Lucene search

K

Mageia: Security Advisory (MGASA-2013-0213)

🗓️ 28 Jan 2022 00:00:00Reported by Copyright (C) 2022 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 9 Views

Security Advisory for Mageia Linu

Show more
Related
Refs
Code
ReporterTitlePublishedViews
Family
OpenVAS
Mageia: Security Advisory (MGASA-2013-0204)
28 Jan 202200:00
openvas
OpenVAS
Mageia: Security Advisory (MGASA-2013-0209)
28 Jan 202200:00
openvas
OpenVAS
Mageia: Security Advisory (MGASA-2013-0211)
28 Jan 202200:00
openvas
OpenVAS
Mageia: Security Advisory (MGASA-2013-0212)
28 Jan 202200:00
openvas
OpenVAS
Mageia: Security Advisory (MGASA-2013-0203)
28 Jan 202200:00
openvas
OpenVAS
Mageia: Security Advisory (MGASA-2013-0215)
28 Jan 202200:00
openvas
OpenVAS
Mageia: Security Advisory (MGASA-2013-0210)
28 Jan 202200:00
openvas
OpenVAS
Mageia: Security Advisory (MGASA-2013-0214)
28 Jan 202200:00
openvas
OpenVAS
Ubuntu: Security Advisory (USN-1912-1)
8 Aug 201300:00
openvas
OpenVAS
Ubuntu Update for linux USN-1912-1
8 Aug 201300:00
openvas
Rows per page
# SPDX-FileCopyrightText: 2022 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.1.10.2013.0213");
  script_cve_id("CVE-2013-0231", "CVE-2013-2232", "CVE-2013-2234", "CVE-2013-2237", "CVE-2013-2850", "CVE-2013-2852");
  script_tag(name:"creation_date", value:"2022-01-28 10:58:44 +0000 (Fri, 28 Jan 2022)");
  script_version("2024-02-01T14:37:12+0000");
  script_tag(name:"last_modification", value:"2024-02-01 14:37:12 +0000 (Thu, 01 Feb 2024)");
  script_tag(name:"cvss_base", value:"7.9");
  script_tag(name:"cvss_base_vector", value:"AV:A/AC:M/Au:N/C:C/I:C/A:C");

  script_name("Mageia: Security Advisory (MGASA-2013-0213)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2022 Greenbone AG");
  script_family("Mageia Linux Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/mageia_linux", "ssh/login/release", re:"ssh/login/release=MAGEIA3");

  script_xref(name:"Advisory-ID", value:"MGASA-2013-0213");
  script_xref(name:"URL", value:"https://advisories.mageia.org/MGASA-2013-0213.html");
  script_xref(name:"URL", value:"http://kernel.ubuntu.com/git?p=ubuntu/linux.git;h=refs/heads/linux-3.8.y;a=shortlog");
  script_xref(name:"URL", value:"https://bugs.mageia.org/show_bug.cgi?id=10696");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'kernel-tmb' package(s) announced via the MGASA-2013-0213 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"This kernel-tmb update provides the extended stable 3.8.13.4 kernel and
fixes the following security issues:

The pciback_enable_msi function in the PCI backend driver
(drivers/xen/pciback/conf_space_capability_msi.c) in Xen for the Linux
kernel 2.6.18 and 3.8 allows guest OS users with PCI device access to
cause a denial of service via a large number of kernel log messages.
(CVE-2013-0231 / XSA-43)

ipv6: ip6_sk_dst_check() must not assume ipv6 dst
It's possible to use AF_INET6 sockets and to connect to an IPv4
destination. After this, socket dst cache is a pointer to a rtable,
not rt6_info. This bug can be exploited by local non-root users
to trigger various corruptions/crashes (CVE-2013-2232)

af_key: fix info leaks in notify messages
key_notify_sa_flush() and key_notify_policy_flush() miss to
initialize the sadb_msg_reserved member of the broadcasted message
and thereby leak 2 bytes of heap memory to listeners (CVE-2013-2234)

af_key: initialize satype in key_notify_policy_flush()
key_notify_policy_flush() miss to nitialize the sadb_msg_satype member
of the broadcasted message and thereby leak heap memory to listeners
(CVE-2013-2237)

