DISCONNECTS [orabug 13516759] \n(John Sobecki)\n- [sunrpc] Add patch for a mount crash in __rpc_create_common [orabug \n13322773] (John Sobecki)\n\n[2.6.32-300.8.1.el6uek]\n- SPEC: fix dependency on firmware/mkinitrd (Guru Anbalagane) [orabug \n13637902]\n- xfs: fix acl count validation in xfs_acl_from_disk() (Dan Carpenter)\n- [SCSI] scsi_dh: check queuedata pointer before proceeding further \n(Moger Babu)\n [orabug 13615419]\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-March/002691.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-March/002692.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected unbreakable enterprise kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.11.1.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.11.1.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.11.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:mlnx_en-2.6.32-300.11.1.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-300.11.1.el5uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-300.11.1.el5uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-300.11.1.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ofa-2.6.32-300.11.1.el6uekdebug\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4347\", \"CVE-2011-4622\", \"CVE-2012-0038\", \"CVE-2012-0045\", \"CVE-2012-0207\"); \n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for ELSA-2012-2003\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nkernel_major_minor = get_kb_item(\"Host/uname/major_minor\");\nif (empty_or_null(kernel_major_minor)) exit(1, \"Unable to determine kernel major-minor level.\");\nexpected_kernel_major_minor = \"2.6\";\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, \"running kernel level \" + expected_kernel_major_minor + \", it is running kernel level \" + kernel_major_minor);\n\nflag = 0;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-2.6.32-300.11.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-2.6.32-300.11.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-debug-devel-2.6.32-300.11.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-devel-2.6.32-300.11.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-doc-2.6.32-300.11.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-firmware-2.6.32-300.11.1.el5uek\")) flag++;\nif (rpm_exists(release:\"EL5\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL5\", reference:\"kernel-uek-headers-2.6.32-300.11.1.el5uek\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-300.11.1.el5uek-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"mlnx_en-2.6.32-300.11.1.el5uekdebug-1.5.7-2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-300.11.1.el5uek-1.5.1-4.0.53\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ofa-2.6.32-300.11.1.el5uekdebug-1.5.1-4.0.53\")) flag++;\n\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.32-300.11.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.32-300.11.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.32-300.11.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.32-300.11.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.32-300.11.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.32-300.11.1.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-headers-2.6.32\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-headers-2.6.32-300.11.1.el6uek\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-300.11.1.el6uek-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"mlnx_en-2.6.32-300.11.1.el6uekdebug-1.5.7-0.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-300.11.1.el6uek-1.5.1-4.0.47\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ofa-2.6.32-300.11.1.el6uekdebug-1.5.1-4.0.47\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:10:35", "description": "An updated rhev-hypervisor6 package that fixes two security issues and\none bug is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise\nVirtualization Hypervisor ISO disk image. The Red Hat Enterprise\nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine\n(KVM) hypervisor. It includes everything necessary to run and manage\nvirtual machines: A subset of the Red Hat Enterprise Linux operating\nenvironment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available\nfor the Intel 64 and AMD64 architectures with virtualization\nextensions.\n\nA flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045)\n\nA divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207)\n\nRed Hat would like to thank Stephan Barwolf for reporting\nCVE-2012-0045, and Simon McVittie for reporting CVE-2012-0207.\n\nThis updated package provides updated components that include fixes\nfor various security issues. These issues have no security impact on\nRed Hat Enterprise Virtualization Hypervisor itself, however. The\nsecurity fixes included in this update address the following CVE\nnumbers :\n\nCVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4347,\nCVE-2011-4594, CVE-2011-4611, CVE-2011-4622 and CVE-2012-0038 (kernel\nissues)\n\nCVE-2012-0444 (libvorbis issue)\n\nCVE-2012-0841 (libxml2 issue)\n\nThis update also fixes the following bug :\n\n* The rhev-hypervisor5 and rhev-hypervisor6 packages sometimes updated\nthe symbolic links in the /usr/share/rhev-hypervisor/ directory with\nincorrect targets. The packages have been updated, they now always\nupdate the symbolic links with the correct targets. (BZ#784706)\n\nUsers of Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.", "edition": 24, "published": "2014-11-17T00:00:00", "title": "RHEL 6 : rhev-hypervisor6 (RHSA-2012:0422)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0444", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2012-0841", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "modified": "2014-11-17T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6", "cpe:/o:redhat:enterprise_linux:6", "p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6-tools"], "id": "REDHAT-RHSA-2012-0422.NASL", "href": "https://www.tenable.com/plugins/nessus/79285", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0422. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79285);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0045\", \"CVE-2012-0207\");\n script_bugtraq_id(51343, 51389);\n script_xref(name:\"RHSA\", value:\"2012:0422\");\n\n script_name(english:\"RHEL 6 : rhev-hypervisor6 (RHSA-2012:0422)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated rhev-hypervisor6 package that fixes two security issues and\none bug is now available.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nThe rhev-hypervisor6 package provides a Red Hat Enterprise\nVirtualization Hypervisor ISO disk image. The Red Hat Enterprise\nVirtualization Hypervisor is a dedicated Kernel-based Virtual Machine\n(KVM) hypervisor. It includes everything necessary to run and manage\nvirtual machines: A subset of the Red Hat Enterprise Linux operating\nenvironment and the Red Hat Enterprise Virtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available\nfor the Intel 64 and AMD64 architectures with virtualization\nextensions.\n\nA flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045)\n\nA divide-by-zero flaw was found in the Linux kernel's\nigmp_heard_query() function. An attacker able to send certain IGMP\n(Internet Group Management Protocol) packets to a target system could\nuse this flaw to cause a denial of service. (CVE-2012-0207)\n\nRed Hat would like to thank Stephan Barwolf for reporting\nCVE-2012-0045, and Simon McVittie for reporting CVE-2012-0207.\n\nThis updated package provides updated components that include fixes\nfor various security issues. These issues have no security impact on\nRed Hat Enterprise Virtualization Hypervisor itself, however. The\nsecurity fixes included in this update address the following CVE\nnumbers :\n\nCVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4347,\nCVE-2011-4594, CVE-2011-4611, CVE-2011-4622 and CVE-2012-0038 (kernel\nissues)\n\nCVE-2012-0444 (libvorbis issue)\n\nCVE-2012-0841 (libxml2 issue)\n\nThis update also fixes the following bug :\n\n* The rhev-hypervisor5 and rhev-hypervisor6 packages sometimes updated\nthe symbolic links in the /usr/share/rhev-hypervisor/ directory with\nincorrect targets. The packages have been updated, they now always\nupdate the symbolic links with the correct targets. (BZ#784706)\n\nUsers of Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0045\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0207\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0422\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected rhev-hypervisor6 and / or rhev-hypervisor6-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rhev-hypervisor6-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0422\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"rhev-hypervisor6-6.2-20120320.0.el6_2\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rhev-hypervisor6-tools-6.2-20120320.0.el6_2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rhev-hypervisor6 / rhev-hypervisor6-tools\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T10:09:50", "description": " - Update to Linux 3.1.9 stable release\n\n - Fixes CVE-2011-4347, CVE-2011-4622, CVE-2012-0045\n\n - Other assorted other fixes. This should fix\n suspend/resume bugs that are found in 3.1.5/3.1.6\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2012-01-16T00:00:00", "title": "Fedora 15 : kernel-2.6.41.9-1.fc15 (2012-0492)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045"], "modified": "2012-01-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-0492.NASL", "href": "https://www.tenable.com/plugins/nessus/57549", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-0492.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57549);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-4622\");\n script_bugtraq_id(51172);\n script_xref(name:\"FEDORA\", value:\"2012-0492\");\n\n script_name(english:\"Fedora 15 : kernel-2.6.41.9-1.fc15 (2012-0492)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Update to Linux 3.1.9 stable release\n\n - Fixes CVE-2011-4347, CVE-2011-4622, CVE-2012-0045\n\n - Other assorted other fixes. This should fix\n suspend/resume bugs that are found in 3.1.5/3.1.6\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=769721\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/071901.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0f61848c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"kernel-2.6.41.9-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-01T06:37:14", "description": "A bug was discovered in the XFS filesystem's handling of pathnames. A\nlocal attacker could exploit this to crash the system, leading to a\ndenial of service, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm\nincorrectly handled error conditions. A local attacker could exploit\nthis to cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local\nattacker able to mount ext3 or ext4 file systems could exploit this to\ncrash the system, leading to a denial of service. (CVE-2011-4132)\n\nClement Lecigne discovered a bug in the HFS file system bounds\nchecking. When a malformed HFS file system is mounted a local user\ncould crash the system or gain root privileges. (CVE-2011-4330).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2011-12-14T00:00:00", "title": "Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1301-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4081"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1301-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57302", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1301-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57302);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4330\");\n script_xref(name:\"USN\", value:\"1301-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS : linux-lts-backport-natty vulnerabilities (USN-1301-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A bug was discovered in the XFS filesystem's handling of pathnames. A\nlocal attacker could exploit this to crash the system, leading to a\ndenial of service, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm\nincorrectly handled error conditions. A local attacker could exploit\nthis to cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local\nattacker able to mount ext3 or ext4 file systems could exploit this to\ncrash the system, leading to a denial of service. (CVE-2011-4132)\n\nClement Lecigne discovered a bug in the HFS file system bounds\nchecking. When a malformed HFS file system is mounted a local user\ncould crash the system or gain root privileges. (CVE-2011-4330).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1301-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4330\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1301-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-generic\", pkgver:\"2.6.38-13.53~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-generic-pae\", pkgver:\"2.6.38-13.53~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-server\", pkgver:\"2.6.38-13.53~lucid1\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"linux-image-2.6.38-13-virtual\", pkgver:\"2.6.38-13.53~lucid1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:37:16", "description": "A bug was discovered in the XFS filesystem's handling of pathnames. A\nlocal attacker could exploit this to crash the system, leading to a\ndenial of service, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm\nincorrectly handled error conditions. A local attacker could exploit\nthis to cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local\nattacker able to mount ext3 or ext4 file systems could exploit this to\ncrash the system, leading to a denial of service. (CVE-2011-4132)\n\nClement Lecigne discovered a bug in the HFS file system bounds\nchecking. When a malformed HFS file system is mounted a local user\ncould crash the system or gain root privileges. (CVE-2011-4330).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2011-12-20T00:00:00", "title": "Ubuntu 11.04 : linux vulnerabilities (USN-1312-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4081"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server", "cpe:/o:canonical:ubuntu_linux:11.04", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual"], "id": "UBUNTU_USN-1312-1.NASL", "href": "https://www.tenable.com/plugins/nessus/57343", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1312-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57343);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4330\");\n script_bugtraq_id(50370, 50663, 50750);\n script_xref(name:\"USN\", value:\"1312-1\");\n\n script_name(english:\"Ubuntu 11.04 : linux vulnerabilities (USN-1312-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A bug was discovered in the XFS filesystem's handling of pathnames. A\nlocal attacker could exploit this to crash the system, leading to a\ndenial of service, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm\nincorrectly handled error conditions. A local attacker could exploit\nthis to cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local\nattacker able to mount ext3 or ext4 file systems could exploit this to\ncrash the system, leading to a denial of service. (CVE-2011-4132)\n\nClement Lecigne discovered a bug in the HFS file system bounds\nchecking. When a malformed HFS file system is mounted a local user\ncould crash the system or gain root privileges. (CVE-2011-4330).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1312-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-versatile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-2.6-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2011-4077\", \"CVE-2011-4081\", \"CVE-2011-4132\", \"CVE-2011-4330\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-1312-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-generic\", pkgver:\"2.6.38-13.53\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-generic-pae\", pkgver:\"2.6.38-13.53\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-server\", pkgver:\"2.6.38-13.53\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-versatile\", pkgver:\"2.6.38-13.53\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"linux-image-2.6.38-13-virtual\", pkgver:\"2.6.38-13.53\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-2.6-generic / linux-image-2.6-generic-pae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:28:00", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "**CentOS Errata and Security Advisory** CESA-2012:0350\n\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A buffer overflow flaw was found in the way the Linux kernel's XFS file\nsystem implementation handled links with overly long path names. A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially-crafted disk.\n(CVE-2011-4077, Moderate)\n\n* Flaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081, Moderate)\n\n* A flaw was found in the Linux kernel's Journaling Block Device (JBD). A\nlocal, unprivileged user could use this flaw to crash the system by\nmounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the KVM\n(Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if\nthe user requesting device assignment was privileged or not. A local,\nunprivileged user on the host could assign unused PCI devices, or even\ndevices that were in use and whose resources were not properly claimed by\nthe respective drivers, which could result in the host crashing.\n(CVE-2011-4347, Moderate)\n\n* Two flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed user-space\nmemory. A local, unprivileged user could use these flaws to cause a denial\nof service. (CVE-2011-4594, Moderate)\n\n* The RHSA-2011:1530 kernel update introduced an integer overflow flaw in\nthe Linux kernel. On PowerPC systems, a local, unprivileged user could use\nthis flaw to cause a denial of service. (CVE-2011-4611, Moderate)\n\n* A flaw was found in the way the KVM subsystem of a Linux kernel handled\nPIT (Programmable Interval Timer) IRQs (interrupt requests) when there was\nno virtual interrupt controller set up. A local, unprivileged user on the\nhost could force this situation to occur, resulting in the host crashing.\n(CVE-2011-4622, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially-crafted disk.\n(CVE-2012-0038, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query()\nfunction. An attacker able to send certain IGMP (Internet Group Management\nProtocol) packets to a target system could use this flaw to cause a denial\nof service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Nick Bowler for reporting CVE-2011-4081; Sasha\nLevin for reporting CVE-2011-4347; Tetsuo Handa for reporting\nCVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi for\nreporting CVE-2012-0038; Stephan B\u00e4rwolf for reporting CVE-2012-0045; and\nSimon McVittie for reporting CVE-2012-0207. Upstream acknowledges Mathieu\nDesnoyers as the original reporter of CVE-2011-4594.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-March/030506.html\n\n**Affected packages:**\nkernel\nkernel-debug\nkernel-debug-devel\nkernel-devel\nkernel-doc\nkernel-firmware\nkernel-headers\nperf\npython-perf\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0350.html", "edition": 3, "modified": "2012-03-07T18:09:51", "published": "2012-03-07T18:09:51", "href": "http://lists.centos.org/pipermail/centos-announce/2012-March/030506.html", "id": "CESA-2012:0350", "title": "kernel, perf, python security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:49", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4077", "CVE-2011-4081", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4594", "CVE-2011-4611", "CVE-2011-4622", "CVE-2012-0038", "CVE-2012-0045", "CVE-2012-0207"], "description": "The kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nThis update fixes the following security issues:\n\n* A buffer overflow flaw was found in the way the Linux kernel's XFS file\nsystem implementation handled links with overly long path names. A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially-crafted disk.\n(CVE-2011-4077, Moderate)\n\n* Flaws in ghash_update() and ghash_final() could allow a local,\nunprivileged user to cause a denial of service. (CVE-2011-4081, Moderate)\n\n* A flaw was found in the Linux kernel's Journaling Block Device (JBD). A\nlocal, unprivileged user could use this flaw to crash the system by\nmounting a specially-crafted ext3 or ext4 disk. (CVE-2011-4132, Moderate)\n\n* It was found that the kvm_vm_ioctl_assign_device() function in the KVM\n(Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if\nthe user requesting device assignment was privileged or not. A local,\nunprivileged user on the host could assign unused PCI devices, or even\ndevices that were in use and whose resources were not properly claimed by\nthe respective drivers, which could result in the host crashing.\n(CVE-2011-4347, Moderate)\n\n* Two flaws were found in the way the Linux kernel's __sys_sendmsg()\nfunction, when invoked via the sendmmsg() system call, accessed user-space\nmemory. A local, unprivileged user could use these flaws to cause a denial\nof service. (CVE-2011-4594, Moderate)\n\n* The RHSA-2011:1530 kernel update introduced an integer overflow flaw in\nthe Linux kernel. On PowerPC systems, a local, unprivileged user could use\nthis flaw to cause a denial of service. (CVE-2011-4611, Moderate)\n\n* A flaw was found in the way the KVM subsystem of a Linux kernel handled\nPIT (Programmable Interval Timer) IRQs (interrupt requests) when there was\nno virtual interrupt controller set up. A local, unprivileged user on the\nhost could force this situation to occur, resulting in the host crashing.\n(CVE-2011-4622, Moderate)\n\n* A flaw was found in the way the Linux kernel's XFS file system\nimplementation handled on-disk Access Control Lists (ACLs). A local,\nunprivileged user could use this flaw to cause a denial of service or\nescalate their privileges by mounting a specially-crafted disk.\n(CVE-2012-0038, Moderate)\n\n* A flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045, Moderate)\n\n* A divide-by-zero flaw was found in the Linux kernel's igmp_heard_query()\nfunction. An attacker able to send certain IGMP (Internet Group Management\nProtocol) packets to a target system could use this flaw to cause a denial\nof service. (CVE-2012-0207, Moderate)\n\nRed Hat would like to thank Nick Bowler for reporting CVE-2011-4081; Sasha\nLevin for reporting CVE-2011-4347; Tetsuo Handa for reporting\nCVE-2011-4594; Maynard Johnson for reporting CVE-2011-4611; Wang Xi for\nreporting CVE-2012-0038; Stephan B\u00e4rwolf for reporting CVE-2012-0045; and\nSimon McVittie for reporting CVE-2012-0207. Upstream acknowledges Mathieu\nDesnoyers as the original reporter of CVE-2011-4594.\n\nThis update also fixes several bugs. Documentation for these changes will\nbe available shortly from the Technical Notes document linked to in the\nReferences section.\n\nUsers should upgrade to these updated packages, which contain backported\npatches to correct these issues, and fix the bugs noted in the Technical\nNotes. The system must be rebooted for this update to take effect.\n", "modified": "2018-06-06T20:24:07", "published": "2012-03-06T05:00:00", "id": "RHSA-2012:0350", "href": "https://access.redhat.com/errata/RHSA-2012:0350", "type": "redhat", "title": "(RHSA-2012:0350) Moderate: kernel security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:31", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4077", "CVE-2011-4081", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4594", "CVE-2011-4611", "CVE-2011-4622", "CVE-2012-0038", "CVE-2012-0045", "CVE-2012-0207", "CVE-2012-0444", "CVE-2012-0841"], "description": "The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization\nHypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor\nis a dedicated Kernel-based Virtual Machine (KVM) hypervisor. It includes\neverything necessary to run and manage virtual machines: A subset of the\nRed Hat Enterprise Linux operating environment and the Red Hat Enterprise\nVirtualization Agent.\n\nNote: Red Hat Enterprise Virtualization Hypervisor is only available for\nthe Intel 64 and AMD64 architectures with virtualization extensions.\n\nA flaw was found in the way the Linux kernel's KVM hypervisor\nimplementation emulated the syscall instruction for 32-bit guests. An\nunprivileged guest user could trigger this flaw to crash the guest.\n(CVE-2012-0045)\n\nA divide-by-zero flaw was found in the Linux kernel's igmp_heard_query()\nfunction. An attacker able to send certain IGMP (Internet Group Management\nProtocol) packets to a target system could use this flaw to cause a denial\nof service. (CVE-2012-0207)\n\nRed Hat would like to thank Stephan B\u00e4rwolf for reporting CVE-2012-0045,\nand Simon McVittie for reporting CVE-2012-0207.\n\nThis updated package provides updated components that include fixes for\nvarious security issues. These issues have no security impact on Red Hat\nEnterprise Virtualization Hypervisor itself, however. The security fixes\nincluded in this update address the following CVE numbers:\n\nCVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4347, CVE-2011-4594,\nCVE-2011-4611, CVE-2011-4622 and CVE-2012-0038 (kernel issues)\n\nCVE-2012-0444 (libvorbis issue)\n\nCVE-2012-0841 (libxml2 issue)\n\nThis update also fixes the following bug:\n\n* The rhev-hypervisor5 and rhev-hypervisor6 packages sometimes updated the\nsymbolic links in the /usr/share/rhev-hypervisor/ directory with incorrect\ntargets. The packages have been updated, they now always update the\nsymbolic links with the correct targets. (BZ#784706)\n\nUsers of Red Hat Enterprise Virtualization Hypervisor are advised to\nupgrade to this updated package, which fixes these issues.\n", "modified": "2018-06-07T08:59:39", "published": "2012-03-26T04:00:00", "id": "RHSA-2012:0422", "href": "https://access.redhat.com/errata/RHSA-2012:0422", "type": "redhat", "title": "(RHSA-2012:0422) Moderate: rhev-hypervisor6 security and bug fix update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:35:47", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "**Issue Overview:**\n\nA buffer overflow flaw was found in the way the Linux kernel's XFS file system implementation handled links with overly long path names. A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk. ([CVE-2011-4077 __](<https://access.redhat.com/security/cve/CVE-2011-4077>), Moderate)\n\nFlaws in ghash_update() and ghash_final() could allow a local, unprivileged user to cause a denial of service. ([CVE-2011-4081 __](<https://access.redhat.com/security/cve/CVE-2011-4081>), Moderate)\n\nA flaw was found in the Linux kernel's Journaling Block Device (JBD). A local, unprivileged user could use this flaw to crash the system by mounting a specially-crafted ext3 or ext4 disk. ([CVE-2011-4132 __](<https://access.redhat.com/security/cve/CVE-2011-4132>), Moderate)\n\nIt was found that the kvm_vm_ioctl_assign_device() function in the KVM (Kernel-based Virtual Machine) subsystem of a Linux kernel did not check if the user requesting device assignment was privileged or not. A local, unprivileged user on the host could assign unused PCI devices, or even devices that were in use and whose resources were not properly claimed by the respective drivers, which could result in the host crashing. ([CVE-2011-4347 __](<https://access.redhat.com/security/cve/CVE-2011-4347>), Moderate)\n\nTwo flaws were found in the way the Linux kernel's __sys_sendmsg() function, when invoked via the sendmmsg() system call, accessed user-space memory. A local, unprivileged user could use these flaws to cause a denial of service. ([CVE-2011-4594 __](<https://access.redhat.com/security/cve/CVE-2011-4594>), Moderate)\n\nA previous update introduced an integer overflow flaw in the Linux kernel. On PowerPC systems, a local, unprivileged user could use this flaw to cause a denial of service. ([CVE-2011-4611 __](<https://access.redhat.com/security/cve/CVE-2011-4611>), Moderate)\n\nA flaw was found in the way the KVM subsystem of a Linux kernel handled PIT (Programmable Interval Timer) IRQs (interrupt requests) when there was no virtual interrupt controller set up. A local, unprivileged user on the host could force this situation to occur, resulting in the host crashing. ([CVE-2011-4622 __](<https://access.redhat.com/security/cve/CVE-2011-4622>), Moderate)\n\nA flaw was found in the way the Linux kernel's XFS file system implementation handled on-disk Access Control Lists (ACLs). A local, unprivileged user could use this flaw to cause a denial of service or escalate their privileges by mounting a specially-crafted disk. ([CVE-2012-0038 __](<https://access.redhat.com/security/cve/CVE-2012-0038>), Moderate)\n\nA flaw was found in the way the Linux kernel's KVM hypervisor implementation emulated the syscall instruction for 32-bit guests. An unprivileged guest user could trigger this flaw to crash the guest. ([CVE-2012-0045 __](<https://access.redhat.com/security/cve/CVE-2012-0045>), Moderate)\n\nA divide-by-zero flaw was found in the Linux kernel's igmp_heard_query() function. An attacker able to send certain IGMP (Internet Group Management Protocol) packets to a target system could use this flaw to cause a denial of service. ([CVE-2012-0207 __](<https://access.redhat.com/security/cve/CVE-2012-0207>), Moderate)\n\n \n**Affected Packages:** \n\n\nkernel\n\n \n**Issue Correction:** \nRun _yum update kernel_ to update your system. You will need to reboot your system in order for the new kernel to be running.\n\n \n\n\n**New Packages:**\n \n \n i686: \n kernel-devel-2.6.35.14-107.1.39.amzn1.i686 \n kernel-debuginfo-common-i686-2.6.35.14-107.1.39.amzn1.i686 \n kernel-headers-2.6.35.14-107.1.39.amzn1.i686 \n perf-2.6.35.14-107.1.39.amzn1.i686 \n kernel-2.6.35.14-107.1.39.amzn1.i686 \n kernel-debuginfo-2.6.35.14-107.1.39.amzn1.i686 \n \n noarch: \n kernel-doc-2.6.35.14-107.1.39.amzn1.noarch \n \n src: \n kernel-2.6.35.14-107.1.39.amzn1.src \n \n x86_64: \n kernel-2.6.35.14-107.1.39.amzn1.x86_64 \n kernel-headers-2.6.35.14-107.1.39.amzn1.x86_64 \n kernel-devel-2.6.35.14-107.1.39.amzn1.x86_64 \n kernel-debuginfo-common-x86_64-2.6.35.14-107.1.39.amzn1.x86_64 \n perf-2.6.35.14-107.1.39.amzn1.x86_64 \n kernel-debuginfo-2.6.35.14-107.1.39.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-03-16T10:53:00", "published": "2012-03-16T10:53:00", "id": "ALAS-2012-055", "href": "https://alas.aws.amazon.com/ALAS-2012-55.html", "title": "Medium: kernel", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:23", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4594", "CVE-2011-4132", "CVE-2011-4611", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "[2.6.32-220.7.1.el6]\n- [netdrv] tg3: Fix single-vector MSI-X code (John Feeney) [787162 703555]\n- [mm] export remove_from_page_cache() to modules (Jerome Marchand) [772687 751419]\n- [block] cfq-iosched: fix cfq_cic_link() race confition (Vivek Goyal) [786022 765673]\n- [fs] cifs: lower default wsize when unix extensions are not used (Jeff Layton) [789058 773705]\n- [net] svcrpc: fix double-free on shutdown of nfsd after changing pool mode (J. Bruce Fields) [787580 753030]\n- [net] svcrpc: avoid memory-corruption on pool shutdown (J. Bruce Fields) [787580 753030]\n- [net] svcrpc: destroy server sockets all at once (J. Bruce Fields) [787580 753030]\n- [net] svcrpc: simplify svc_close_all (J. Bruce Fields) [787580 753030]\n- [net] svcrpc: fix list-corrupting race on nfsd shutdown (J. Bruce Fields) [787580 753030]\n- [fs] xfs: Fix missing xfs_iunlock() on error recovery path in xfs_readlink() (Carlos Maiolino) [749161 694702] {CVE-2011-4077}\n- [fs] xfs: Fix memory corruption in xfs_readlink (Carlos Maiolino) [749161 694702] {CVE-2011-4077}\n- [x86] hpet: Disable per-cpu hpet timer if ARAT is supported (Prarit Bhargava) [772884 750201]\n- [x86] Improve TSC calibration using a delayed workqueue (Prarit Bhargava) [772884 750201]\n- [kernel] clocksource: Add clocksource_register_hz/khz interface (Prarit Bhargava) [772884 750201]\n- [kernel] clocksource: Provide a generic mult/shift factor calculation (Prarit Bhargava) [772884 750201]\n- [block] cfq-iosched: fix a kbuild regression (Vivek Goyal) [769208 705698]\n- [block] cfq-iosched: rethink seeky detection for SSDs (Vivek Goyal) [769208 705698]\n- [block] cfq-iosched: rework seeky detection (Vivek Goyal) [769208 705698]\n- [block] cfq-iosched: don't regard requests with long distance as close (Vivek Goyal) [769208 705698]\n[2.6.32-220.6.1.el6]\n- [scsi] qla2xxx: Module parameter to control use of async or sync port login (Chad Dupuis) [788003 769007]\n[2.6.32-220.5.1.el6]\n- [net] igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Jiri Pirko) [772870 772871] {CVE-2012-0207}\n- [fs] xfs: validate acl count (Eric Sandeen) [773282 773283] {CVE-2012-0038}\n- [fs] Fix sendfile write-side file position (Steven Whitehouse) [771870 770023]\n- [virt] kvm: x86: fix missing checks in syscall emulation (Marcelo Tosatti) [773390 773391] {CVE-2012-0045}\n- [virt] kvm: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Marcelo Tosatti) [773390 773391] {CVE-2012-0045}\n- [fs] nfs: when attempting to open a directory, fall back on normal lookup (Jeff Layton) [771981 755380]\n- [kernel] crypto: ghash - Avoid null pointer dereference if no key is set (Jiri Benc) [749481 749482] {CVE-2011-4081}\n- [fs] jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) [753344 693981] {CVE-2011-4132}\n- [net] fix unsafe pointer access in sendmmsg (Jiri Benc) [761668 760798] {CVE-2011-4594}\n- [scsi] increase qla2xxx firmware ready time-out (Mark Goodwin) [781971 731917]\n- [perf] powerpc: Handle events that raise an exception without overflowing (Steve Best) [767917 755737] {CVE-2011-4611}\n- [sched] x86: Avoid unnecessary overflow in sched_clock (Prarit Bhargava) [781974 765720]\n- [virt] x86: Prevent starting PIT timers in the absence of irqchip support (Marcelo Tosatti) [769634 769550] {CVE-2011-4622}\n- [virt] vmxnet3: revert hw features change (Neil Horman) [761536 759613]\n- [netdrv] qlge: fix size of external list for TX address descriptors (Steve Best) [783226 772237]\n- [netdrv] e1000e: Avoid wrong check on TX hang (Dean Nelson) [768916 751087]\n- [virt] KVM: Device assignment permission checks (Alex Williamson) [756092 756093] {CVE-2011-4347}\n- [virt] KVM: Remove ability to assign a device without iommu support (Alex Williamson) [756092 756093] {CVE-2011-4347}\n- [virt] kvm: device-assignment: revert Disable the option to skip iommu setup (Alex Williamson) [756092 756093] {CVE-2011-4347}", "edition": 4, "modified": "2012-03-06T00:00:00", "published": "2012-03-06T00:00:00", "id": "ELSA-2012-0350", "href": "http://linux.oracle.com/errata/ELSA-2012-0350.html", "title": "kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:37:01", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4132", "CVE-2012-0207", "CVE-2011-4077", "CVE-2011-4347", "CVE-2011-4622", "CVE-2011-4081", "CVE-2012-0045", "CVE-2012-0038"], "description": "[2.6.32-300.11.1.el6uek]\n- [fs] xfs: Fix possible memory corruption in xfs_readlink (Carlos Maiolino) {CVE-2011-4077}\n- [scsi] increase qla2xxx firmware ready time-out (Joe Jin)\n- [scsi] qla2xxx: Module parameter to control use of async or sync port login (Joe Jin)\n- [net] tg3: Fix single-vector MSI-X code (Joe Jin)\n- [net] qlge: fix size of external list for TX address descriptors (Joe Jin)\n- [net] e1000e: Avoid wrong check on TX hang (Joe Jin)\n- crypto: ghash - Avoid null pointer dereference if no key is set (Nick Bowler) {CVE-2011-4081}\n- jbd/jbd2: validate sb->s_first in journal_get_superblock() (Eryu Guan) {CVE-2011-4132}\n- KVM: Device assignment permission checks (Joe Jin) {CVE-2011-4347}\n- KVM: x86: Prevent starting PIT timers in the absence of irqchip support (Jan Kiszka) {CVE-2011-4622}\n- xfs: validate acl count (Joe Jin) {CVE-2012-0038}\n- KVM: x86: fix missing checks in syscall emulation (Joe Jin) {CVE-2012-0045}\n- KVM: x86: extend 'struct x86_emulate_ops' with 'get_cpuid' (Joe Jin) {CVE-2012-0045}\n- igmp: Avoid zero delay when receiving odd mixture of IGMP queries (Ben Hutchings) {CVE-2012-0207}\n- ipv4: correct IGMP behavior on v3 query during v2-compatibility mode (David Stevens)\n- fuse: fix fuse request unique id (Srinivas Eeda) [orabug 13816349]\n[2.6.32-300.10.1.el6uek]\n- net: remove extra register in ip_gre (Guru Anbalagane) [Orabug: 13633287]\n[2.6.32-300.9.1.el6uek]\n- [netdrv] fnic: return zero on fnic_reset() success (Joe Jin)\n- [e1000e] Add entropy generation back for network interrupts (John Sobecki)\n- [nfs4] LINUX CLIENT TREATS NFS4ERR_GRACE AS A PERMANENT ERROR [orabug 13476821] (John Sobecki)\n- [nfs] NFS CLIENT CONNECTS TO SERVER THEN DISCONNECTS [orabug 13516759] (John Sobecki)\n- [sunrpc] Add patch for a mount crash in __rpc_create_common [orabug 13322773] (John Sobecki)\n[2.6.32-300.8.1.el6uek]\n- SPEC: fix dependency on firmware/mkinitrd (Guru Anbalagane) [orabug 13637902]\n- xfs: fix acl count validation in xfs_acl_from_disk() (Dan Carpenter)\n- [SCSI] scsi_dh: check queuedata pointer before proceeding further (Moger Babu)\n [orabug 13615419]", "edition": 4, "modified": "2012-03-07T00:00:00", "published": "2012-03-07T00:00:00", "id": "ELSA-2012-2003", "href": "http://linux.oracle.com/errata/ELSA-2012-2003.html", "title": "Unbreakable Enterprise kernel security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "cve": [{"lastseen": "2020-12-09T19:39:12", "description": "The __sys_sendmsg function in net/socket.c in the Linux kernel before 3.1 allows local users to cause a denial of service (system crash) via crafted use of the sendmmsg system call, leading to an incorrect pointer dereference.", "edition": 7, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2012-05-17T11:00:00", "title": "CVE-2011-4594", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4594"], "modified": "2020-07-29T17:34:00", "cpe": [], "id": "CVE-2011-4594", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4594", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2020-12-09T19:39:12", "description": "Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events.", "edition": 7, "cvss3": {}, "published": "2012-05-17T11:00:00", "title": "CVE-2011-4611", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4611"], "modified": "2020-07-28T13:44:00", "cpe": [], "id": "CVE-2011-4611", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4611", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2020-10-03T11:39:34", "description": "The create_pit_timer function in arch/x86/kvm/i8254.c in KVM 83, and possibly other versions, does not properly handle when Programmable Interval Timer (PIT) interrupt requests (IRQs) when a virtual interrupt controller (irqchip) is not available, which allows local users to cause a denial of service (NULL pointer dereference) by starting a timer.", "edition": 3, "cvss3": {}, "published": "2012-01-27T15:55:00", "title": "CVE-2011-4622", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4622"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/a:redhat:kvm:83"], "id": "CVE-2011-4622", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4622", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:redhat:kvm:83:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:39:33", "description": "The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an \"invalid log first block value.\"", "edition": 3, "cvss3": {}, "published": "2012-01-27T15:55:00", "title": "CVE-2011-4132", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4132"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6", "cpe:/o:suse:linux_enterprise_server:10"], "id": "CVE-2011-4132", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4132", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:2.6:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:12", "description": "The kvm_vm_ioctl_assign_device function in virt/kvm/assigned-dev.c in the KVM subsystem in the Linux kernel before 3.1.10 does not verify permission to access PCI configuration space and BAR resources, which allows host OS users to assign PCI devices and cause a denial of service (host OS crash) via a KVM_ASSIGN_PCI_DEVICE operation.", "edition": 5, "cvss3": {}, "published": "2013-06-08T13:05:00", "title": "CVE-2011-4347", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4347"], "modified": "2013-06-10T17:30:00", "cpe": ["cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.1.2"], "id": "CVE-2011-4347", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4347", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:11", "description": "crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash_final function call, as demonstrated by a write operation on an AF_ALG socket.", "edition": 7, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2012-05-24T23:55:00", "title": "CVE-2011-4081", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4081"], "modified": "2020-07-29T15:34:00", "cpe": [], "id": "CVE-2011-4081", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4081", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2020-10-03T11:39:33", "description": "Buffer overflow in the xfs_readlink function in fs/xfs/xfs_vnodeops.c in XFS in the Linux kernel 2.6, when CONFIG_XFS_DEBUG is disabled, allows local users to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via an XFS image containing a symbolic link with a long pathname.", "edition": 3, "cvss3": {}, "published": "2012-01-27T15:55:00", "title": "CVE-2011-4077", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4077"], "modified": "2016-08-23T02:04:00", "cpe": ["cpe:/o:linux:linux_kernel:2.6.0"], "id": "CVE-2011-4077", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4077", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:2.6.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:15", "description": "Integer overflow in the xfs_acl_from_disk function in fs/xfs/xfs_acl.c in the Linux kernel before 3.1.9 allows local users to cause a denial of service (panic) via a filesystem with a malformed ACL, leading to a heap-based buffer overflow.", "edition": 8, "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2012-05-17T11:00:00", "title": "CVE-2012-0038", "type": "cve", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0038"], "modified": "2020-07-29T15:24:00", "cpe": [], "id": "CVE-2012-0038", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0038", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": []}, {"lastseen": "2020-12-09T19:47:15", "description": "The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.", "edition": 5, "cvss3": {}, "published": "2012-07-03T16:40:00", "title": "CVE-2012-0045", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.7, "vectorString": "AV:L/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0045"], "modified": "2017-12-29T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.2.10"], "id": "CVE-2012-0045", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0045", "cvss": {"score": 4.7, "vector": "AV:L/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:47:15", "description": "The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.", "edition": 8, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2012-05-17T11:00:00", "title": "CVE-2012-0207", "type": "cve", "cwe": ["CWE-369"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0207"], "modified": "2020-07-30T19:39:00", "cpe": ["cpe:/o:redhat:enterprise_linux_eus:5.6"], "id": "CVE-2012-0207", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0207", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_eus:5.6:*:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-01-15T20:11:36", "published": "2012-01-15T20:11:36", "id": "FEDORA:B44F320DBE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.1.9-1.fc16", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-01-15T20:00:43", "published": "2012-01-15T20:00:43", "id": "FEDORA:0413620BDE", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.1.8-2.fc16", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-01-24T07:57:29", "published": "2012-01-24T07:57:29", "id": "FEDORA:E342B20FDA", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.2.1-3.fc16", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-02-10T22:00:18", "published": "2012-02-10T22:00:18", "id": "FEDORA:79974217D9", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.2.5-3.fc16", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-06T19:30:15", "published": "2012-03-06T19:30:15", "id": "FEDORA:95DEA218E7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.2.9-1.fc16", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1083", "CVE-2011-1161", "CVE-2011-1162", "CVE-2011-2905", "CVE-2011-3191", "CVE-2011-3347", "CVE-2011-4077", "CVE-2011-4097", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-01-15T19:59:13", "published": "2012-01-15T19:59:13", "id": "FEDORA:2F91620B3E", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: kernel-2.6.41.9-1.fc15", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4086", "CVE-2011-4127", "CVE-2011-4131", "CVE-2011-4132", "CVE-2011-4347", "CVE-2011-4622", "CVE-2012-0045", "CVE-2012-0056", "CVE-2012-1090", "CVE-2012-1097"], "description": "The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. ", "modified": "2012-03-10T21:50:48", "published": "2012-03-10T21:50:48", "id": "FEDORA:79F1D2100D", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: kernel-3.2.9-2.fc16", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2020-07-09T00:33:48", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4081"], "description": "A bug was discovered in the XFS filesystem's handling of pathnames. A local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm \nincorrectly handled error conditions. A local attacker could exploit this \nto cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local attacker \nable to mount ext3 or ext4 file systems could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2011-4132)\n\nClement Lecigne discovered a bug in the HFS file system bounds checking. \nWhen a malformed HFS file system is mounted a local user could crash the \nsystem or gain root privileges. (CVE-2011-4330)", "edition": 5, "modified": "2011-12-19T00:00:00", "published": "2011-12-19T00:00:00", "id": "USN-1312-1", "href": "https://ubuntu.com/security/notices/USN-1312-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:38:52", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4081"], "description": "A bug was discovered in the XFS filesystem's handling of pathnames. A local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm \nincorrectly handled error conditions. A local attacker could exploit this \nto cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local attacker \nable to mount ext3 or ext4 file systems could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2011-4132)\n\nClement Lecigne discovered a bug in the HFS file system bounds checking. \nWhen a malformed HFS file system is mounted a local user could crash the \nsystem or gain root privileges. (CVE-2011-4330)", "edition": 5, "modified": "2011-12-13T00:00:00", "published": "2011-12-13T00:00:00", "id": "USN-1301-1", "href": "https://ubuntu.com/security/notices/USN-1301-1", "title": "Linux kernel (Natty backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:30:27", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0055", "CVE-2012-0207", "CVE-2011-4097", "CVE-2011-4622", "CVE-2012-0038"], "description": "A bug was discovered in the Linux kernel's calculation of OOM (Out of \nmemory) scores, that would result in the wrong process being killed. A user \ncould use this to kill the process with the highest OOM score, even if that \nprocess belongs to another user or the system. (CVE-2011-4097)\n\nA flaw was found in KVM's Programmable Interval Timer (PIT). When a virtual \ninterrupt control is not available a local user could use this to cause a \ndenial of service by starting a timer. (CVE-2011-4622)\n\nA flaw was discovered in the XFS filesystem. If a local user mounts a \nspecially crafted XFS image it could potential execute arbitrary code on \nthe system. (CVE-2012-0038)\n\nAndy Whitcroft discovered a that the Overlayfs filesystem was not doing the \nextended permission checks needed by cgroups and Linux Security Modules \n(LSMs). A local user could exploit this to by-pass security policy and \naccess files that should not be accessible. (CVE-2012-0055)\n\nA flaw was found in the linux kernels IPv4 IGMP query processing. A remote \nattacker could exploit this to cause a denial of service. (CVE-2012-0207)", "edition": 5, "modified": "2012-02-13T00:00:00", "published": "2012-02-13T00:00:00", "id": "USN-1363-1", "href": "https://ubuntu.com/security/notices/USN-1363-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-09T00:31:18", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4326", "CVE-2011-4081"], "description": "A bug was discovered in the XFS filesystem's handling of pathnames. A local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm \nincorrectly handled error conditions. A local attacker could exploit this \nto cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local attacker \nable to mount ext3 or ext4 file systems could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2011-4132)\n\nA bug was found in the way headroom check was performed in \nudp6_ufo_fragment() function. A remote attacker could use this flaw to \ncrash the system. (CVE-2011-4326)\n\nClement Lecigne discovered a bug in the HFS file system bounds checking. \nWhen a malformed HFS file system is mounted a local user could crash the \nsystem or gain root privileges. (CVE-2011-4330)", "edition": 5, "modified": "2011-12-13T00:00:00", "published": "2011-12-13T00:00:00", "id": "USN-1302-1", "href": "https://ubuntu.com/security/notices/USN-1302-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-08T23:40:36", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4326", "CVE-2011-4081"], "description": "A bug was discovered in the XFS filesystem's handling of pathnames. A local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm \nincorrectly handled error conditions. A local attacker could exploit this \nto cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local attacker \nable to mount ext3 or ext4 file systems could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2011-4132)\n\nA bug was found in the way headroom check was performed in \nudp6_ufo_fragment() function. A remote attacker could use this flaw to \ncrash the system. (CVE-2011-4326)\n\nClement Lecigne discovered a bug in the HFS file system bounds checking. \nWhen a malformed HFS file system is mounted a local user could crash the \nsystem or gain root privileges. (CVE-2011-4330)", "edition": 5, "modified": "2011-12-08T00:00:00", "published": "2011-12-08T00:00:00", "id": "USN-1293-1", "href": "https://ubuntu.com/security/notices/USN-1293-1", "title": "Linux kernel vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:23:59", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4326", "CVE-2011-4081"], "description": "A bug was discovered in the XFS filesystem's handling of pathnames. A local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm \nincorrectly handled error conditions. A local attacker could exploit this \nto cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local attacker \nable to mount ext3 or ext4 file systems could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2011-4132)\n\nA bug was found in the way headroom check was performed in \nudp6_ufo_fragment() function. A remote attacker could use this flaw to \ncrash the system. (CVE-2011-4326)\n\nClement Lecigne discovered a bug in the HFS file system bounds checking. \nWhen a malformed HFS file system is mounted a local user could crash the \nsystem or gain root privileges. (CVE-2011-4330)", "edition": 5, "modified": "2011-12-08T00:00:00", "published": "2011-12-08T00:00:00", "id": "USN-1292-1", "href": "https://ubuntu.com/security/notices/USN-1292-1", "title": "Linux kernel (Maverick backport) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:30:26", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1162", "CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4326", "CVE-2011-4081"], "description": "Peter Huewe discovered an information leak in the handling of reading \nsecurity-related TPM data. A local, unprivileged user could read the \nresults of a previous TPM command. (CVE-2011-1162)\n\nA bug was discovered in the XFS filesystem's handling of pathnames. A local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm \nincorrectly handled error conditions. A local attacker could exploit this \nto cause a kernel oops. (CVE-2011-4081)\n\nA flaw was found in the Journaling Block Device (JBD). A local attacker \nable to mount ext3 or ext4 file systems could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2011-4132)\n\nA bug was found in the way headroom check was performed in \nudp6_ufo_fragment() function. A remote attacker could use this flaw to \ncrash the system. (CVE-2011-4326)\n\nClement Lecigne discovered a bug in the HFS file system bounds checking. \nWhen a malformed HFS file system is mounted a local user could crash the \nsystem or gain root privileges. (CVE-2011-4330)", "edition": 5, "modified": "2011-12-13T00:00:00", "published": "2011-12-13T00:00:00", "id": "USN-1303-1", "href": "https://ubuntu.com/security/notices/USN-1303-1", "title": "Linux kernel (Marvell DOVE) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-07-09T00:24:00", "bulletinFamily": "unix", "cvelist": ["CVE-2011-4087", "CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4326", "CVE-2011-4081"], "description": "A bug was discovered in the XFS filesystem's handling of pathnames. A local \nattacker could exploit this to crash the system, leading to a denial of \nservice, or gain root privileges. (CVE-2011-4077)\n\nNick Bowler discovered the kernel GHASH message digest algorithm \nincorrectly handled error conditions. A local attacker could exploit this \nto cause a kernel oops. (CVE-2011-4081)\n\nScot Doyle discovered that the bridge networking interface incorrectly \nhandled certain network packets. A remote attacker could exploit this to \ncrash the system, leading to a denial of service. (CVE-2011-4087)\n\nA flaw was found in the Journaling Block Device (JBD). A local attacker \nable to mount ext3 or ext4 file systems could exploit this to crash the \nsystem, leading to a denial of service. (CVE-2011-4132)\n\nA bug was found in the way headroom check was performed in \nudp6_ufo_fragment() function. A remote attacker could use this flaw to \ncrash the system. (CVE-2011-4326)\n\nClement Lecigne discovered a bug in the HFS file system bounds checking. \nWhen a malformed HFS file system is mounted a local user could crash the \nsystem or gain root privileges. (CVE-2011-4330)", "edition": 5, "modified": "2011-12-13T00:00:00", "published": "2011-12-13T00:00:00", "id": "USN-1304-1", "href": "https://ubuntu.com/security/notices/USN-1304-1", "title": "Linux kernel (OMAP4) vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:43", "bulletinFamily": "software", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4326", "CVE-2011-4081"], "description": "==========================================================================\r\nUbuntu Security Notice USN-1293-1\r\nDecember 08, 2011\r\n\r\nlinux vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 10.10\r\n\r\nSummary:\r\n\r\nSeveral security issues were fixed in the kernel.\r\n\r\nSoftware Description:\r\n- linux: Linux kernel\r\n\r\nDetails:\r\n\r\nA bug was discovered in the XFS filesystem's handling of pathnames. A local\r\nattacker could exploit this to crash the system, leading to a denial of\r\nservice, or gain root privileges. (CVE-2011-4077)\r\n\r\nNick Bowler discovered the kernel GHASH message digest algorithm\r\nincorrectly handled error conditions. A local attacker could exploit this\r\nto cause a kernel oops. (CVE-2011-4081)\r\n\r\nA flaw was found in the Journaling Block Device (JBD). A local attacker\r\nable to mount ext3 or ext4 file systems could exploit this to crash the\r\nsystem, leading to a denial of service. (CVE-2011-4132)\r\n\r\nA bug was found in the way headroom check was performed in\r\nudp6_ufo_fragment() function. A remote attacker could use this flaw to\r\ncrash the system. (CVE-2011-4326)\r\n\r\nClement Lecigne discovered a bug in the HFS file system bounds checking.\r\nWhen a malformed HFS file system is mounted a local user could crash the\r\nsystem or gain root privileges. (CVE-2011-4330)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 10.10:\r\n linux-image-2.6.35-31-generic 2.6.35-31.63\r\n linux-image-2.6.35-31-generic-pae 2.6.35-31.63\r\n linux-image-2.6.35-31-omap 2.6.35-31.63\r\n linux-image-2.6.35-31-powerpc 2.6.35-31.63\r\n linux-image-2.6.35-31-powerpc-smp 2.6.35-31.63\r\n linux-image-2.6.35-31-powerpc64-smp 2.6.35-31.63\r\n linux-image-2.6.35-31-server 2.6.35-31.63\r\n linux-image-2.6.35-31-versatile 2.6.35-31.63\r\n linux-image-2.6.35-31-virtual 2.6.35-31.63\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-1293-1\r\n CVE-2011-4077, CVE-2011-4081, CVE-2011-4132, CVE-2011-4326,\r\n CVE-2011-4330\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/linux/2.6.35-31.63\r\n", "edition": 1, "modified": "2011-12-12T00:00:00", "published": "2011-12-12T00:00:00", "id": "SECURITYVULNS:DOC:27432", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27432", "title": "[USN-1293-1] Linux kernel vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:45", "bulletinFamily": "software", "cvelist": ["CVE-2011-4132", "CVE-2011-4330", "CVE-2011-4077", "CVE-2011-4326", "CVE-2011-4081"], "description": "Multiple vulnerabilities in file systems implementations.", "edition": 1, "modified": "2011-12-12T00:00:00", "published": "2011-12-12T00:00:00", "id": "SECURITYVULNS:VULN:12086", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12086", "title": "Linux kernel multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