Heap-based buffer overflow in the iscsi_add_notunderstood_response function
in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target
subsystem in the Linux kernel through 3.9.4 allows remote attackers to
cause a denial of service (memory corruption and OOPS) or possibly execute
arbitrary code via a long key that is not properly handled during
construction of an error-response packet.
A reproduction case requires patching open-iscsi to send overly large
keys. Performing discovery in a loop will Oops the remote server.
(CVE-2013-2850)

Format string vulnerability in the b43_request_firmware function in
drivers/net/wireless/b43/main.c in the Broadcom B43 wireless driver in
the Linux kernel through 3.9.4 allows local users to gain privileges by
leveraging root access and including format string specifiers in an
fwpostfix modprobe parameter, leading to improper construction of an
error message. (CVE-2013-2852)

Other fixes:
- Fix up alx AR8161 breakage (mga #10079)
- bcma: add support for BCM43142 (mga#9378, mga#10611)
- net/tg3: Avoid delay during MMIO access
- iommu/vt-d: add quirk for broken interrupt remapping on 55XX chipsets
- rtlwifi: rtl8723ae: Fix typo in firmware names
- rtlwifi: rtl8192cu: Fix problem in connecting to WEP or WPA(1) networks
- md/raid10: fix two bugs affecting RAID10 reshape
- crypto: algboss - Hold ref count on larval
- perf: Disable monitoring on setuid processes for regular users
- netfilter: nf_conntrack_ipv6: Plug sk_buff leak in fragment handling
- enable X86_X2APIC, X86_REROUTE_FOR_BROKEN_BOOT_IRQS, FHANDLE
- disable COMPAT_VDSO (not needed since glibc-2.3.3)

For other fixes in the extended stable update, see the referenced shortlog");

  script_tag(name:"affected", value:"'kernel-tmb' package(s) on Mageia 3.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "MAGEIA3") {

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb", rpm:"kernel-tmb~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-desktop-3.8.13.4-1.mga3", rpm:"kernel-tmb-desktop-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-desktop-devel-3.8.13.4-1.mga3", rpm:"kernel-tmb-desktop-devel-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-desktop-devel-latest", rpm:"kernel-tmb-desktop-devel-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-desktop-latest", rpm:"kernel-tmb-desktop-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-desktop586-3.8.13.4-1.mga3", rpm:"kernel-tmb-desktop586-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-desktop586-devel-3.8.13.4-1.mga3", rpm:"kernel-tmb-desktop586-devel-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-desktop586-devel-latest", rpm:"kernel-tmb-desktop586-devel-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-desktop586-latest", rpm:"kernel-tmb-desktop586-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-laptop-3.8.13.4-1.mga3", rpm:"kernel-tmb-laptop-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-laptop-devel-3.8.13.4-1.mga3", rpm:"kernel-tmb-laptop-devel-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-laptop-devel-latest", rpm:"kernel-tmb-laptop-devel-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-laptop-latest", rpm:"kernel-tmb-laptop-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-server-3.8.13.4-1.mga3", rpm:"kernel-tmb-server-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-server-devel-3.8.13.4-1.mga3", rpm:"kernel-tmb-server-devel-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-server-devel-latest", rpm:"kernel-tmb-server-devel-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-server-latest", rpm:"kernel-tmb-server-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-source-3.8.13.4-1.mga3", rpm:"kernel-tmb-source-3.8.13.4-1.mga3~1~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(!isnull(res = isrpmvuln(pkg:"kernel-tmb-source-latest", rpm:"kernel-tmb-source-latest~3.8.13.4~1.mga3", rls:"MAGEIA3"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo